Hardening your environment

asi-core

Trusted proxies

ASI's core module makes use of a proxy service internally to provide the various portions of the ASI ecosystem. As part of this we also use x-forwarded-for headers to delegate information in places. Out the box we set .spring.cloud.gateway.trusted-proxies to be .* to allow all by default. But we recommend that you tighten in your environment. The value accepts a regular expression, and should contain entries that leading proxies will advertise themselves as within forwarded or X-Forwarded headers.