-
-
Notifications
You must be signed in to change notification settings - Fork 64
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ALLOWED_HOSTS hard to configure #371
Comments
What I see for now:
With this source code: https://github.com/niccokunzmann/flask-allowedhosts/tree/main/flask_allowedhosts There are different checks made. This one uses a different host name: I guess behind a proxy server, the hostname is changed and that makes limiting the requests a bit useless as only certain requests come though. @vmario89 What are your thoughts on this? Could you run the hack from #366 on https://open-web-calendar.hosted.quelltext.eu or was this on a self-hosted instance? |
I do not know what is going on but when I (behind a reverse-proxy) set which hosts are allowed, then I see this error message when I access the domain:
The error message claims that I access the service from another hostname but actually this is the only hostname I allow.
For now, this can be seen here: http://test.open-web-calendar.hosted.quelltext.eu/
@vmario89 Do you have any thoughts on this one?
We're using Polar.sh so you can upvote and help fund this issue. We receive the funding once the issue is completed & confirmed by you. Thank you in advance for helping prioritize & fund our work.
The text was updated successfully, but these errors were encountered: