7c3a47ed89
As of Django 1.8.16, Django is rejecting any HTTP_HOST header that is not on the ALLOWED_HOST list. We often need to reference the toaster server via a fqdn, if we start it via webport=0.0.0.0:8000 for instance, and are hitting the server from a laptop. This change does reduce the protection from a DNS rebinding attack, however, if you are running the toaster server outside a protected network, you should be using the production instance. [YOCTO #10578] (Bitbake rev: 7f51149453c96a3f1da64ea85306518fd2b65f21) Signed-off-by: brian avery <brian.avery@intel.com> Signed-off-by: Michael Wood <michael.g.wood@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> |
||
---|---|---|
.. | ||
bldcollector | ||
bldcontrol | ||
orm | ||
tests | ||
toastergui | ||
toastermain | ||
__init__.py | ||
manage.py |