All of lore.kernel.org
 help / color / mirror / Atom feed
From: brian avery <brian.avery@intel.com>
To: toaster@yoctoproject.org
Cc: brian avery <brian.avery@intel.com>
Subject: [PATCH 0/1] toaster: add * to ALLOWED_HOSTS setting
Date: Tue,  1 Nov 2016 17:03:55 -0700	[thread overview]
Message-ID: <cover.1478044908.git.brian.avery@intel.com> (raw)

    As of Django 1.8.16, django is rejecting any HTTP_HOST header that is
 not on the ALLOWED_HOST list.  We often need to reference the
 toaster server via a fqdn, if we start it via webport=0.0.0.0:8000 for
 instance, and are hitting the server from a laptop. This change does
 reduce  the protection from a DNS rebinding attack, however, if you are
 running the toaster server outside a protected network, you need to be
 using the production instance.

In particular, this prevents the toaster container tests from running as well
as the containers from working as is in the Windows Docker Toolbox case.

-brian

The following changes since commit c3d2df883a9d6d5036277114339673656d89a728:

  oeqa/selftest/kernel.py: Add new file destined for kernel related tests (2016-11-01 10:05:46 +0000)

are available in the git repository at:

  git://git.yoctoproject.org/poky-contrib bavery/toaster/fixALLOWED_HOSTexclusion
  http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=bavery/toaster/fixALLOWED_HOSTexclusion

brian avery (1):
  toaster: settings.py , add * to ALLOWED_HOSTS

 lib/toaster/toastermain/settings.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

--
1.9.1


             reply	other threads:[~2016-11-02  0:02 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-11-02  0:03 brian avery [this message]
2016-11-02  0:03 ` [PATCH 1/1] toaster: settings.py , add * to ALLOWED_HOSTS brian avery
2016-11-02 12:46   ` Michael Wood
2016-11-02 14:52     ` Brian Avery

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1478044908.git.brian.avery@intel.com \
    --to=brian.avery@intel.com \
    --cc=toaster@yoctoproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.