aboutsummaryrefslogtreecommitdiff
path: root/app/lib/request.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/lib/request.rb')
-rw-r--r--app/lib/request.rb12
1 files changed, 10 insertions, 2 deletions
diff --git a/app/lib/request.rb b/app/lib/request.rb
index bcba1eebf..38048dad7 100644
--- a/app/lib/request.rb
+++ b/app/lib/request.rb
@@ -114,7 +114,7 @@ class Request
def signature
algorithm = 'rsa-sha256'
- signature = Base64.strict_encode64(@keypair.sign(OpenSSL::Digest::SHA256.new, signed_string))
+ signature = Base64.strict_encode64(@keypair.sign(OpenSSL::Digest.new('SHA256'), signed_string))
"keyId=\"#{key_id}\",algorithm=\"#{algorithm}\",headers=\"#{signed_headers.keys.join(' ').downcase}\",signature=\"#{signature}\""
end
@@ -253,7 +253,15 @@ class Request
alias new open
def check_private_address(address)
- raise Mastodon::HostValidationError if PrivateAddressCheck.private_address?(IPAddr.new(address.to_s))
+ addr = IPAddr.new(address.to_s)
+ return if private_address_exceptions.any? { |range| range.include?(addr) }
+ raise Mastodon::HostValidationError if PrivateAddressCheck.private_address?(addr)
+ end
+
+ def private_address_exceptions
+ @private_address_exceptions = begin
+ (ENV['ALLOWED_PRIVATE_ADDRESSES'] || '').split(',').map { |addr| IPAddr.new(addr) }
+ end
end
end
end
generated by cgit v1.2.3-70-g09d2 (git 2.50.0) at 2025-08-07 12:00:38 +0000