All of lore.kernel.org
 help / color / mirror / Atom feed
From: brian avery <brian.avery@intel.com>
To: toaster@yoctoproject.org
Cc: brian avery <brian.avery@intel.com>
Subject: [PATCH 0/1] toaster: set ALLOWED_HOSTS to *
Date: Wed,  2 Nov 2016 12:33:25 -0700	[thread overview]
Message-ID: <cover.1478114701.git.brian.avery@intel.com> (raw)

Django 1.8.16 now enforces ALOWED_HOSTS even if DEBUG is true.  Therefore,
we need to set the value to '*' to allow us to connect to a toaster instance
from off server.  It is also needed to allow connection to the toaster instance
in certain kinds of containers.

Since the non localhost interface is only bound to if we explicitly start toaster
with webport=0.0.0.0:<port>, this change will not expose additional vulnerablilities.

-Brian

The following changes since commit c3d2df883a9d6d5036277114339673656d89a728:

  oeqa/selftest/kernel.py: Add new file destined for kernel related tests (2016-11-01 10:05:46 +0000)

are available in the git repository at:

  git://git.yoctoproject.org/poky-contrib bavery/toaster/fixALLOWED_HOSTexclusionV2
  http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=bavery/toaster/fixALLOWED_HOSTexclusionV2

brian avery (1):
  toaster: settings.py , set ALLOWED_HOSTS to *

 lib/toaster/toastermain/settings.py | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

--
1.9.1


             reply	other threads:[~2016-11-02 19:31 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-11-02 19:33 brian avery [this message]
2016-11-02 19:33 ` [PATCH 1/1] toaster: settings.py , set ALLOWED_HOSTS to * brian avery
2016-11-02 19:39 ` [PATCH 0/1] toaster: " Brian Avery
2016-11-04 12:30   ` Michael Wood

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1478114701.git.brian.avery@intel.com \
    --to=brian.avery@intel.com \
    --cc=toaster@yoctoproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.