Repository :
http://git.fedorahosted.org/cgit/copr.git
On branch : master
---------------------------------------------------------------
commit 339f89bbf16bc3b318d37e7b6d46ac18921a83b4
Author: Valentin Gologuzov <vgologuz(a)redhat.com>
Date: Wed Jun 3 15:26:33 2015 +0200
[frontend] decorator intranet_required should always accept requests from localhost
---------------------------------------------------------------
frontend/coprs_frontend/coprs/views/misc.py | 5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/frontend/coprs_frontend/coprs/views/misc.py
b/frontend/coprs_frontend/coprs/views/misc.py
index 616f4a8..38d0ab5 100644
--- a/frontend/coprs_frontend/coprs/views/misc.py
+++ b/frontend/coprs_frontend/coprs/views/misc.py
@@ -263,8 +263,9 @@ def intranet_required(f):
@functools.wraps(f)
def decorated_function(*args, **kwargs):
ip_addr = IPAddress(flask.request.remote_addr)
- if not any(ip_addr in IPNetwork(addr_or_net)
- for addr_or_net in app.config.get("INTRANET_IPS",
["127.0.0.1",])):
+ accept_ranges = set(app.config.get("INTRANET_IPS", []))
+ accept_ranges.add("127.0.0.1") # always accept from localhost
+ if not any(ip_addr in IPNetwork(addr_or_net) for addr_or_net in accept_ranges):
return ("Stats can be update only from intranet hosts, "
"not {}, check
config\n".format(flask.request.remote_addr)), 403