YunoHost/package_linter
1
0
Fork 0
mirror of https://github.com/YunoHost/package_linter.git synced 2024-09-03 20:06:12 +02:00
Code Issues Projects Releases Packages Wiki Activity

ident fix (due to merge)

Browse source
This commit is contained in:
OniriCorpe 2024-03-11 04:04:32 +01:00
parent 8876de53ba
commit 8154a86f4c
1 changed files with 14 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
package_linter.py
View file

@ -1577,20 +1577,20 @@ class Configurations(TestSuite):
for number, line in enumerate(content.split("\n"), 1):
comment = ("#", "//", ";", "/**", "*")
if (
( "0.0.0.0" in line or "::" in line )
and not line.strip().startswith(comment)
):
for ip in re.split("[ \t,='\"(){}\[\]]", line):
if ip == "::" or ip.startswith("0.0.0.0"):
yield Info(
f"{os.path.relpath(path, app.path)}/{filename}:{number}: "
"Binding to '0.0.0.0' or '::' can result in a security issue "
"as the reverse proxy and the SSO can be bypassed by knowing "
"a public IP (typically an IPv6) and the app port. "
"Please be sure that this behavior is intentional. "
"Maybe use '127.0.0.1' or '::1' instead."
)
if (
( "0.0.0.0" in line or "::" in line )
and not line.strip().startswith(comment)
):
for ip in re.split("[ \t,='\"(){}\[\]]", line):
if ip == "::" or ip.startswith("0.0.0.0"):
yield Info(
f"{os.path.relpath(path, app.path)}/{filename}:{number}: "
"Binding to '0.0.0.0' or '::' can result in a security issue "
"as the reverse proxy and the SSO can be bypassed by knowing "
"a public IP (typically an IPv6) and the app port. "
"Please be sure that this behavior is intentional. "
"Maybe use '127.0.0.1' or '::1' instead."
)
#############################################
# __ __ _ __ _ #