Remove ui_server allowed http host learning
This commit is contained in:
parent
5c57cd6541
commit
bd649cfb33
2 changed files with 0 additions and 9 deletions
|
@ -72,12 +72,6 @@ class UiRequest(object):
|
|||
else:
|
||||
return False
|
||||
|
||||
if self.server.learn_allowed_host:
|
||||
# Learn the first request's host as allowed one
|
||||
self.server.learn_allowed_host = False
|
||||
self.learnHost(host)
|
||||
return True
|
||||
|
||||
return False
|
||||
|
||||
# Call the request handler function base on path
|
||||
|
|
|
@ -60,7 +60,6 @@ class UiServer:
|
|||
self.ip = "0.0.0.0" # Bind all
|
||||
if config.ui_host:
|
||||
self.allowed_hosts = set(config.ui_host)
|
||||
self.learn_allowed_host = False
|
||||
elif config.ui_ip == "127.0.0.1":
|
||||
# IP Addresses are inherently allowed as they are immune to DNS
|
||||
# rebinding attacks.
|
||||
|
@ -73,10 +72,8 @@ class UiServer:
|
|||
# use.
|
||||
if config.ui_port == 80:
|
||||
self.allowed_hosts.update(["localhost"])
|
||||
self.learn_allowed_host = False
|
||||
else:
|
||||
self.allowed_hosts = set([])
|
||||
self.learn_allowed_host = True # It will pin to the first http request's host
|
||||
self.allow_trans_proxy = config.ui_trans_proxy
|
||||
|
||||
self.wrapper_nonces = []
|
||||
|
|
Loading…
Reference in a new issue