Files @ 3d7ba590f6f5
Branch filter:

Location: kallithea/docs/make.bat - annotation

3d7ba590f6f5 4.3 KiB application/x-msdos-program Show Source Show as Raw Download as Raw
mads
auth: only use X- headers instead of REMOTE_ADDR if explicitly told so in remote_addr_header

Before, X-Forwarded-For (and others) headers would *always* be trusted blindly,
also in setups without a proxy server. It would thus in some cases be
possible for users to fake their IP, and thus potentially be possible to bypass
IP restrictions configured in Kallithea.

Fixed by making it configurable which WSGI environment variable to use for the
remote address. Users can configure remote_addr_header to for example
HTTP_X_FORWARDED_FOR instead of using the default REMOTE_ADDR.

This change is a bit similar to what is going on in the https_fixup middleware,
but is doing a bit more of what for example is happening in similar code in
werkzeug/middleware/proxy_fix.py .
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
5f481e4e888b
5f481e4e888b
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b
e285bb7abb28
e285bb7abb28
e285bb7abb28
5f481e4e888b
e285bb7abb28
5f481e4e888b
5f481e4e888b
5f481e4e888b

@ECHO OFF

REM Command file for Sphinx documentation

if "%SPHINXBUILD%" == "" (
    set SPHINXBUILD=sphinx-build
)
set BUILDDIR=_build
set ALLSPHINXOPTS=-d %BUILDDIR%/doctrees %SPHINXOPTS% .
if NOT "%PAPER%" == "" (
    set ALLSPHINXOPTS=-D latex_paper_size=%PAPER% %ALLSPHINXOPTS%
)

if "%1" == "" goto help

if "%1" == "help" (
    :help
    echo.Please use `make ^<target^>` where ^<target^> is one of
    echo.  html       to make standalone HTML files
    echo.  dirhtml    to make HTML files named index.html in directories
    echo.  singlehtml to make a single large HTML file
    echo.  pickle     to make pickle files
    echo.  json       to make JSON files
    echo.  htmlhelp   to make HTML files and a HTML help project
    echo.  qthelp     to make HTML files and a qthelp project
    echo.  devhelp    to make HTML files and a Devhelp project
    echo.  epub       to make an epub
    echo.  latex      to make LaTeX files, you can set PAPER=a4 or PAPER=letter
    echo.  text       to make text files
    echo.  man        to make manual pages
    echo.  changes    to make an overview over all changed/added/deprecated items
    echo.  linkcheck  to check all external links for integrity
    echo.  doctest    to run all doctests embedded in the documentation if enabled
    goto end
)

if "%1" == "clean" (
    for /d %%i in (%BUILDDIR%\*) do rmdir /q /s %%i
    del /q /s %BUILDDIR%\*
    goto end
)

if "%1" == "html" (
    %SPHINXBUILD% -b html %ALLSPHINXOPTS% %BUILDDIR%/html
    echo.
    echo.Build finished. The HTML pages are in %BUILDDIR%/html.
    goto end
)

if "%1" == "dirhtml" (
    %SPHINXBUILD% -b dirhtml %ALLSPHINXOPTS% %BUILDDIR%/dirhtml
    echo.
    echo.Build finished. The HTML pages are in %BUILDDIR%/dirhtml.
    goto end
)

if "%1" == "singlehtml" (
    %SPHINXBUILD% -b singlehtml %ALLSPHINXOPTS% %BUILDDIR%/singlehtml
    echo.
    echo.Build finished. The HTML pages are in %BUILDDIR%/singlehtml.
    goto end
)

if "%1" == "pickle" (
    %SPHINXBUILD% -b pickle %ALLSPHINXOPTS% %BUILDDIR%/pickle
    echo.
    echo.Build finished; now you can process the pickle files.
    goto end
)

if "%1" == "json" (
    %SPHINXBUILD% -b json %ALLSPHINXOPTS% %BUILDDIR%/json
    echo.
    echo.Build finished; now you can process the JSON files.
    goto end
)

if "%1" == "htmlhelp" (
    %SPHINXBUILD% -b htmlhelp %ALLSPHINXOPTS% %BUILDDIR%/htmlhelp
    echo.
    echo.Build finished; now you can run HTML Help Workshop with the ^
.hhp project file in %BUILDDIR%/htmlhelp.
    goto end
)

if "%1" == "qthelp" (
    %SPHINXBUILD% -b qthelp %ALLSPHINXOPTS% %BUILDDIR%/qthelp
    echo.
    echo.Build finished; now you can run "qcollectiongenerator" with the ^
.qhcp project file in %BUILDDIR%/qthelp, like this:
    echo.^> qcollectiongenerator %BUILDDIR%\qthelp\Kallithea.qhcp
    echo.To view the help file:
    echo.^> assistant -collectionFile %BUILDDIR%\qthelp\Kallithea.ghc
    goto end
)

if "%1" == "devhelp" (
    %SPHINXBUILD% -b devhelp %ALLSPHINXOPTS% %BUILDDIR%/devhelp
    echo.
    echo.Build finished.
    goto end
)

if "%1" == "epub" (
    %SPHINXBUILD% -b epub %ALLSPHINXOPTS% %BUILDDIR%/epub
    echo.
    echo.Build finished. The epub file is in %BUILDDIR%/epub.
    goto end
)

if "%1" == "latex" (
    %SPHINXBUILD% -b latex %ALLSPHINXOPTS% %BUILDDIR%/latex
    echo.
    echo.Build finished; the LaTeX files are in %BUILDDIR%/latex.
    goto end
)

if "%1" == "text" (
    %SPHINXBUILD% -b text %ALLSPHINXOPTS% %BUILDDIR%/text
    echo.
    echo.Build finished. The text files are in %BUILDDIR%/text.
    goto end
)

if "%1" == "man" (
    %SPHINXBUILD% -b man %ALLSPHINXOPTS% %BUILDDIR%/man
    echo.
    echo.Build finished. The manual pages are in %BUILDDIR%/man.
    goto end
)

if "%1" == "changes" (
    %SPHINXBUILD% -b changes %ALLSPHINXOPTS% %BUILDDIR%/changes
    echo.
    echo.The overview file is in %BUILDDIR%/changes.
    goto end
)

if "%1" == "linkcheck" (
    %SPHINXBUILD% -b linkcheck %ALLSPHINXOPTS% %BUILDDIR%/linkcheck
    echo.
    echo.Link check complete; look for any errors in the above output ^
or in %BUILDDIR%/linkcheck/output.txt.
    goto end
)

if "%1" == "doctest" (
    %SPHINXBUILD% -b doctest %ALLSPHINXOPTS% %BUILDDIR%/doctest
    echo.
    echo.Testing of doctests in the sources finished, look at the ^
results in %BUILDDIR%/doctest/output.txt.
    goto end
)

:end
Server instance: clio-18958 This site is powered by Kallithea 0.7.0, which is © 2010–2025 by various authors & licensed under GPLv3. – Support