diff options
| author | Thibaut Girka <thib@sitedethib.com> | 2020-09-28 14:13:30 +0200 |
|---|---|---|
| committer | Thibaut Girka <thib@sitedethib.com> | 2020-09-28 14:13:30 +0200 |
| commit | a7aedebc310ad7d387c508f7b0198a567a408fe6 (patch) | |
| tree | 53fe5fd79302e796ced8000904e46edd84dc1319 /app/lib/request.rb | |
| parent | 787d5d728923393f12421a480b3c7aee789a11fe (diff) | |
| parent | d88a79b4566869ede24958fbff946e357bbb3cb9 (diff) | |
Merge branch 'master' into glitch-soc/merge-upstream
Conflicts: - `Gemfile.lock`: Not a real conflict, upstream updated dependencies that were too close to glitch-soc-only ones in the file. - `app/controllers/oauth/authorized_applications_controller.rb`: Upstream changed the logic surrounding suspended accounts. Minor conflict due to glitch-soc's theming system. Ported upstream changes. - `app/controllers/settings/base_controller.rb`: Upstream refactored and changed the logic surrounding suspended accounts. Minor conflict due to glitch-soc's theming system. Ported upstream changes. - `app/controllers/settings/sessions_controller.rb`: Upstream refactored and changed the logic surrounding suspended accounts. Minor conflict due to glitch-soc's theming system. Ported upstream changes. - `app/models/user.rb`: Upstream refactored and changed the logic surrounding suspended accounts. Minor conflict due to glitch-soc not preventing moved accounts from logging in. Ported upstream changes while keeping the ability for moved accounts to log in. - `app/policies/status_policy.rb`: Upstream refactored and changed the logic surrounding suspended accounts. Minor conflict due to glitch-soc's local-only toots. Ported upstream changes. - `app/serializers/rest/account_serializer.rb`: Upstream refactored and changed the logic surrounding suspended accounts. Minor conflict due to glitch-soc's ability to hide followers count. Ported upstream changes. - `app/services/process_mentions_service.rb`: Upstream refactored and changed the logic surrounding suspended accounts. Minor conflict due to glitch-soc's local-only toots. Ported upstream changes. - `package.json`: Not a real conflict, upstream updated dependencies that were too close to glitch-soc-only ones in the file.
Diffstat (limited to 'app/lib/request.rb')
| -rw-r--r-- | app/lib/request.rb | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/app/lib/request.rb b/app/lib/request.rb index 89fbeaf95..38048dad7 100644 --- a/app/lib/request.rb +++ b/app/lib/request.rb @@ -253,7 +253,15 @@ class Request alias new open def check_private_address(address) - raise Mastodon::HostValidationError if PrivateAddressCheck.private_address?(IPAddr.new(address.to_s)) + addr = IPAddr.new(address.to_s) + return if private_address_exceptions.any? { |range| range.include?(addr) } + raise Mastodon::HostValidationError if PrivateAddressCheck.private_address?(addr) + end + + def private_address_exceptions + @private_address_exceptions = begin + (ENV['ALLOWED_PRIVATE_ADDRESSES'] || '').split(',').map { |addr| IPAddr.new(addr) } + end end end end |