godoxy-yusing/internal/config/local_api_test.go at b082d6dc77f1a076fa985c8abe870f9520c43bb6

mirror of https://github.com/yusing/godoxy.git synced 2026-04-14 12:39:40 +02:00

Files

yusing e0cba8f415 feat(config): opt-in flag for non-loopback local API bind

Validate GODOXY_LOCAL_API_ADDR before starting the unauthenticated local
API. Loopback listeners still succeed by default; addresses that bind
all interfaces, unspecified IPs, LAN hosts, or non-loopback names need
GODOXY_LOCAL_API_ALLOW_NON_LOOPBACK=true.

When that opt-in is set and the host is not loopback, log a warning so
non-local exposure is obvious. Wire common.LocalAPIAllowNonLoopback from
LOCAL_API_ALLOW_NON_LOOPBACK and document it (with a risk note) in
.env.example.

Add TestValidateLocalAPIAddr for loopback, wildcard, LAN, and hostname
cases with the allow flag on and off.

2026-04-13 12:24:52 +08:00

1.5 KiB

Raw Blame History

View Raw

1.5 KiB Raw Blame History

1.5 KiB

Raw Blame History