From d60290044ed3f6f5cb84e1dafd317250d5c97d92 Mon Sep 17 00:00:00 2001 From: ThibG Date: Sat, 26 Sep 2020 20:57:39 +0200 Subject: Add environment variable to allow requests to some private addresses (#14722) --- app/lib/request.rb | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'app/lib') diff --git a/app/lib/request.rb b/app/lib/request.rb index 89fbeaf95..38048dad7 100644 --- a/app/lib/request.rb +++ b/app/lib/request.rb @@ -253,7 +253,15 @@ class Request alias new open def check_private_address(address) - raise Mastodon::HostValidationError if PrivateAddressCheck.private_address?(IPAddr.new(address.to_s)) + addr = IPAddr.new(address.to_s) + return if private_address_exceptions.any? { |range| range.include?(addr) } + raise Mastodon::HostValidationError if PrivateAddressCheck.private_address?(addr) + end + + def private_address_exceptions + @private_address_exceptions = begin + (ENV['ALLOWED_PRIVATE_ADDRESSES'] || '').split(',').map { |addr| IPAddr.new(addr) } + end end end end -- cgit