Hi!
After isued invenio-cli run --host 0.0.0.0 --port 5000
to allow different machine to access inveniordm via web browser, i can’t log in anymore. Each time i try, just have blank page with Host x.x.x.x:5000 is not trusted
even with https://127.0.0.1:5000
.
I also modified invenio.cfg and emptied the APP_ALLOWED_HOST
list.
Can someone have an idea ?
Thanks
and emptied the
APP_ALLOWED_HOST
list
Why did you set that configuration to an empty string? You need to whitelist all the allowed host, this is a security measure. See:
If you really want to whitelist everything, try with APP_ALLOWED_HOSTS = ['*']
.
I followed your instruction and try APP_ALLOWED_HOSTS = ['*']
, but i got the same error.
Sorry i’m not familiar with python. I want to know if there is a way, in development mode to allow different machines to connect to the server, log in and manage there account.
This is for development only, never use this in production: try to put APP_ALLOWED_HOSTS = False
, it should disable the check.
This is what i got
Traceback (most recent call last):
File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/flask/app.py", line 2091, in __call__
return self.wsgi_app(environ, start_response)
File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/werkzeug/middleware/proxy_fix.py", line 187, in __call__
return self.app(environ, start_response)
File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/werkzeug/middleware/dispatcher.py", line 78, in __call__
return app(environ, start_response)
File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/flask/app.py", line 2076, in wsgi_app
response = self.handle_exception(e)
File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/flask/app.py", line 2073, in wsgi_app
response = self.full_dispatch_request()
File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/flask/app.py", line 1518, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/flask/app.py", line 1516, in full_dispatch_request
rv = self.dispatch_request()
File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/flask/app.py", line 1502, in dispatch_request
return self.ensure_sync(self.view_functions[rule.endpoint])(**req.view_args)
File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/flask_security/decorators.py", line 230, in wrapper
return f(*args, **kwargs)
File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/flask_security/views.py", line 117, in register
if form.validate_on_submit():
File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/flask_wtf/form.py", line 86, in validate_on_submit
return self.is_submitted() and self.validate()
File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/wtforms/form.py", line 318, in validate
return super(Form, self).validate(extra)
File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/wtforms/form.py", line 150, in validate
if not field.validate(self, extra):
File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/wtforms/fields/core.py", line 226, in validate
stop_validation = self._run_validation_chain(form, chain)
File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/wtforms/fields/core.py", line 246, in _run_validation_chain
validator(form, self)
File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/flask_security/forms.py", line 138, in validate_next
if field.data and not validate_redirect_url(field.data):
File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/flask_security/utils.py", line 275, in validate_redirect_url
url_base = urlsplit(request.host_url)
File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/werkzeug/utils.py", line 97, in __get__
value = self.fget(obj) # type: ignore
File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/werkzeug/sansio/request.py", line 236, in host_url
return get_current_url(self.scheme, self.host)
File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/werkzeug/utils.py", line 97, in __get__
value = self.fget(obj) # type: ignore
File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/werkzeug/sansio/request.py", line 243, in host
return get_host(
File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/werkzeug/sansio/utils.py", line 98, in get_host
if not host_is_trusted(host, trusted_hosts):
File "/home/francky/.local/share/virtualenvs/test-FbZuhZEr/lib/python3.8/site-packages/werkzeug/sansio/utils.py", line 35, in host_is_trusted
for ref in trusted_list:
TypeError: 'bool' object is not iterable
I guess it’s because of APP_ALLOWED_HOSTS = False
Yes, most probably, I thought it was working.
The easiest is then, always only for development purposes, setting the hostname or IP of your server: if you are reaching your server in your browser with www.myserver.com
or IP address:
APP_ALLOWED_HOSTS = ['www.myserver.com']
Make sure that you restart any server that you have running.
I did APP_ALLOWED_HOSTS = ['myserverprivateip']
but i have to run invenio like this invenio-cli run --host myserverprivateip --port 5000
to make it working properly
I have just tried and for me it works correctly, login included. My config:
APP_ALLOWED_HOSTS = ['0.0.0.0', 'localhost', '127.0.0.1', '194........'] # 194.... is my IP address
I started the server with:
invenio-cli run --host 0.0.0.0 --port 5000
I opened my browser to the URL https://194.....:5000