Page MenuHomePhorge

AllowedHosts middleware to restrict allowed hosts
ClosedPublic

Authored by mollekopf on Apr 3 2024, 1:05 PM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Oct 22, 10:08 PM
Unknown Object (File)
Mon, Oct 14, 12:56 PM
Unknown Object (File)
Tue, Oct 8, 9:39 PM
Unknown Object (File)
Sun, Oct 6, 6:46 AM
Unknown Object (File)
Fri, Oct 4, 4:15 PM
Unknown Object (File)
Sep 29 2024, 9:14 AM
Unknown Object (File)
Sep 29 2024, 2:10 AM
Unknown Object (File)
Sep 27 2024, 7:05 AM
Subscribers

Details

Reviewers
machniak
Group Reviewers
Restricted Project
Commits
rKa89b72e22ff2: AllowedHosts middleware to restrict allowed hosts

Diff Detail

Repository
rK kolab
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

mollekopf created this revision.
mollekopf added a reviewer: Restricted Project.Apr 3 2024, 1:05 PM

There's a domain/hosts confusion. I went with hosts for the middleware because that also used for e.g. the TrustHosts middleware, but with domain in the config because that's what we use for the other configs ¯\_(ツ)_/¯

machniak subscribed.
machniak added inline comments.
src/config/app.php
87–88

I think services_domain is not used anymore and should be removed.

src/routes/api.php
210

It would be cleaner if we did 'allowedHosts:services' or just 'allowedHosts' here and read the config inside the middleware.

This revision now requires changes to proceed.Apr 4 2024, 10:54 AM
This revision is now accepted and ready to land.Apr 5 2024, 12:11 PM