Elgato_dark/filebrowser
1
0
Fork 0
mirror of https://github.com/filebrowser/filebrowser synced 2026-04-21 13:27:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

docs: add notice on proxy

Browse source
This commit is contained in:
Henrique Dias 2026-03-12 07:59:20 +01:00 committed by GitHub
parent ef2e9992dc
commit be8ba18937
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
www/docs/authentication.md
View file

@ -38,7 +38,7 @@ Where `X-My-Header` is the HTTP header provided by your proxy with the username.
> [!WARNING]
>
> File Browser will blindly trust the provided header. If the proxy can be bypassed, an attacker could simply attach the header and get admin access.
> File Browser will blindly trust the provided header. If the proxy can be bypassed, an attacker could simply attach the header and get admin access. Please ensure that File Browser is not accessible from untrusted networks, and that the proxy is correctly configured to strip/overwrite the header from client requests.
## Hook Authentication