Add allowlist for more inclusive nomenclature #509
Conversation
Signed-off-by: Naarcha-AWS <[email protected]>
| @@ -56,7 +56,7 @@ opensearch_security.multitenancy.enable_filter: false | |||
|
|
|||
| Setting | Description | |||
| :--- | :--- | |||
| `opensearch.requestHeadersWhitelist` | OpenSearch Dashboards requires that you whitelist all HTTP headers that it passes to OpenSearch. Multi-tenancy uses a specific header, `securitytenant`, that must be present with the standard `Authorization` header. If the `securitytenant` header is not whitelisted, OpenSearch Dashboards starts with a red status. | |||
| `opensearch.requestHeadersallowlist` | OpenSearch Dashboards requires that you allowlist all HTTP headers that it passes to OpenSearch. Multi-tenancy uses a specific header, `securitytenant`, that must be present with the standard `Authorization` header. If the `securitytenant` header is not allowlisted, OpenSearch Dashboards starts with a red status. | |||
There was a problem hiding this comment.
According to the style guide, I think we want to avoid using allow list as a verb, and that it should be two words.
There was a problem hiding this comment.
I noticed the style guide separates it for noun usage, but wiktionary still shows "allowlist" as a verb.
There was a problem hiding this comment.
Switched to "If the securitytenant header is not on the allowlist, OpenSearch Dashboards starts with a red status."
There was a problem hiding this comment.
Switched to "If the securitytenant header is not on the allowlist, OpenSearch Dashboards starts with a red status."
|
LGTM |
Signed-off-by: Naarcha-AWS <[email protected]>
Signed-off-by: Naarcha-AWS <[email protected]>
There was a problem hiding this comment.
Having reviewed the AWS, Microsoft, and Google style guides, my thinking is that we should use "allow list" (two words) as a noun, per the AWS Style Guide (both Google and Microsoft use "allowlist," but we should probably align with the AWS Style Guide). With regard to using the term as a verb, Google explicitly prohibits this, and neither Microsoft nor AWS appear to provide specific guidance, so I think that we should avoid using the term as a verb and should instead rephrase relevant sentences.
Signed-off-by: Naarcha-AWS <[email protected]>
Signed-off-by: Naarcha-AWS <[email protected]>
Signed-off-by: Naarcha-AWS <[email protected]>
Signed-off-by: Naarcha-AWS [email protected]
Description
Replace whitelist with allowlist. Will add note about the reindex endpoint in the PR for #473 .
Issues Resolved
Fixes #449
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.