Page MenuHomePhorge

AllowedHosts middleware to restrict allowed hosts
ClosedPublic

Authored by mollekopf on Apr 3 2024, 1:05 PM.
Tags
None
Referenced Files
F15357423: D4680.diff
Tue, Sep 17, 6:36 AM
Unknown Object (File)
Mon, Sep 16, 5:38 AM
Unknown Object (File)
Fri, Sep 13, 7:38 AM
Unknown Object (File)
Fri, Sep 13, 3:44 AM
Unknown Object (File)
Fri, Sep 13, 1:46 AM
Unknown Object (File)
Fri, Sep 6, 2:35 PM
Unknown Object (File)
Fri, Sep 6, 2:32 PM
Unknown Object (File)
Fri, Sep 6, 1:14 PM
Subscribers

Details

Reviewers
machniak
Group Reviewers
Restricted Project
Commits
rKa89b72e22ff2: AllowedHosts middleware to restrict allowed hosts

Diff Detail

Repository
rK kolab
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

mollekopf created this revision.
mollekopf added a reviewer: Restricted Project.Apr 3 2024, 1:05 PM

There's a domain/hosts confusion. I went with hosts for the middleware because that also used for e.g. the TrustHosts middleware, but with domain in the config because that's what we use for the other configs ¯\_(ツ)_/¯

machniak subscribed.
machniak added inline comments.
src/config/app.php
87–88

I think services_domain is not used anymore and should be removed.

src/routes/api.php
210

It would be cleaner if we did 'allowedHosts:services' or just 'allowedHosts' here and read the config inside the middleware.

This revision now requires changes to proceed.Apr 4 2024, 10:54 AM
This revision is now accepted and ready to land.Apr 5 2024, 12:11 PM