From 714383a063f64fcc7c6a458182c4f9cf5a46df66 Mon Sep 17 00:00:00 2001
From: Joe Chen <jc@unknwon.io>
Date: Mon, 14 Mar 2022 22:06:08 +0800
Subject: conf: add allowlist for accessing local network (#6842)

---
 internal/netutil/netutil.go | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

(limited to 'internal/netutil/netutil.go')

diff --git a/internal/netutil/netutil.go b/internal/netutil/netutil.go
index e3b3b8cc..5059d463 100644
--- a/internal/netutil/netutil.go
+++ b/internal/netutil/netutil.go
@@ -47,8 +47,15 @@ func init() {
 	}
 }
 
-// IsLocalHostname returns true if given hostname is a known local address.
-func IsLocalHostname(hostname string) bool {
+// IsLocalHostname returns true if given hostname is resolved to local network
+// address, except exempted from the allowlist.
+func IsLocalHostname(hostname string, allowlist []string) bool {
+	for _, allow := range allowlist {
+		if hostname == allow {
+			return false
+		}
+	}
+
 	ips, err := net.LookupIP(hostname)
 	if err != nil {
 		return true
-- 
cgit v1.2.3