mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions
git-annex/Types
History
Joey Hess b54b2cdc0e
 prevent http connections to localhost and private ips by default 
Security fix!

* git-annex will refuse to download content from http servers on
  localhost, or any private IP addresses, to prevent accidental
  exposure of internal data. This can be overridden with the
  annex.security.allowed-http-addresses setting.
* Since curl's interface does not have a way to prevent it from accessing
  localhost or private IP addresses, curl defaults to not being used
  for url downloads, even if annex.web-options enabled it before.
  Only when annex.security.allowed-http-addresses=all will curl be used.

Since S3 and WebDav use the Manager, the same policies apply to them too.

youtube-dl is not handled yet, and a http proxy configuration can bypass
these checks too. Those cases are still TBD.

This commit was sponsored by Jeff Goeke-Smith on Patreon.
2018-06-17 13:30:28 -04:00
..
ActionItem.hs better dup key with -J fix 2017-10-17 18:48:53 -04:00
Availability.hs update my email address and homepage url 2015-01-21 12:50:09 -04:00
Backend.hs add KeyVariety type 2017-02-24 15:16:56 -04:00
BranchState.hs update my email address and homepage url 2015-01-21 12:50:09 -04:00
CleanupActions.hs update my email address and homepage url 2015-01-21 12:50:09 -04:00
Command.hs Make --json and --quiet suppress automatic init messages 2016-09-05 15:34:38 -04:00
Concurrency.hs disentangle concurrency and message type 2016-09-09 12:57:42 -04:00
Creds.hs Added git-remote-tor-annex, which allows git pull and push to the tor hidden service. 2016-11-21 17:27:38 -04:00
Crypto.hs Added new encryption=sharedpubkey mode for special remotes. 2016-05-10 16:50:31 -04:00
DeferredParse.hs fix build warnings under ghc 7.10 2015-12-19 17:42:45 -04:00
DesktopNotify.hs Fix build with ghc 8.4+, which broke due to the Semigroup Monoid change 2018-05-30 12:28:43 -04:00
Difference.hs Fix build with ghc 8.4+, which broke due to the Semigroup Monoid change 2018-05-30 12:28:43 -04:00
Distribution.hs adeiu, MissingH 2017-05-16 01:03:52 -04:00
Export.hs add ExportTree table to export db 2017-09-18 13:59:59 -04:00
FileMatcher.hs matchexpression: Added --largefiles option to parse an annex.largefiles expression. 2016-02-03 16:58:36 -04:00
GitConfig.hs prevent http connections to localhost and private ips by default 2018-06-17 13:30:28 -04:00
Group.hs update my email address and homepage url 2015-01-21 12:50:09 -04:00
Key.hs fix build with cryptonite-0.20 2018-03-15 11:16:00 -04:00
KeySource.hs refactoring 2015-12-22 13:42:58 -04:00
LockCache.hs convert from Utility.LockPool to Annex.LockPool everywhere 2015-11-12 18:13:37 -04:00
Messages.hs Fix mangling of --json output of utf-8 characters when not running in a utf-8 locale 2018-04-16 16:21:21 -04:00
MetaData.hs avoid insertWith' depreaction warning 2018-04-22 13:28:31 -04:00
NumCopies.hs Get rid of unnecessary Monad constraint 2016-01-28 12:34:07 -04:00
RefSpec.hs Some optimisations to string splitting code. 2017-01-31 19:06:22 -04:00
Remote.hs change Remote.repo to Remote.getRepo 2018-06-04 15:30:26 -04:00
ScheduledActivity.hs update my email address and homepage url 2015-01-21 12:50:09 -04:00
StandardGroups.hs adjust standard preferred content to work better with git annex sync --all --content 2015-06-16 17:18:53 -04:00
StoreRetrieve.hs remove 163 lines of code without changing anything except imports 2016-01-20 16:36:33 -04:00
Test.hs Fix build with ghc 8.4+, which broke due to the Semigroup Monoid change 2018-05-30 12:28:43 -04:00
Transfer.hs reorg 2017-12-14 11:26:59 -04:00
TrustLevel.hs finish fixing inverted Ord for TrustLevel 2018-04-13 15:17:54 -04:00
UrlContents.hs update my email address and homepage url 2015-01-21 12:50:09 -04:00
UUID.hs implementation of peer-to-peer protocol 2016-11-17 18:30:50 -04:00
View.hs remove 163 lines of code without changing anything except imports 2016-01-20 16:36:33 -04:00