Page MenuHomePhorge
Differential D4680

AllowedHosts middleware to restrict allowed hosts
ClosedPublic
Actions

Authored by mollekopf on Apr 3 2024, 1:05 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Jul 22, 5:08 AM
Unknown Object (File)
Sat, Jul 20, 3:42 PM
Unknown Object (File)
Sat, Jul 20, 3:28 PM
Unknown Object (File)
Sat, Jul 20, 3:21 PM
Unknown Object (File)
Sat, Jul 20, 1:23 PM
Unknown Object (File)
Sun, Jul 14, 5:43 PM
Unknown Object (File)
Sun, Jul 14, 4:59 PM
Unknown Object (File)
Sun, Jul 14, 4:57 PM
View All 90 Files
Subscribers
machniak

Details

Reviewers
machniak
Group Reviewers
Restricted Project
Commits
rKa89b72e22ff2: AllowedHosts middleware to restrict allowed hosts

Diff Detail

Repository
rK kolab
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

mollekopf requested review of this revision.Apr 3 2024, 1:05 PM
mollekopf created this revision.
Harbormaster completed remote builds in B46944: Diff 13464.Apr 3 2024, 1:05 PM
mollekopf added a reviewer: Restricted Project.Apr 3 2024, 1:05 PM

There's a domain/hosts confusion. I went with hosts for the middleware because that also used for e.g. the TrustHosts middleware, but with domain in the config because that's what we use for the other configs ¯\_(ツ)_/¯

machniak requested changes to this revision.Apr 4 2024, 10:54 AM
machniak subscribed.
machniak added inline comments.
src/config/app.php
87–88

I think services_domain is not used anymore and should be removed.

src/routes/api.php
210

It would be cleaner if we did 'allowedHosts:services' or just 'allowedHosts' here and read the config inside the middleware.

This revision now requires changes to proceed.Apr 4 2024, 10:54 AM
mollekopf updated this revision to Diff 13470.Apr 4 2024, 4:29 PM

addressed comments

Harbormaster completed remote builds in B47004: Diff 13470.Apr 4 2024, 4:29 PM
machniak accepted this revision.Apr 5 2024, 12:11 PM
This revision is now accepted and ready to land.Apr 5 2024, 12:11 PM
Closed by commit rKa89b72e22ff2: AllowedHosts middleware to restrict allowed hosts (authored by mollekopf). · Explain WhyApr 5 2024, 2:36 PM
This revision was automatically updated to reflect the committed changes.
mollekopf added a commit: rKa89b72e22ff2: AllowedHosts middleware to restrict allowed hosts.

Revision Contents
Changeset List

PathSize
src/
app/
Http/
1 line
Middleware/
26 lines
config/
15 lines
routes/
2 lines

Diff 13473

View Options

src/app/Http/Kernel.php

Loading...
View Options

src/app/Http/Middleware/AllowedHosts.php

Loading...
View Options

src/config/app.php

Loading...
View Options

src/routes/api.php

Loading...