From 599ff1c054e436daa4dc3f049aa8661d9c2395f9 Mon Sep 17 00:00:00 2001 From: wxiaoguang Date: Mon, 1 Nov 2021 16:39:52 +0800 Subject: Only allow webhook to send requests to allowed hosts (#17482) --- modules/util/net.go | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 modules/util/net.go (limited to 'modules/util/net.go') diff --git a/modules/util/net.go b/modules/util/net.go new file mode 100644 index 0000000000..54c0a2ca39 --- /dev/null +++ b/modules/util/net.go @@ -0,0 +1,19 @@ +// Copyright 2021 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package util + +import ( + "net" +) + +// IsIPPrivate for net.IP.IsPrivate. TODO: replace with `ip.IsPrivate()` if min go version is bumped to 1.17 +func IsIPPrivate(ip net.IP) bool { + if ip4 := ip.To4(); ip4 != nil { + return ip4[0] == 10 || + (ip4[0] == 172 && ip4[1]&0xf0 == 16) || + (ip4[0] == 192 && ip4[1] == 168) + } + return len(ip) == net.IPv6len && ip[0]&0xfe == 0xfc +} -- cgit v1.2.3