ws: Conditionally block channel requests to remote hosts #21003
Conversation
|
From a quick look this looks correct, but we probably want to have a test for this? Do we also show a proper error then if a user navigates to an old bookmark? The only question I have about the code is, what is filled in |
Good point, I didn't consider checksums urls... I'll check. (In practice, checksums are only known the the shell once a manifest has been loaded from a host, but this is of course about closing all the doors and not rely on what the shell is doing.) |
Yeah, via curl.
They get redirected by the shell. This change here should have no effect with our current shell. It should never construct URLs for remote hosts when AllowMultiHost is false. But the shell is a lot of code, and there might be bugs, so we should also block the requests we don't want to happen in cockpit-ws. |
They are handled by |
mvollmer
force-pushed
the
ws-enforce-no-multi-host
branch
from
eed5f67
to
75c332c
Compare
Done. |
mvollmer
force-pushed
the
ws-enforce-no-multi-host
branch
from
75c332c
to
0c64a1e
Compare
When AllowMultiHost is false, cockpit-ws will reject all GET requests that would load from a non-localhost bridge.
mvollmer
force-pushed
the
ws-enforce-no-multi-host
branch
from
0c64a1e
to
fc9a506
Compare
| self.enable_multihost(m) | ||
| self.setup_ssh_auth() |
There was a problem hiding this comment.
Both of these are already done in setUp(). Should hopefully not hurt, though.
There was a problem hiding this comment.
Hmm, setup_ssh_auth was necessary, for some reason.
|
testUrlRoot is unhappy 😢 |
When AllowMultiHost is false, cockpit-ws will reject all GET requests that would load from a non-localhost bridge.