diff options
| author |  Alexandre Alapetite <alexandre@alapetite.fr>
| 2018-09-09 00:50:24 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2018-09-09 00:50:24 +0200 |
| commit | aafb1cd0e484813541b4eb0ba2a93d9083b1d2fc (patch) | |
| tree | 0c38c051118ebfd1471c52f10ad4e15dbea3e35a | |
| parent | c65f5358904c585ce144885be2fbcd960adaf1e6 (diff) | |
Better test if server has public address (#2010)
* Better test if server has public address
* Wrong trailing slash in documentation
| -rw-r--r-- | cli/README.md | 2 | ||||
| -rwxr-xr-x | cli/do-install.php | 2 | ||||
| -rw-r--r-- | lib/lib_rss.php | 13 |
3 files changed, 11 insertions, 6 deletions
diff --git a/cli/README.md b/cli/README.md index 0d1c0a7d4..c314bd388 100644 --- a/cli/README.md +++ b/cli/README.md @@ -35,7 +35,7 @@ cd /usr/share/FreshRSS ./cli/prepare.php # Ensure the needed directories in ./data/ -./cli/do-install.php --default_user admin ( --auth_type form --environment production --base_url https://rss.example.net/ --language en --title FreshRSS --allow_anonymous --api_enabled --db-type mysql --db-host localhost:3306 --db-user freshrss --db-password dbPassword123 --db-base freshrss --db-prefix freshrss ) +./cli/do-install.php --default_user admin ( --auth_type form --environment production --base_url https://rss.example.net --language en --title FreshRSS --allow_anonymous --api_enabled --db-type mysql --db-host localhost:3306 --db-user freshrss --db-password dbPassword123 --db-base freshrss --db-prefix freshrss ) # --auth_type can be: 'form' (default), 'http_auth' (using the Web server access control), 'none' (dangerous) # --db-type can be: 'sqlite' (default), 'mysql' (MySQL or MariaDB), 'pgsql' (PostgreSQL) # --base_url should be a public (routable) URL if possible, and is used for push (PubSubHubbub), for some API functions (e.g. favicons), and external URLs in FreshRSS. diff --git a/cli/do-install.php b/cli/do-install.php index 4ebba0469..7435ab9f1 100755 --- a/cli/do-install.php +++ b/cli/do-install.php @@ -33,7 +33,7 @@ $options = getopt('', array_merge($params, $dBparams)); if (empty($options['default_user'])) { fail('Usage: ' . basename(__FILE__) . " --default_user admin ( --auth_type form" . - " --environment production --base_url https://rss.example.net/" . + " --environment production --base_url https://rss.example.net" . " --language en --title FreshRSS --allow_anonymous --api_enabled" . " --db-type mysql --db-host localhost:3306 --db-user freshrss --db-password dbPassword123" . " --db-base freshrss --db-prefix freshrss_ --disable_update )"); diff --git a/lib/lib_rss.php b/lib/lib_rss.php index 60616b3ca..44123b746 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -109,24 +109,29 @@ function safe_ascii($text) { * localhost address. * * @param $address the address to test, can be an IP or a URL. - * @return true if server is accessible, false else. + * @return true if server is accessible, false otherwise. * @todo improve test with a more valid technique (e.g. test with an external server?) */ function server_is_public($address) { $host = parse_url($address, PHP_URL_HOST); $is_public = !in_array($host, array( - '127.0.0.1', 'localhost', 'localhost.localdomain', '[::1]', + 'ip6-localhost', 'localhost6', 'localhost6.localdomain6', )); - return $is_public; -} + if ($is_public) { + $ip = gethostbyname($host); + $is_public &= !preg_match('/^(10|127|172[.]16|192[.]168)[.]/', $ip); + $is_public &= !preg_match('/^(\[)?(::1$|fc00::|fe80::)/i', $ip); + } + return (bool)$is_public; +} function format_number($n, $precision = 0) { // number_format does not seem to be Unicode-compatible |