YunoHost/package_linter
1
0
Fork 0
mirror of https://github.com/YunoHost/package_linter.git synced 2024-09-03 20:06:12 +02:00
Code Issues Projects Releases Packages Wiki Activity

better ip discrimination

Browse source
This commit is contained in:
OniriCorpe 2024-01-18 03:06:27 +01:00
parent 8b38cf0924
commit 23b2f7d6bb
1 changed files with 9 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
package_linter.py
View file

@ -1549,13 +1549,15 @@ class Configurations(TestSuite):
( "0.0.0.0" in line or "::" in line ) ( "0.0.0.0" in line or "::" in line )
and not line.strip().startswith(comment) and not line.strip().startswith(comment)
): ):
yield Info( for ip in re.split("[ \t,='\"(){}\[\]]", line):
f"{filename}:{number}: Binding to '0.0.0.0' or '::' can result " if ip == "::" or "0.0.0.0" in ip:
"in a security issue as the reverse proxy and the SSO can be " yield Info(
"bypassed by knowing a public IP (typically an IPv6) and the " f"{filename}:{number}: Binding to '0.0.0.0' or '::' can result "
"app port. lease be sure that this behavior is intentional. " "in a security issue as the reverse proxy and the SSO can be "
"Maybe use '127.0.0.1' or '::1' instead." "bypassed by knowing a public IP (typically an IPv6) and the "
) "app port. lease be sure that this behavior is intentional. "
"Maybe use '127.0.0.1' or '::1' instead."
)
############################################# #############################################
# __ __ _ __ _ # # __ __ _ __ _ #