e81ccc406b
Implement FSFE REUSE for golang files ( #21840 )
...
Change all license headers to comply with REUSE specification.
Fix #16132
Co-authored-by: flynnnnnnnnnn <flynnnnnnnnnn@github>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2022-11-27 18:20:29 +00:00
0ebb45cfe7
Replace all instances of fmt.Errorf(%v) with fmt.Errorf(%w) ( #21551 )
...
Found using
`find . -type f -name '*.go' -print -exec vim {} -c
':%s/fmt\.Errorf(\(.*\)%v\(.*\)err/fmt.Errorf(\1%w\2err/g' -c ':wq' \;`
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-10-24 20:29:17 +01:00
a4e91c4197
Add proxy host into allow list ( #20798 )
...
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-08-16 20:15:54 -04:00
f67a1030b3
Add tests for the host checking logic, clarify the behaviors ( #20328 )
...
Before, the combination of AllowedDomains/BlockedDomains/AllowLocalNetworks is confusing.
This PR adds tests for the logic, clarify the behaviors.
2022-07-13 09:07:16 +08:00
a51efb4c2c
Support `hostname:port` to pass host matcher's check #19543 ( #19543 )
...
hostmatcher: split the hostname from the `hostname:port` string, use the correct hostname to do the match.
2022-04-29 01:39:50 +08:00
60fbaa9068
remove not needed ( #19128 )
2022-03-18 20:17:57 +01:00
ff2fd08228
Simplify parameter types ( #18006 )
...
Remove repeated type declarations in function definitions.
2021-12-20 04:41:31 +00:00
013fb73068
Use `hostmatcher` to replace `matchlist`, improve security ( #17605 )
...
Use hostmacher to replace matchlist.
And we introduce a better DialContext to do a full host/IP check, otherwise the attackers can still bypass the allow/block list by a 302 redirection.
2021-11-20 17:34:05 +08:00
599ff1c054
Only allow webhook to send requests to allowed hosts ( #17482 )
2021-11-01 16:39:52 +08:00
flynnnnnnnnnn
delvh
Lunny Xiao
wxiaoguang
6543
Gusted