From ffbf8e51fe0b80b39fa76535f96c9179b2fcc0a1 Mon Sep 17 00:00:00 2001 From: Chris Date: Wed, 9 Aug 2017 15:49:07 -0500 Subject: PLT-6358: Server HTTP client improvements (#6980) * restrict untrusted, internal http connections by default * command test fix * more test fixes * change setting from toggle to whitelist * requested ui changes * add isdefault diagnostic * fix tests --- api4/command_test.go | 3 +++ api4/openGraph_test.go | 3 +++ api4/post_test.go | 3 +++ 3 files changed, 9 insertions(+) (limited to 'api4') diff --git a/api4/command_test.go b/api4/command_test.go index 467d45955..b0d5f4baa 100644 --- a/api4/command_test.go +++ b/api4/command_test.go @@ -388,10 +388,13 @@ func TestExecuteCommand(t *testing.T) { channel := th.BasicChannel enableCommands := *utils.Cfg.ServiceSettings.EnableCommands + allowedInternalConnections := *utils.Cfg.ServiceSettings.AllowedUntrustedInternalConnections defer func() { utils.Cfg.ServiceSettings.EnableCommands = &enableCommands + utils.Cfg.ServiceSettings.AllowedUntrustedInternalConnections = &allowedInternalConnections }() *utils.Cfg.ServiceSettings.EnableCommands = true + *utils.Cfg.ServiceSettings.AllowedUntrustedInternalConnections = "localhost" postCmd := &model.Command{ CreatorId: th.BasicUser.Id, diff --git a/api4/openGraph_test.go b/api4/openGraph_test.go index 958abf604..df1af66fc 100644 --- a/api4/openGraph_test.go +++ b/api4/openGraph_test.go @@ -19,10 +19,13 @@ func TestGetOpenGraphMetadata(t *testing.T) { Client := th.Client enableLinkPreviews := *utils.Cfg.ServiceSettings.EnableLinkPreviews + allowedInternalConnections := *utils.Cfg.ServiceSettings.AllowedUntrustedInternalConnections defer func() { *utils.Cfg.ServiceSettings.EnableLinkPreviews = enableLinkPreviews + utils.Cfg.ServiceSettings.AllowedUntrustedInternalConnections = &allowedInternalConnections }() *utils.Cfg.ServiceSettings.EnableLinkPreviews = true + *utils.Cfg.ServiceSettings.AllowedUntrustedInternalConnections = "localhost 127.0.0.1" ogDataCacheMissCount := 0 diff --git a/api4/post_test.go b/api4/post_test.go index f136ba676..b7ed06bd4 100644 --- a/api4/post_test.go +++ b/api4/post_test.go @@ -119,14 +119,17 @@ func testCreatePostWithOutgoingHook( enableOutgoingHooks := utils.Cfg.ServiceSettings.EnableOutgoingWebhooks enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations + allowedInternalConnections := *utils.Cfg.ServiceSettings.AllowedUntrustedInternalConnections defer func() { utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = enableOutgoingHooks utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks utils.SetDefaultRolesBasedOnConfig() + utils.Cfg.ServiceSettings.AllowedUntrustedInternalConnections = &allowedInternalConnections }() utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = true *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true utils.SetDefaultRolesBasedOnConfig() + *utils.Cfg.ServiceSettings.AllowedUntrustedInternalConnections = "localhost 127.0.0.1" var hook *model.OutgoingWebhook var post *model.Post -- cgit v1.2.3-1-g7c22