Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [cf-dev] Request/Response matching short term concern 
> That sounds good.
> I think at long term we should be strict and add the remote address back into
> KeyToken. For the 1.0.0 release, I'm ok if we just use the token.
> As you said, this is not a secure use case anyway :).

Okay, unless someone has a strong opinion, I will go with the strict mode in the release. After some thinking, I see it like this: Token-only matching is experimental to enable observe with changing addresses. People who use that should enable it explicitly for their product or they are fine with the snapshot version anyway (for which we want to enable such a "flexible mode").

Back to the top