bitbake: toaster: settings set ALLOWED_HOSTS to * in debug mode - linux/poky.git

diff options

author	brian avery <brian.avery@intel.com>	2016-11-04 12:27:06 +0000
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2016-11-16 11:38:44 +0000
commit	7c3a47ed8965c3a3eb90a9a4678d5caedbba6337 (patch)
tree	25f083b427d03552463323ab3897f095c2d8dec7 /meta/classes/own-mirrors.bbclass
parent	6ce2cdcc936fba7da506405c0fc3d1ca6e00daa7 (diff)
download	poky-7c3a47ed8965c3a3eb90a9a4678d5caedbba6337.tar.gz

bitbake: toaster: settings set ALLOWED_HOSTS to * in debug mode

As of Django 1.8.16, Django is rejecting any HTTP_HOST header that is not on the ALLOWED_HOST list. We often need to reference the toaster server via a fqdn, if we start it via webport=0.0.0.0:8000 for instance, and are hitting the server from a laptop. This change does reduce the protection from a DNS rebinding attack, however, if you are running the toaster server outside a protected network, you should be using the production instance. [YOCTO #10578] (Bitbake rev: 7f51149453c96a3f1da64ea85306518fd2b65f21) Signed-off-by: brian avery <brian.avery@intel.com> Signed-off-by: Michael Wood <michael.g.wood@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/classes/own-mirrors.bbclass')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: