summaryrefslogtreecommitdiffstats
path: root/meta/COPYING.GPLv2
diff options
context:
space:
mode:
authorbrian avery <brian.avery@intel.com>2016-11-04 12:27:06 +0000
committerRichard Purdie <richard.purdie@linuxfoundation.org>2016-11-16 11:38:51 +0000
commit73454473d7c286c41ee697f74052fed03c79f9f5 (patch)
tree8a761b77b018dc4b9dc220c84a2038010484a495 /meta/COPYING.GPLv2
parentee6fb7521b0182ba8981eee72e1e295a099f3a48 (diff)
downloadpoky-73454473d7c286c41ee697f74052fed03c79f9f5.tar.gz
bitbake: toaster: settings set ALLOWED_HOSTS to * in debug mode
As of Django 1.8.16, Django is rejecting any HTTP_HOST header that is not on the ALLOWED_HOST list. We often need to reference the toaster server via a fqdn, if we start it via webport=0.0.0.0:8000 for instance, and are hitting the server from a laptop. This change does reduce the protection from a DNS rebinding attack, however, if you are running the toaster server outside a protected network, you should be using the production instance. [YOCTO #10578] (Bitbake rev: 59a3f391ac5ac194f30d11a39676356464269d55) Signed-off-by: brian avery <brian.avery@intel.com> Signed-off-by: Michael Wood <michael.g.wood@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/COPYING.GPLv2')
0 files changed, 0 insertions, 0 deletions