[Toaster] [PATCH 0/1] toaster: set ALLOWED_HOSTS to *
Michael Wood
michael.g.wood at intel.com
Fri Nov 4 05:30:59 PDT 2016
Thanks sent upstream and applied to toaster-next
Michael
On 02/11/16 19:39, Brian Avery wrote:
> This is V2; bad subject line :(.
>
> -b
> an intel employee
>
> On Wed, Nov 2, 2016 at 12:33 PM, brian avery <brian.avery at intel.com
> <mailto:brian.avery at intel.com>> wrote:
>
> Django 1.8.16 now enforces ALOWED_HOSTS even if DEBUG is true.
> Therefore,
> we need to set the value to '*' to allow us to connect to a
> toaster instance
> from off server. It is also needed to allow connection to the
> toaster instance
> in certain kinds of containers.
>
> Since the non localhost interface is only bound to if we
> explicitly start toaster
> with webport=0.0.0.0 <http://0.0.0.0>:<port>, this change will not
> expose additional vulnerablilities.
>
> -Brian
>
> The following changes since commit
> c3d2df883a9d6d5036277114339673656d89a728:
>
> oeqa/selftest/kernel.py: Add new file destined for kernel
> related tests (2016-11-01 10:05:46 +0000)
>
> are available in the git repository at:
>
> git://git.yoctoproject.org/poky-contrib
> <http://git.yoctoproject.org/poky-contrib>
> bavery/toaster/fixALLOWED_HOSTexclusionV2
> http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=bavery/toaster/fixALLOWED_HOSTexclusionV2
> <http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=bavery/toaster/fixALLOWED_HOSTexclusionV2>
>
> brian avery (1):
> toaster: settings.py , set ALLOWED_HOSTS to *
>
> lib/toaster/toastermain/settings.py | 16 +++++++++++++---
> 1 file changed, 13 insertions(+), 3 deletions(-)
>
> --
> 1.9.1
> --
> _______________________________________________
> toaster mailing list
> toaster at yoctoproject.org <mailto:toaster at yoctoproject.org>
> https://lists.yoctoproject.org/listinfo/toaster
> <https://lists.yoctoproject.org/listinfo/toaster>
>
>
>
>
More information about the toaster
mailing list