specter/mastodon
1
0
Fork 0
forked from fedi/mastodon
Code Pull requests Activity

Add guard against DNS rebinding attacks (#16087)

Browse source 
* Add guard against DNS rebinding attacks

* Fix not to apply to test environment
This commit is contained in:
Takeshi Umeda 2021-04-22 00:45:58 +09:00 committed by GitHub
parent e243092a5a
commit 8323023464
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
config/initializers/1_hosts.rb
View file

@ -26,4 +26,10 @@ Rails.application.configure do
"ws://#{ENV['REMOTE_DEV'] == 'true' ? host.split(':').first : 'localhost'}:4000" "ws://#{ENV['REMOTE_DEV'] == 'true' ? host.split(':').first : 'localhost'}:4000"
end end
end end
unless Rails.env.test?
config.hosts << host if host.present?
config.hosts << web_host if web_host.present?
config.hosts << alternate_domains if alternate_domains.present?
end
end end