Lunny Xiao
e57c91b3bb
Add proxy host into allow list ( #20798 )
...
Co-authored-by: techknowlogick <techknowlogick@gitea.io >
2022-08-16 20:15:54 -04:00
wxiaoguang
477e5b6151
Add tests for the host checking logic, clarify the behaviors ( #20328 )
...
Before, the combination of AllowedDomains/BlockedDomains/AllowLocalNetworks is confusing.
This PR adds tests for the logic, clarify the behaviors.
2022-07-13 09:07:16 +08:00
wxiaoguang
3601dec886
Support hostname:port to pass host matcher's check #19543 ( #19543 )
...
hostmatcher: split the hostname from the `hostname:port` string, use the correct hostname to do the match.
2022-04-29 01:39:50 +08:00
6543
a7dd9d9be4
remove not needed ( #19128 )
2022-03-18 20:17:57 +01:00
Gusted
95c8f0ccf4
Simplify parameter types ( #18006 )
...
Remove repeated type declarations in function definitions.
2021-12-20 04:41:31 +00:00
wxiaoguang
935a50021d
Use hostmatcher to replace matchlist, improve security ( #17605 )
...
Use hostmacher to replace matchlist.
And we introduce a better DialContext to do a full host/IP check, otherwise the attackers can still bypass the allow/block list by a 302 redirection.
2021-11-20 17:34:05 +08:00
wxiaoguang
1d8e42fd5f
Only allow webhook to send requests to allowed hosts ( #17482 )
2021-11-01 16:39:52 +08:00
