gitea/services
Jason Song 4e98224a45
Support allowed hosts for webhook to work with proxy (#27655)
When `webhook.PROXY_URL` has been set, the old code will check if the
proxy host is in `ALLOWED_HOST_LIST` or reject requests through the
proxy. It requires users to add the proxy host to `ALLOWED_HOST_LIST`.
However, it actually allows all requests to any port on the host, when
the proxy host is probably an internal address.

But things may be even worse. `ALLOWED_HOST_LIST` doesn't really work
when requests are sent to the allowed proxy, and the proxy could forward
them to any hosts.

This PR fixes it by:

- If the proxy has been set, always allow connectioins to the host and
port.
- Check `ALLOWED_HOST_LIST` before forwarding.
2023-10-18 09:44:36 +00:00
..
actions Final round of db.DefaultContext refactor (#27587) 2023-10-14 08:37:24 +00:00
agit Penultimate round of db.DefaultContext refactor (#27414) 2023-10-11 04:24:07 +00:00
asymkey Penultimate round of db.DefaultContext refactor (#27414) 2023-10-11 04:24:07 +00:00
attachment Even more db.DefaultContext refactor (#27352) 2023-10-03 10:30:41 +00:00
auth Replace more db.DefaultContext (#27628) 2023-10-15 17:46:06 +02:00
automerge Improve queue and logger context (#24924) 2023-05-26 07:31:55 +00:00
context Another round of db.DefaultContext refactor (#27103) 2023-09-25 13:17:37 +00:00
convert Final round of db.DefaultContext refactor (#27587) 2023-10-14 08:37:24 +00:00
cron Improve retrying index issues (#27554) 2023-10-15 18:56:57 +00:00
externalaccount Final round of db.DefaultContext refactor (#27587) 2023-10-14 08:37:24 +00:00
feed More db.DefaultContext refactor (#27265) 2023-09-29 12:12:54 +00:00
forms Add support for forking single branch (#25821) 2023-09-29 09:48:39 +08:00
gitdiff Even more db.DefaultContext refactor (#27352) 2023-10-03 10:30:41 +00:00
indexer Improve retrying index issues (#27554) 2023-10-15 18:56:57 +00:00
issue Penultimate round of db.DefaultContext refactor (#27414) 2023-10-11 04:24:07 +00:00
lfs Bump github.com/golang-jwt/jwt to v5 (#25975) 2023-07-19 09:57:10 +00:00
mailer Penultimate round of db.DefaultContext refactor (#27414) 2023-10-11 04:24:07 +00:00
markup make writing main test easier (#27270) 2023-09-28 01:38:53 +00:00
migrations Final round of db.DefaultContext refactor (#27587) 2023-10-14 08:37:24 +00:00
mirror Even more db.DefaultContext refactor (#27352) 2023-10-03 10:30:41 +00:00
notify Update status and code index after changing the default branch (#27018) 2023-09-13 04:43:31 +00:00
org Replace more db.DefaultContext (#27628) 2023-10-15 17:46:06 +02:00
packages Another round of db.DefaultContext refactor (#27103) 2023-09-25 13:17:37 +00:00
pull Fix poster is not loaded in get default merge message (#27657) 2023-10-17 15:07:23 +00:00
release Even more db.DefaultContext refactor (#27352) 2023-10-03 10:30:41 +00:00
repository Replace more db.DefaultContext (#27628) 2023-10-15 17:46:06 +02:00
secrets Refactor secrets modification logic (#26873) 2023-09-05 15:21:02 +00:00
task Replace more db.DefaultContext (#27628) 2023-10-15 17:46:06 +02:00
uinotification Penultimate round of db.DefaultContext refactor (#27414) 2023-10-11 04:24:07 +00:00
user Replace more db.DefaultContext (#27628) 2023-10-15 17:46:06 +02:00
webhook Support allowed hosts for webhook to work with proxy (#27655) 2023-10-18 09:44:36 +00:00
wiki Even more db.DefaultContext refactor (#27352) 2023-10-03 10:30:41 +00:00