IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-25 18:55:32 -06:00
Code Issues Packages Projects Releases Wiki Activity

FEATURE: A site setting to prevent crawling on private IP blocks

Browse Source
This commit is contained in:
Robin Ward
2017-05-23 11:51:23 -04:00
parent c9028f517a
commit 93a5fc62bf
4 changed files with 70 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
lib/final_destination.rb
View File

@@ -7,7 +7,7 @@ class FinalDestination
attr_reader :status
def initialize(url, opts = nil)
def initialize(url, opts=nil)
@uri = URI(url) rescue nil
@opts = opts || {}
@opts[:max_redirects] ||= 5
@@ -85,9 +85,8 @@ class FinalDestination
return false unless address_s
address = IPAddr.new(address_s)
private_match = FinalDestination.private_ranges.any? {|r| r === address }
if private_match
if private_ranges.any? {|r| r === address }
@status = :invalid_address
return false
end
@@ -95,7 +94,12 @@ class FinalDestination
true
end
def self.private_ranges
def private_ranges
FinalDestination.standard_private_ranges +
SiteSetting.blacklist_ip_blocks.split('|').map {|r| IPAddr.new(r) rescue nil }.compact
end
def self.standard_private_ranges
@private_ranges ||= [
IPAddr.new('127.0.0.1'),
IPAddr.new('172.16.0.0/12'),