tdsds.com/gitea
1
1
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2025-10-26 17:08:25 +00:00
Code Releases Activity
14,064 Commits 19 Branches 240 Tags
07178f4d0ce4a15f6c3a9ff6073a306d44266432
Commit Graph

7 Commits

Author SHA1 Message Date
Lunny Xiao
a4e91c4197 Add proxy host into allow list (#20798) 
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
 2022-08-16 20:15:54 -04:00
wxiaoguang
f67a1030b3 Add tests for the host checking logic, clarify the behaviors (#20328) 
Before, the combination of AllowedDomains/BlockedDomains/AllowLocalNetworks is confusing.

This PR adds tests for the logic, clarify the behaviors.
 2022-07-13 09:07:16 +08:00
wxiaoguang
a51efb4c2c Support hostname:port to pass host matcher's check #19543 (#19543) 
hostmatcher: split the hostname from the `hostname:port` string, use the correct hostname to do the match.
 2022-04-29 01:39:50 +08:00
6543
60fbaa9068 remove not needed (#19128) 2022-03-18 20:17:57 +01:00
Gusted
ff2fd08228 Simplify parameter types (#18006) 
Remove repeated type declarations in function definitions.
 2021-12-20 04:41:31 +00:00
wxiaoguang
013fb73068 Use hostmatcher to replace matchlist, improve security (#17605) 
Use hostmacher to replace matchlist.

And we introduce a better DialContext to do a full host/IP check, otherwise the attackers can still bypass the allow/block list by a 302 redirection.
 2021-11-20 17:34:05 +08:00
wxiaoguang
599ff1c054 Only allow webhook to send requests to allowed hosts (#17482) 2021-11-01 16:39:52 +08:00