domi/forgejo-domi
1
0
Fork 0
forked from forgejo/forgejo
Code Pull requests Activity

Add tests for the host checking logic, clarify the behaviors (#20328)

Browse source 
Before, the combination of AllowedDomains/BlockedDomains/AllowLocalNetworks is confusing.

This PR adds tests for the logic, clarify the behaviors.
This commit is contained in:
wxiaoguang 2022-07-13 09:07:16 +08:00 committed by GitHub
parent d94f517643
commit f67a1030b3
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 54 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

2
docs/content/doc/advanced/config-cheat-sheet.en-us.md
View file

@ -1083,7 +1083,7 @@ Task queue configuration has been moved to `queue.task`. However, the below conf
- `RETRY_BACKOFF`: **3**: Backoff time per http/https request retry (seconds)
- `ALLOWED_DOMAINS`: **\<empty\>**: Domains allowlist for migrating repositories, default is blank. It means everything will be allowed. Multiple domains could be separated by commas. Wildcard is supported: `github.com, *.github.com`.
- `BLOCKED_DOMAINS`: **\<empty\>**: Domains blocklist for migrating repositories, default is blank. Multiple domains could be separated by commas. When `ALLOWED_DOMAINS` is not blank, this option has a higher priority to deny domains. Wildcard is supported.
- `ALLOW_LOCALNETWORKS`: **false**: Allow private addresses defined by RFC 1918, RFC 1122, RFC 4632 and RFC 4291
- `ALLOW_LOCALNETWORKS`: **false**: Allow private addresses defined by RFC 1918, RFC 1122, RFC 4632 and RFC 4291. If a domain is allowed by `ALLOWED_DOMAINS`, this option will be ignored.
- `SKIP_TLS_VERIFY`: **false**: Allow skip tls verify
## Federation (`federation`)