You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Wildcard zone (name: "*") so a single token can operate across all zones with record type, operation and subdomain filters still enforced (e.g. ACME DNS01 challenges)
Multi zone shorthand (names: [...]) to apply one policy to a list of specific zones without repeating the rules for each
Timing safe token comparison using hmac.compare_digest instead of == in proxy/auth.py
Config example and README updated: replaced confusing localhost placeholder (for docker usage), added examples for all three zone variants (single, multi, wildcard), fixed incorrect subdomain filter comment (^app\. doesn't match nested subdomains), documented names and * in the zone policy options table
new wildcard policy tests and new config expansion tests (names, mixed, validation error)
Info
Release Candidate: #3
Current state: Testing phase
Notes
name: "*") so a single token can operate across all zones with record type, operation and subdomain filters still enforced (e.g. ACME DNS01 challenges)names: [...]) to apply one policy to a list of specific zones without repeating the rules for eachhmac.compare_digest insteadof==inproxy/auth.py^app\.doesn't match nested subdomains), documentednamesand*in the zone policy options table