c163601b6c
When Cockpit is not configured any origins, it uses the host and protocol of the incoming request to set the allowed origin for WebSocket connections. By ensuring that the original host/protocol is passed on to Cockpit from the browser, we can eliminate the need for configuring a pre-determined list of origins. Passing the host and protocol from the browser is done by setting ProxyPreserveHost and using https:// for proxying. For a cross-site request, Origin: and Host: entries won't match and '403 Forbidden' is thrown. So, this approach is still safe. Tests: - Without the patch, access Cockpit using IP address and it fails. Apply the patch. Cockpit setup should run. Origins= directive in the configuration file /etc/cockpit/cockpit.conf should get removed. Accessing with IP address and logging in succeeds. - Freshly setup a container with the patch and access Cockpit using IP address. This works and login succeeds. - Test on stable and testing containers. Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org> Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
FreedomBox Service (Plinth)
The core functionality and web front-end of FreedomBox.
Description
FreedomBox is a community project to develop, design and promote personal servers running free software for private, personal communications. It is a networking appliance designed to allow interfacing with the rest of the Internet under conditions of protected privacy and data security. It hosts applications such as blog, wiki, website, social network, email, web proxy and a Tor relay, on a device that can replace your Wi-Fi router, so that your data stays with you.
This module, called FreedomBox Service and also know as Plinth, is the core functionality and web interface to the functions of the FreedomBox. It is extensible and provides various applications of FreedomBox as modules. Each module or application provides simplified user interface to control the underlying functionality. As FreedomBox can act as a wireless router, it is possible to configure networking. It also allows configuration of basic system parameters such as time zone, hostname and automatic upgrades.
You can find more information about FreedomBox Service (Plinth) on the Plinth Wiki page, the FreedomBox Wiki and the FreedomBox Manual.
Getting Started
To have a running FreedomBox, first install Debian (Buster or higher) on a clean machine. Then run:
$ sudo apt install freedombox
Full instructions are available on FreedomBox Manual's QuickStart page.
For instructions on running the service on a local machine from source code, see INSTALL.md. For instructions on setting up for development purposes, see HACKING.md.
Contributing
See the HACKING.md file for contributing to FreedomBox Service (Plinth).
Localization
