Use `hostmatcher` to replace `matchlist`, improve security (#17605)

Use hostmacher to replace matchlist. And we introduce a better DialContext to do a full host/IP check, otherwise the attackers can still bypass the allow/block list by a 302 redirection.
author: wxiaoguang <wxiaoguang@gmail.com> 2021-11-20 17:34:05 +0800
committer: GitHub <noreply@github.com> 2021-11-20 17:34:05 +0800
commit: 013fb73068281b45b33c72abaae0c42c8d79c499 (patch)
tree: 5cb710ea15a6f471648ecf19e2fdfab9804cb084 /services/migrations/gitea_uploader.go
parent: c96be0cd982255f20a3fe6ff4683115b8073e65e (diff)
download: gitea-013fb73068281b45b33c72abaae0c42c8d79c499.tar.gz
gitea-013fb73068281b45b33c72abaae0c42c8d79c499.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/services/migrations/gitea_uploader.go b/services/migrations/gitea_uploader.go
index 2394c63d76..d28c83a64f 100644
--- a/services/migrations/gitea_uploader.go
+++ b/services/migrations/gitea_uploader.go
@@ -125,7 +125,7 @@ func (g *GiteaLocalUploader) CreateRepo(repo *base.Repository, opts base.Migrate
 		Wiki:           opts.Wiki,
 		Releases:       opts.Releases, // if didn't get releases, then sync them from tags
 		MirrorInterval: opts.MirrorInterval,
-	})
+	}, NewMigrationHTTPTransport())
 
 	g.repo = r
 	if err != nil {
author	wxiaoguang <wxiaoguang@gmail.com>	2021-11-20 17:34:05 +0800
committer	GitHub <noreply@github.com>	2021-11-20 17:34:05 +0800
commit	013fb73068281b45b33c72abaae0c42c8d79c499 (patch)
tree	5cb710ea15a6f471648ecf19e2fdfab9804cb084 /services/migrations/gitea_uploader.go
parent	c96be0cd982255f20a3fe6ff4683115b8073e65e (diff)
download	gitea-013fb73068281b45b33c72abaae0c42c8d79c499.tar.gz gitea-013fb73068281b45b33c72abaae0c42c8d79c499.zip