Revision 414022fd
Added by Ohad Levy over 12 years ago
- ID 414022fde0e9222e70a32cd7b0eba3cdd2dec95f
| bin/smart-proxy | ||
|---|---|---|
|
before do
|
||
|
# If we are using certificates and we reach here then the peer is verified and cannot be spoofed. ALWAYS use certificates OR ELSE!!!
|
||
|
# If we are not using certificates then the hostname can be spoofed but this will still keep out most casual mischief.
|
||
|
if !SETTINGS.trusted_hosts.empty? and !SETTINGS.trusted_hosts.include?(request.env["REMOTE_HOST"].downcase)
|
||
|
if (SETTINGS.trusted_hosts and !SETTINGS.trusted_hosts.empty?) and
|
||
|
!SETTINGS.trusted_hosts.include?(request.env["REMOTE_HOST"].downcase)
|
||
|
log_halt 403, "Untrusted client #{request.env["REMOTE_HOST"].downcase} attempted to access #{request.path_info}. Check :trusted_hosts: in settings.yml"
|
||
|
end
|
||
|
end
|
||
Also available in: Unified diff
refs #1022, fixes wrong condition if there is no entry in the settings file