diff options
author | brian avery <avery.brian@gmail.com> | 2016-11-23 10:55:20 -0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-11-28 14:23:48 +0000 |
commit | ae9b341ecfcc60e970f29cfe04306411ad26c0cf (patch) | |
tree | ada9407cc05c075e2ee30931b4fe420ea868d702 /meta/files/common-licenses/CC-BY-2.0 | |
parent | 3bf928a3b6354bc09c87fcbf9e3972c8d368aaa3 (diff) | |
download | poky-ae9b341ecfcc60e970f29cfe04306411ad26c0cf.tar.gz |
bitbake: bitbake: toaster: settings set ALLOWED_HOSTS to * in debug mode
This is a backport of 7c3a47ed8965c3a3eb90a9a4678d5caedbba6337
>From the commit to master:
As of Django 1.8.16, Django is rejecting any HTTP_HOST header that is
not on the ALLOWED_HOST list. We often need to reference the toaster
server via a fqdn, if we start it via webport=0.0.0.0:8000 for instance,
and are hitting the server from a laptop. This change does reduce the
protection from a DNS rebinding attack, however, if you are running the
toaster server outside a protected network, you should be using the
production instance.
[YOCTO #10586]
(Bitbake rev: 449dc9b955dfbe048e380f5ab9fd61c3d1489dad)
Signed-off-by: brian avery <brian.avery@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/files/common-licenses/CC-BY-2.0')
0 files changed, 0 insertions, 0 deletions