[Toaster] [PATCH 0/1] [krogoth] toaster: settings.py , add * to ALLOWED_HOSTS
brian avery
avery.brian at gmail.com
Mon Nov 21 13:41:45 PST 2016
This backports 7c3a47ed8965c3a3eb90a9a4678d5caedbba6337 to krogoth so that
toaster can work with Django (1.8.16).
>From the patch to master's message:
As of Django 1.8.16, django is rejecting any HTTP_HOST header that is
not on the ALLOWED_HOST list. We often need to reference the
toaster server via a fqdn, if we start it via webport=0.0.0.0:8000 for
instance, and are hitting the server from a laptop. This change does
reduce the protection from a DNS rebinding attack, however, if you are
running the toaster server outside a protected network, you need to be
using the production instance.
Fixes [YOCTO #10586 ].
The following changes since commit 3bf928a3b6354bc09c87fcbf9e3972c8d368aaa3:
dev-manual: Fixed typo for "${INC_PR}.0" (2016-11-16 10:38:24 +0000)
are available in the git repository at:
git://git.yoctoproject.org/poky-contrib bavery/toaster/krogoth-HOSTFIX
http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=bavery/toaster/krogoth-HOSTFIX
brian avery (1):
bitbake: toaster: settings set ALLOWED_HOSTS to * in debug mode
lib/toaster/toastermain/settings.py | 16 +++++++++++++---
1 file changed, 13 insertions(+), 3 deletions(-)
--
1.9.1
More information about the toaster
mailing list