moonming commented on code in PR #12276:
URL: https://github.com/apache/apisix/pull/12276#discussion_r2122496964
##########
apisix/cli/ngx_tpl.lua:
##########
@@ -646,6 +646,21 @@ http {
apisix.http_admin()
}
}
+
+ {% if enable_admin_ui then %}
+ location = /ui {
+ return 301 /ui/;
+ }
+ location ^~ /ui/ {
Review Comment:
There are no IP or permission restrictions, which may cause security issues
##########
conf/config.yaml.example:
##########
@@ -674,6 +674,7 @@ deployment: # Deployment configurations
# role: viewer
enable_admin_cors: true # Enable Admin API CORS response header
`Access-Control-Allow-Origin`.
+ enable_admin_ui: true # Enable embedded APISIX Dashboard UI.
Review Comment:
if the role of APISIX is data plane, will `enable_admin_ui` be false
automatically? Or we can set `enable_admin_ui` to false by default.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
