From 7885f454a4946c4bbec1b4f8c603b5eea7429c7f Mon Sep 17 00:00:00 2001
From: Joe Chen <jc@unknwon.io>
Date: Tue, 31 May 2022 15:17:17 +0800
Subject: webhook: revalidate local hostname before each delivery (#6988)

---
 internal/netutil/netutil.go | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'internal/netutil/netutil.go')

diff --git a/internal/netutil/netutil.go b/internal/netutil/netutil.go
index 5059d463..8fef3115 100644
--- a/internal/netutil/netutil.go
+++ b/internal/netutil/netutil.go
@@ -47,9 +47,10 @@ func init() {
 	}
 }
 
-// IsLocalHostname returns true if given hostname is resolved to local network
-// address, except exempted from the allowlist.
-func IsLocalHostname(hostname string, allowlist []string) bool {
+// IsBlockedLocalHostname returns true if given hostname is resolved to a local
+// network address that is implicitly blocked (i.e. not exempted from the
+// allowlist).
+func IsBlockedLocalHostname(hostname string, allowlist []string) bool {
 	for _, allow := range allowlist {
 		if hostname == allow {
 			return false
-- 
cgit v1.2.3