1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-20 04:20:55 +01:00
No description
Find a file
epriestley 1c32c9b965 Improve granluarity and defaults of security.allow-outbound-http
Summary:
Ref T6755. This is a partial fix, but:

  - Allow netblocks to be blacklisted instead of making the feature all-or-nothing.
  - Default to disallow requests to all reserved private/local/special IP blocks. This should generally be a "safe" setting.
  - Explain the risks better.
  - Improve the errors rasied by Macro when failing.
  - Removed `security.allow-outbound-http`, as it is superseded by this setting and is somewhat misleading.
    - We still make outbound HTTP requests to OAuth.
    - We still make outbound HTTP requests for repositories.

From a technical perspective:

  - Separate URIs that are safe to link to or redirect to (basically, not "javascript://") from URIs that are safe to fetch (nothing in a private block).
  - Add the default blacklist.
  - Be more careful with response data in Macro fetching, and don't let the user see it if it isn't ultimately valid.

Additionally:

  - I want to do this check before pulling repositories, but that's enough of a mess that it should go in a separate diff.
  - The future implementation of T4190 needs to perform the fetch check.

Test Plan:
  - Fetched a valid macro.
  - Fetched a non-image, verified it didn't result in a viewable file.
  - Fetched a private-ip-space image, got an error.
  - Fetched a 404, got a useful-enough error without additional revealing response content (which is usually HTML anyway and not useful).
  - Fetched a bad protocol, got an error.
  - Linked to a local resource, a phriction page, a valid remote site, all worked.
  - Linked to private IP space, which worked fine (we want to let you link and redierect to other private services, just not fetch them).
  - Added and executed unit tests.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6755

Differential Revision: https://secure.phabricator.com/D12136
2015-03-23 10:44:03 -07:00
bin Add some of a billing daemon skeleton 2015-01-30 11:29:05 -08:00
conf Add bin/almanac register to associate a host with an Almanac device and trust it 2015-01-02 15:13:30 -08:00
externals Remove support for Balanced payments 2015-03-13 15:47:37 -07:00
resources Hide footer on mobile app switcher 2015-03-23 09:56:39 -07:00
scripts Pass overseer configuration over stdin 2015-02-24 14:50:30 -08:00
src Improve granluarity and defaults of security.allow-outbound-http 2015-03-23 10:44:03 -07:00
support Namespace Aphlict clients by request path, plus other fixes 2015-02-16 11:31:15 -08:00
webroot Hide footer on mobile app switcher 2015-03-23 09:56:39 -07:00
.arcconfig Update .arclint in Phabricator for phutil-library lint 2014-05-12 06:01:30 -07:00
.arclint Fix text lint issues 2015-02-12 07:00:13 +11:00
.editorconfig Fix text lint issues 2015-02-12 07:00:13 +11:00
.gitignore When registering a device, write a device ID 2015-01-22 16:06:04 -08:00
LICENSE Fix text lint issues 2015-02-12 07:00:13 +11:00
NOTICE Update Phabricator NOTICE file to reflect modern legal circumstances 2014-06-25 13:42:13 -07:00
README.md Marginal improvements to README 2015-03-08 11:29:06 -07:00

Phabricator is an open source collection of web applications which help software companies build better software.

Phabricator includes applications for:

  • reviewing and auditing source code;
  • hosting and browsing repositories;
  • tracking bugs;
  • managing projects;
  • conversing with team members;
  • assembling a party to venture forth;
  • writing stuff down and reading it later;
  • hiding stuff from coworkers; and
  • also some other things.

You can learn more about the project (and find links to documentation and resources) at Phabricator.org

Phabricator is developed and maintained by Phacility.


BUG REPORTS

Please update your install to HEAD before filing bug reports. Follow our bug reporting guide for complete instructions.

FEATURE REQUESTS

We're big fans of feature requests that state core problems, not just 'add this'. We've compiled a short guide to effective upstream requests here.

COMMUNITY CHAT

Please visit our IRC Channel (#phabricator on FreeNode) to talk with other members of the Phabricator community. There might be someone there who can help you with setup issues or what image to choose for a macro.

SECURITY ISSUES

Phabricator participates in HackerOne and may pay out for various issues reported there. You can find out more information on our HackerOne page.

PULL REQUESTS

We do not accept pull requests through GitHub. If you would like to contribute code, please read our Contributor's Guide for more information.

LICENSE

Phabricator is released under the Apache 2.0 license except as otherwise noted.