[stable2409] Backport #6454 #6458

paritytech-cmd-bot-polkadot-sdk · 2024-11-12T18:06:09Z

Backport #6454 into stable2409 from niklasad1.

See the documentation on how to use this bot.

This PR fixes an issue that I discovered using connecting to the RPC via localhost using cURL, where cURL tries to connect to via ipv6 before ipv4 when querying `localhost` which messed up the http host filter whereas it would connect to the address `[::1]::9944 host_header: localhost:9944` but the ipv6 interface only whitelisted `[::1]:9944` which this fixes. So let's whitelist all localhost interfaces to avoid such weird edge-cases. ### Behavior before this PR ```bash $ polkadot --chain westend-dev & $ curl -v \ -H 'Content-Type: application/json' \ -d '{"jsonrpc":"2.0","id":"id","method":"system_name"}' \ http://localhost:9944 * Host localhost:9944 was resolved. * IPv6: ::1 * IPv4: 127.0.0.1 * Trying [::1]:9944... * Connected to localhost (::1) port 9944 > POST / HTTP/1.1 > Host: localhost:9944 > User-Agent: curl/8.5.0 > Accept: */* > Content-Type: application/json > Content-Length: 50 > < HTTP/1.1 403 Forbidden < content-type: text/plain < content-length: 41 < date: Tue, 12 Nov 2024 13:03:49 GMT < Provided Host header is not whitelisted. * Connection #0 to host localhost left intact ``` ### Behavior after this PR ```bash $ polkadot --chain westend-dev & ➜ wasm-tests (update-artifacts-1731284930) ✗ curl -v \ -H 'Content-Type: application/json' \ -d '{"jsonrpc":"2.0","id":"id","method":"system_name"}' \ http://localhost:9944 * Host localhost:9944 was resolved. * IPv6: ::1 * IPv4: 127.0.0.1 * Trying [::1]:9944... * Connected to localhost (::1) port 9944 > POST / HTTP/1.1 > Host: localhost:9944 > User-Agent: curl/8.5.0 > Accept: */* > Content-Type: application/json > Content-Length: 50 > < HTTP/1.1 200 OK < content-type: application/json; charset=utf-8 < vary: origin, access-control-request-method, access-control-request-headers < content-length: 54 < date: Tue, 12 Nov 2024 13:02:57 GMT < * Connection #0 to host localhost left intact {"jsonrpc":"2.0","id":"id","result":"Parity Polkadot"}% ``` --------- Co-authored-by: GitHub Action <action@github.com> Co-authored-by: command-bot <> (cherry picked from commit 0a0af0e)

github-actions · 2024-11-12T18:07:58Z

This pull request is amending an existing release. Please proceed with extreme caution,
as to not impact downstream teams that rely on the stability of it. Some things to consider:

Backports are only for 'patch' or 'minor' changes. No 'major' or other breaking change.
Should be a legit fix for some bug, not adding tons of new features.
Must either be already audited or not need an audit.

Emergency Bypass

If you really need to bypass this check: add validate: false to each crate
in the Prdoc where a breaking change is introduced. This will release a new major
version of that crate and all its reverse dependencies and basically break the release.

github-actions bot added the A3-backport Pull request is already reviewed well in another branch. label Nov 12, 2024

paritytech-cmd-bot-polkadot-sdk bot mentioned this pull request Nov 12, 2024

rpc server: fix host filter for localhost on ipv6 #6454

Merged

niklasad1 approved these changes Nov 12, 2024

View reviewed changes

EgorPopelyaev merged commit ffc3f2f into stable2409 Nov 13, 2024
150 of 185 checks passed

EgorPopelyaev deleted the backport-6454-to-stable2409 branch November 13, 2024 13:08

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[stable2409] Backport #6454 #6458

[stable2409] Backport #6454 #6458

paritytech-cmd-bot-polkadot-sdk bot commented Nov 12, 2024

github-actions bot commented Nov 12, 2024

[stable2409] Backport #6454 #6458

[stable2409] Backport #6454 #6458

Conversation

paritytech-cmd-bot-polkadot-sdk bot commented Nov 12, 2024

github-actions bot commented Nov 12, 2024