diff options
| author | wxiaoguang <wxiaoguang@gmail.com> | 2021-11-01 16:39:52 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-11-01 16:39:52 +0800 |
| commit | 599ff1c054e436daa4dc3f049aa8661d9c2395f9 (patch) | |
| tree | 800983fd2e9d9de3dd1977738d18b64df34dd9ea /custom | |
| parent | 4e8a81780ed4ff0423e3a2ac7f75265e362ca46d (diff) | |
| download | gitea-599ff1c054e436daa4dc3f049aa8661d9c2395f9.tar.gz gitea-599ff1c054e436daa4dc3f049aa8661d9c2395f9.zip | |
Only allow webhook to send requests to allowed hosts (#17482)
Diffstat (limited to 'custom')
| -rw-r--r-- | custom/conf/app.example.ini | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini index 1753ed2330..eadc1c0d96 100644 --- a/custom/conf/app.example.ini +++ b/custom/conf/app.example.ini @@ -1396,6 +1396,12 @@ PATH = ;; Deliver timeout in seconds ;DELIVER_TIMEOUT = 5 ;; +;; Webhook can only call allowed hosts for security reasons. Comma separated list, eg: external, 192.168.1.0/24, *.mydomain.com +;; Built-in: loopback (for localhost), private (for LAN/intranet), external (for public hosts on internet), * (for all hosts) +;; CIDR list: 1.2.3.0/8, 2001:db8::/32 +;; Wildcard hosts: *.mydomain.com, 192.168.100.* +;ALLOWED_HOST_LIST = external +;; ;; Allow insecure certification ;SKIP_TLS_VERIFY = false ;; |