Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Increase exclusion list. #3

Merged
merged 5 commits into from
Nov 16, 2017
Merged

Increase exclusion list. #3

merged 5 commits into from
Nov 16, 2017

Conversation

EdOverflow
Copy link
Contributor

Since you are using a blacklist approach, let's make absolutely sure no address can bypass it.

@EdOverflow EdOverflow mentioned this pull request Nov 9, 2017
Closed
reedloden
reedloden suggested changes Nov 11, 2017
View reviewed changes
lib/private_address_check.rb Outdated
@@ -6,21 +6,37 @@
module PrivateAddressCheck
module_function

module PrivateAddressCheck
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Incorrectly added?

lib/private_address_check.rb Outdated
CIDR_LIST = [
# Loopback
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please keep comments and segment each addition into specific sections under a comment that explains what it is.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@reedloden I plan on adding comments in just a bit. On top of that, this PR doesn't even include tests so it isn't ready for merging quite yet.

@reedloden
Copy link

Thoughts, @jtdowney?

@jtdowney
Copy link
Owner

Sorry for the delay, for some reason I wasn't getting any notifications from GitHub for this repo. I think this looks good. My only feedback is that the quotes are inconsistent. The rest of the gem uses double quotes so it would be good to do that here.

@EdOverflow
Copy link
Contributor Author

@jtdowney That should be fixed now.

@jtdowney
Copy link
Owner

Thanks!

@jtdowney jtdowney merged commit 516ab85 into jtdowney:master Nov 16, 2017
@reedloden
Copy link

This is CVE-2017-0909.

RubenVerborgh added a commit to nodeSolidServer/node-solid-server that referenced this pull request Sep 30, 2018
@RubenVerborgh
Extend list of reserved IP addresses.
a3fdde2 
Taken from jtdowney/private_address_check#3
dmitrizagidulin pushed a commit to interop-alliance/life-server that referenced this pull request Oct 1, 2018
@RubenVerborgh @dmitrizagidulin
Extend list of reserved IP addresses.
e31231e 
Taken from jtdowney/private_address_check#3
@os6sense os6sense mentioned this pull request Jul 28, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@reedloden reedloden reedloden requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@EdOverflow @reedloden @jtdowney