"Fossies" - the Fresh Open Source Software Archive

Member "pdns-auth-4.2.0/pdns/dnsdistdist/docs/guides/webserver.rst" (27 Aug 2019, 20839 Bytes) of package /linux/misc/dns/pdns-auth-4.2.0.tar.gz:

As a special service "Fossies" has tried to format the requested source page into HTML format (assuming markdown format). Alternatively you can here view or download the uninterpreted source code file. A member file download can also be achieved by clicking within a package contents listing on the according byte size field. See also the latest Fossies "Diffs" side-by-side code changes report for "webserver.rst": 4.1.13_vs_4.2.0.

Built-in webserver

To visually interact with dnsdist, try add webserver to the configuration:

webserver("", "supersecretpassword", "supersecretAPIkey")

Now point your browser at and log in with any username, and that password. Enjoy!

Security of the Webserver

The built-in webserver serves its content from inside the binary, this means it will not and connot read from disk.

By default, our web server sends some security-related headers:

X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'

You can override those headers, or add custom headers by using the last parameter to webserver. For example, to remove the X-Frame-Options header and add a X-Custom one:

webserver("", "supersecret", "apikey", {["X-Frame-Options"]= "", ["X-Custom"]="custom"}

Credentials can be changed over time using the setWebserverConfig function.

dnsdist API

To access the API, the apikey must be set in the webserver function. Use the API, this key will need to be sent to dnsdist in the X-API-Key request header. An HTTP 401 response is returned when a wrong or no API key is received. A 404 response is generated is the requested endpoint does not exist. And a 405 response is returned when the HTTP methos is not allowed.

URL Endpoints

JSON Objects