From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <brian.avery@intel.com>
Received: by yocto-www.yoctoproject.org (Postfix, from userid 118)
	id 4623EE00A90; Wed,  2 Nov 2016 12:31:59 -0700 (PDT)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	yocto-www.yoctoproject.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_HI
	autolearn=ham version=3.3.1
X-Spam-HAM-Report: * -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
	*      [score: 0.0000]
	* -5.0 RCVD_IN_DNSWL_HI RBL: Sender listed at http://www.dnswl.org/,
	high *      trust
	*      [134.134.136.24 listed in list.dnswl.org]
Received: from mga09.intel.com (mga09.intel.com [134.134.136.24])
	by yocto-www.yoctoproject.org (Postfix) with ESMTP id E1BFEE00A21
	for <toaster@yoctoproject.org>; Wed,  2 Nov 2016 12:31:55 -0700 (PDT)
Received: from orsmga004.jf.intel.com ([10.7.209.38])
	by orsmga102.jf.intel.com with ESMTP; 02 Nov 2016 12:31:54 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.31,436,1473145200"; d="scan'208";a="27043315"
Received: from bavery-ws-desk.jf.intel.com ([10.7.198.85])
	by orsmga004.jf.intel.com with ESMTP; 02 Nov 2016 12:31:54 -0700
From: brian avery <brian.avery@intel.com>
To: toaster@yoctoproject.org
Date: Wed,  2 Nov 2016 12:33:25 -0700
Message-Id: <cover.1478114701.git.brian.avery@intel.com>
X-Mailer: git-send-email 1.9.1
Cc: brian avery <brian.avery@intel.com>
Subject: [PATCH 0/1] toaster: set ALLOWED_HOSTS to *
X-BeenThere: toaster@yoctoproject.org
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: Web based interface for BitBake <toaster.yoctoproject.org>
List-Unsubscribe: <https://lists.yoctoproject.org/options/toaster>,
	<mailto:toaster-request@yoctoproject.org?subject=unsubscribe>
List-Archive: <http://lists.yoctoproject.org/pipermail/toaster>
List-Post: <mailto:toaster@yoctoproject.org>
List-Help: <mailto:toaster-request@yoctoproject.org?subject=help>
List-Subscribe: <https://lists.yoctoproject.org/listinfo/toaster>,
	<mailto:toaster-request@yoctoproject.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Nov 2016 19:31:59 -0000

Django 1.8.16 now enforces ALOWED_HOSTS even if DEBUG is true.  Therefore,
we need to set the value to '*' to allow us to connect to a toaster instance
from off server.  It is also needed to allow connection to the toaster instance
in certain kinds of containers.

Since the non localhost interface is only bound to if we explicitly start toaster
with webport=0.0.0.0:<port>, this change will not expose additional vulnerablilities.

-Brian

The following changes since commit c3d2df883a9d6d5036277114339673656d89a728:

  oeqa/selftest/kernel.py: Add new file destined for kernel related tests (2016-11-01 10:05:46 +0000)

are available in the git repository at:

  git://git.yoctoproject.org/poky-contrib bavery/toaster/fixALLOWED_HOSTexclusionV2
  http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=bavery/toaster/fixALLOWED_HOSTexclusionV2

brian avery (1):
  toaster: settings.py , set ALLOWED_HOSTS to *

 lib/toaster/toastermain/settings.py | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

--
1.9.1