[0/1] toaster: set ALLOWED_HOSTS to *

Submitted by Avery, Brian on Nov. 2, 2016, 7:33 p.m. | Patch ID: 133531

Details

Message ID cover.1478114701.git.brian.avery@intel.com
State New
Headers show

Pull-request

git://git.yoctoproject.org/poky-contrib bavery/toaster/fixALLOWED_HOSTexclusionV2

Comments

brian avery Nov. 2, 2016, 7:39 p.m.
This is V2; bad subject line :(.

-b
an intel employee

On Wed, Nov 2, 2016 at 12:33 PM, brian avery <brian.avery@intel.com> wrote:

> Django 1.8.16 now enforces ALOWED_HOSTS even if DEBUG is true.  Therefore,
> we need to set the value to '*' to allow us to connect to a toaster
> instance
> from off server.  It is also needed to allow connection to the toaster
> instance
> in certain kinds of containers.
>
> Since the non localhost interface is only bound to if we explicitly start
> toaster
> with webport=0.0.0.0:<port>, this change will not expose additional
> vulnerablilities.
>
> -Brian
>
> The following changes since commit c3d2df883a9d6d5036277114339673
> 656d89a728:
>
>   oeqa/selftest/kernel.py: Add new file destined for kernel related tests
> (2016-11-01 10:05:46 +0000)
>
> are available in the git repository at:
>
>   git://git.yoctoproject.org/poky-contrib bavery/toaster/fixALLOWED_
> HOSTexclusionV2
>   http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=
> bavery/toaster/fixALLOWED_HOSTexclusionV2
>
> brian avery (1):
>   toaster: settings.py , set ALLOWED_HOSTS to *
>
>  lib/toaster/toastermain/settings.py | 16 +++++++++++++---
>  1 file changed, 13 insertions(+), 3 deletions(-)
>
> --
> 1.9.1
> --
> _______________________________________________
> toaster mailing list
> toaster@yoctoproject.org
> https://lists.yoctoproject.org/listinfo/toaster
>
Michael Wood Nov. 4, 2016, 12:30 p.m.
Thanks sent upstream and applied to toaster-next

Michael

On 02/11/16 19:39, Brian Avery wrote:
> This is V2; bad subject line :(.
>
> -b
> an intel employee
>
> On Wed, Nov 2, 2016 at 12:33 PM, brian avery <brian.avery@intel.com 
> <mailto:brian.avery@intel.com>> wrote:
>
>     Django 1.8.16 now enforces ALOWED_HOSTS even if DEBUG is true.
>     Therefore,
>     we need to set the value to '*' to allow us to connect to a
>     toaster instance
>     from off server.  It is also needed to allow connection to the
>     toaster instance
>     in certain kinds of containers.
>
>     Since the non localhost interface is only bound to if we
>     explicitly start toaster
>     with webport=0.0.0.0 <http://0.0.0.0>:<port>, this change will not
>     expose additional vulnerablilities.
>
>     -Brian
>
>     The following changes since commit
>     c3d2df883a9d6d5036277114339673656d89a728:
>
>       oeqa/selftest/kernel.py: Add new file destined for kernel
>     related tests (2016-11-01 10:05:46 +0000)
>
>     are available in the git repository at:
>
>       git://git.yoctoproject.org/poky-contrib
>     <http://git.yoctoproject.org/poky-contrib>
>     bavery/toaster/fixALLOWED_HOSTexclusionV2
>     http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=bavery/toaster/fixALLOWED_HOSTexclusionV2
>     <http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=bavery/toaster/fixALLOWED_HOSTexclusionV2>
>
>     brian avery (1):
>       toaster: settings.py , set ALLOWED_HOSTS to *
>
>      lib/toaster/toastermain/settings.py | 16 +++++++++++++---
>      1 file changed, 13 insertions(+), 3 deletions(-)
>
>     --
>     1.9.1
>     --
>     _______________________________________________
>     toaster mailing list
>     toaster@yoctoproject.org <mailto:toaster@yoctoproject.org>
>     https://lists.yoctoproject.org/listinfo/toaster
>     <https://lists.yoctoproject.org/listinfo/toaster>
>
>
>
>