diff options
| author | Chris <ccbrown112@gmail.com> | 2017-08-09 15:49:07 -0500 |
|---|---|---|
| committer | Christopher Speller <crspeller@gmail.com> | 2017-08-09 13:49:07 -0700 |
| commit | ffbf8e51fe0b80b39fa76535f96c9179b2fcc0a1 (patch) | |
| tree | 5f29ad6b3ae1c26a05a827406e9fe8c0385d26d6 /api4 | |
| parent | 504582b824d07946c7fb43eb2a8f0aadb15a3677 (diff) | |
| download | chat-ffbf8e51fe0b80b39fa76535f96c9179b2fcc0a1.tar.gz chat-ffbf8e51fe0b80b39fa76535f96c9179b2fcc0a1.tar.bz2 chat-ffbf8e51fe0b80b39fa76535f96c9179b2fcc0a1.zip | |
PLT-6358: Server HTTP client improvements (#6980)
* restrict untrusted, internal http connections by default
* command test fix
* more test fixes
* change setting from toggle to whitelist
* requested ui changes
* add isdefault diagnostic
* fix tests
Diffstat (limited to 'api4')
| -rw-r--r-- | api4/command_test.go | 3 | ||||
| -rw-r--r-- | api4/openGraph_test.go | 3 | ||||
| -rw-r--r-- | api4/post_test.go | 3 |
3 files changed, 9 insertions, 0 deletions
diff --git a/api4/command_test.go b/api4/command_test.go index 467d45955..b0d5f4baa 100644 --- a/api4/command_test.go +++ b/api4/command_test.go @@ -388,10 +388,13 @@ func TestExecuteCommand(t *testing.T) { channel := th.BasicChannel enableCommands := *utils.Cfg.ServiceSettings.EnableCommands + allowedInternalConnections := *utils.Cfg.ServiceSettings.AllowedUntrustedInternalConnections defer func() { utils.Cfg.ServiceSettings.EnableCommands = &enableCommands + utils.Cfg.ServiceSettings.AllowedUntrustedInternalConnections = &allowedInternalConnections }() *utils.Cfg.ServiceSettings.EnableCommands = true + *utils.Cfg.ServiceSettings.AllowedUntrustedInternalConnections = "localhost" postCmd := &model.Command{ CreatorId: th.BasicUser.Id, diff --git a/api4/openGraph_test.go b/api4/openGraph_test.go index 958abf604..df1af66fc 100644 --- a/api4/openGraph_test.go +++ b/api4/openGraph_test.go @@ -19,10 +19,13 @@ func TestGetOpenGraphMetadata(t *testing.T) { Client := th.Client enableLinkPreviews := *utils.Cfg.ServiceSettings.EnableLinkPreviews + allowedInternalConnections := *utils.Cfg.ServiceSettings.AllowedUntrustedInternalConnections defer func() { *utils.Cfg.ServiceSettings.EnableLinkPreviews = enableLinkPreviews + utils.Cfg.ServiceSettings.AllowedUntrustedInternalConnections = &allowedInternalConnections }() *utils.Cfg.ServiceSettings.EnableLinkPreviews = true + *utils.Cfg.ServiceSettings.AllowedUntrustedInternalConnections = "localhost 127.0.0.1" ogDataCacheMissCount := 0 diff --git a/api4/post_test.go b/api4/post_test.go index f136ba676..b7ed06bd4 100644 --- a/api4/post_test.go +++ b/api4/post_test.go @@ -119,14 +119,17 @@ func testCreatePostWithOutgoingHook( enableOutgoingHooks := utils.Cfg.ServiceSettings.EnableOutgoingWebhooks enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations + allowedInternalConnections := *utils.Cfg.ServiceSettings.AllowedUntrustedInternalConnections defer func() { utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = enableOutgoingHooks utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks utils.SetDefaultRolesBasedOnConfig() + utils.Cfg.ServiceSettings.AllowedUntrustedInternalConnections = &allowedInternalConnections }() utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = true *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true utils.SetDefaultRolesBasedOnConfig() + *utils.Cfg.ServiceSettings.AllowedUntrustedInternalConnections = "localhost 127.0.0.1" var hook *model.OutgoingWebhook var post *model.Post |