Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add more safe META constants to expose those to custom scripts #13542

Closed
carsten-AEI opened this issue Aug 24, 2023 · 0 comments · Fixed by #13549
Closed

Add more safe META constants to expose those to custom scripts #13542

carsten-AEI opened this issue Aug 24, 2023 · 0 comments · Fixed by #13549
Assignees
@abhi1693
Labels
status: accepted This issue has been accepted for implementation type: feature Introduction of new functionality to the application

Comments

@carsten-AEI
Copy link

NetBox version

v3.5.8

Feature type

Change to existing functionality

Proposed functionality

Add HTTP_X_FORWARDED_HOST, HTTP_X_FORWARDED_PROTO and HTTP_X_REAL_IP to HTTP_REQUEST_META_SAFE_COPY allow custom scripts access to.these.

Use case

I was running a simple custom script but needed to rely on HTTP_REFERER to infer how the script was being called to generate valid links in the response of the script. @candlerb meant in #13527 that he would not recommend it.

Long story short, after some debugging it seems best to add HTTP_X_FORWARDED_HOST, HTTP_X_FORWARDED_PROTO and HTTP_X_REAL_IP to HTTP_REQUEST_META_SAFE_COPY to allow custom scripts to use those as well.

Without this, HTTP_HOST would only show the address gunicorn was listening to.

Database changes

./.

External dependencies

./.
@carsten-AEI carsten-AEI added the type: feature Introduction of new functionality to the application label Aug 24, 2023
@abhi1693 abhi1693 self-assigned this Aug 24, 2023
@abhi1693 abhi1693 added the status: accepted This issue has been accepted for implementation label Aug 24, 2023
abhi1693 added a commit that referenced this issue Aug 24, 2023
@abhi1693
adds additional safe HTTP headers to request #13542
ce77581
@abhi1693 abhi1693 mentioned this issue Aug 24, 2023
Merged
jeremystretch pushed a commit that referenced this issue Aug 24, 2023
@abhi1693 @jeremystretch
adds additional safe HTTP headers to request #13542
1f1d1ee
jeremystretch added a commit that referenced this issue Aug 28, 2023
@jeremystretch
Changelog for #12825, #13313, #13415, #13507, #13542, #13543, #13544, #…
d9c3ce9 
…13556
@jeremystretch jeremystretch mentioned this issue Aug 28, 2023
Merged
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 23, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@abhi1693 abhi1693

Labels
status: accepted This issue has been accepted for implementation type: feature Introduction of new functionality to the application
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Adds additional safe HTTP headers to request netbox-community/netbox
2 participants
@abhi1693 @carsten-AEI