Open cHolzberger opened 5 years ago
https://github.com/alberthier/git-webui/blob/dee7c192b2ec063cf638c3ec6e99589812b9d231/src/libexec/git-core/git-webui#L145
You can spoof the localhost hostname from any system able to connect to gitweb and by this code anyone able to access webui by the hostname "localhost" have writeaccess.
Curl Example: curl 'http://192.168.X.X:8000/viewonly' -H "Host: localhost" -> 0
curl 'http://192.168.X.X:8000/viewonly' -H "Host: localhost" -> 0
Also accessing localhost by another Hostname results in no write access curl 'http://localhost:8000/viewonly' -H "Host: exthost" -> 1
curl 'http://localhost:8000/viewonly' -H "Host: exthost" -> 1
https://github.com/alberthier/git-webui/blob/dee7c192b2ec063cf638c3ec6e99589812b9d231/src/libexec/git-core/git-webui#L145
You can spoof the localhost hostname from any system able to connect to gitweb and by this code anyone able to access webui by the hostname "localhost" have writeaccess.
Curl Example:
curl 'http://192.168.X.X:8000/viewonly' -H "Host: localhost" -> 0Also accessing localhost by another Hostname results in no write access
curl 'http://localhost:8000/viewonly' -H "Host: exthost" -> 1