forks/forgejo
1
0
Fork 0
Code Releases Activity
forgejo/modules
History
Jason Song 4e98224a45
Support allowed hosts for webhook to work with proxy (#27655) 
When `webhook.PROXY_URL` has been set, the old code will check if the
proxy host is in `ALLOWED_HOST_LIST` or reject requests through the
proxy. It requires users to add the proxy host to `ALLOWED_HOST_LIST`.
However, it actually allows all requests to any port on the host, when
the proxy host is probably an internal address.

But things may be even worse. `ALLOWED_HOST_LIST` doesn't really work
when requests are sent to the allowed proxy, and the proxy could forward
them to any hosts.

This PR fixes it by:

- If the proxy has been set, always allow connectioins to the host and
port.
- Check `ALLOWED_HOST_LIST` before forwarding.
2023-10-18 09:44:36 +00:00
..
actions
activitypub make writing main test easier (#27270) 2023-09-28 01:38:53 +00:00
analyze
assetfs
auth Next round of db.DefaultContext refactor (#27089) 2023-09-16 14:39:12 +00:00
avatar
base
cache
charset
container
context Final round of db.DefaultContext refactor (#27587) 2023-10-14 08:37:24 +00:00
contexttest Replace assert.Fail with assert.FailNow (#27578) 2023-10-11 11:02:24 +00:00
csv
doctor Penultimate round of db.DefaultContext refactor (#27414) 2023-10-11 04:24:07 +00:00
emoji
eventsource Final round of db.DefaultContext refactor (#27587) 2023-10-14 08:37:24 +00:00
generate
git Replace assert.Fail with assert.FailNow (#27578) 2023-10-11 11:02:24 +00:00
gitgraph More db.DefaultContext refactor (#27265) 2023-09-29 12:12:54 +00:00
graceful
hcaptcha
highlight
hostmatcher Support allowed hosts for webhook to work with proxy (#27655) 2023-10-18 09:44:36 +00:00
html
httpcache
httplib
indexer Improve retrying index issues (#27554) 2023-10-15 18:56:57 +00:00
issue/template
json
label
lfs Refactor lfs requests (#26783) 2023-09-18 08:40:50 +00:00
log
markup fix media description render for orgmode (#26895) 2023-09-13 05:44:59 +00:00
mcaptcha
metrics Reduce usage of db.DefaultContext (#27073) 2023-09-14 17:09:32 +00:00
migration
nosql
options
packages
paginator
pprof
private
process Replace assert.Fail with assert.FailNow (#27578) 2023-10-11 11:02:24 +00:00
proxy
proxyprotocol
public
queue Increase queue length (#27555) 2023-10-10 18:47:49 +08:00
recaptcha
references Replace 'userxx' with 'orgxx' in all test files when the user type is org (#27052) 2023-09-14 02:59:53 +00:00
regexplru
repository Refactor system setting (#27000) 2023-10-05 09:08:19 +08:00
secret
session Next round of db.DefaultContext refactor (#27089) 2023-09-16 14:39:12 +00:00
setting Enhanced auth token / remember me (#27606) 2023-10-14 00:56:41 +00:00
sitemap
ssh restrict certificate type for builtin SSH server (#26789) 2023-09-01 13:45:22 +00:00
storage Fix object storage path handling (#27024) 2023-09-13 01:18:52 +00:00
structs Restore warning commit status (#27504) 2023-10-08 22:16:06 +00:00
svg
sync
system Replace more db.DefaultContext (#27628) 2023-10-15 17:46:06 +02:00
templates Improve feed icons and feed merge text color (#27498) 2023-10-07 23:26:27 +00:00
test Move web/api context related testing function into a separate package (#26859) 2023-09-01 11:26:07 +00:00
testlogger
timeutil
translation
turnstile
typesniffer
updatechecker Replace more db.DefaultContext (#27628) 2023-10-15 17:46:06 +02:00
upload
uri
user
util Refactor lfs requests (#26783) 2023-09-18 08:40:50 +00:00
validation Check blocklist for emails when adding them to account (#26812) 2023-08-30 10:46:49 -05:00
web Remove some dead code (#27196) 2023-09-22 23:30:31 +08:00
webhook