Accueil Explorer Aide
Connexion
LBP
/
FressRSS
miroir de https://github.com/FreshRSS/FreshRSS.git
4
0
Fork 0
Fichiers Tickets 0 Wiki
Parcourir la source

Better test if server has public address (#2010)

* Better test if server has public address

* Wrong trailing slash in documentation
Alexandre Alapetite il y a 7 ans
Parent
c65f535890
commit
aafb1cd0e4
3 fichiers modifiés avec 11 ajouts et 6 suppressions
Vue séparée Afficher les stats Diff
  1. 1 1
      cli/README.md
  2. 1 1
      cli/do-install.php
  3. 9 4
      lib/lib_rss.php

+ 1 - 1
cli/README.md
Voir le fichier 

@@ -35,7 +35,7 @@ cd /usr/share/FreshRSS
 
 ./cli/prepare.php
 
 # Ensure the needed directories in ./data/
 
 
-./cli/do-install.php --default_user admin ( --auth_type form --environment production --base_url https://rss.example.net/ --language en --title FreshRSS --allow_anonymous --api_enabled --db-type mysql --db-host localhost:3306 --db-user freshrss --db-password dbPassword123 --db-base freshrss --db-prefix freshrss )
 
+./cli/do-install.php --default_user admin ( --auth_type form --environment production --base_url https://rss.example.net --language en --title FreshRSS --allow_anonymous --api_enabled --db-type mysql --db-host localhost:3306 --db-user freshrss --db-password dbPassword123 --db-base freshrss --db-prefix freshrss )
 
 # --auth_type can be: 'form' (default), 'http_auth' (using the Web server access control), 'none' (dangerous)
 
 # --db-type can be: 'sqlite' (default), 'mysql' (MySQL or MariaDB), 'pgsql' (PostgreSQL)
 
 # --base_url should be a public (routable) URL if possible, and is used for push (PubSubHubbub), for some API functions (e.g. favicons), and external URLs in FreshRSS.

+ 1 - 1
cli/do-install.php
Voir le fichier 

@@ -33,7 +33,7 @@ $options = getopt('', array_merge($params, $dBparams));
 
 
 if (empty($options['default_user'])) {
 
 	fail('Usage: ' . basename(__FILE__) . " --default_user admin ( --auth_type form" .
 
-		" --environment production --base_url https://rss.example.net/" .
 
+		" --environment production --base_url https://rss.example.net" .
 
 		" --language en --title FreshRSS --allow_anonymous --api_enabled" .
 
 		" --db-type mysql --db-host localhost:3306 --db-user freshrss --db-password dbPassword123" .
 
 		" --db-base freshrss --db-prefix freshrss_ --disable_update )");

+ 9 - 4
lib/lib_rss.php
Voir le fichier 

@@ -109,24 +109,29 @@ function safe_ascii($text) {
 
  * localhost address.
 
  *
 
  * @param $address the address to test, can be an IP or a URL.
 
- * @return true if server is accessible, false else.
 
+ * @return true if server is accessible, false otherwise.
 
  * @todo improve test with a more valid technique (e.g. test with an external server?)
 
  */
 
 function server_is_public($address) {
 
 	$host = parse_url($address, PHP_URL_HOST);
 
 
 	$is_public = !in_array($host, array(
 
-		'127.0.0.1',
 
 		'localhost',
 
 		'localhost.localdomain',
 
 		'[::1]',
 
+		'ip6-localhost',
 
 		'localhost6',
 
 		'localhost6.localdomain6',
 
 	));
 
 
-	return $is_public;
 
-}
 
+	if ($is_public) {
 
+		$ip = gethostbyname($host);
 
+		$is_public &= !preg_match('/^(10|127|172[.]16|192[.]168)[.]/', $ip);
 
+		$is_public &= !preg_match('/^(\[)?(::1$|fc00::|fe80::)/i', $ip);
 
+	}
 
 
+	return (bool)$is_public;
 
+}
 
 
 function format_number($n, $precision = 0) {
 
 	// number_format does not seem to be Unicode-compatible