IP restrictions don't currently work on SSL

Since we pipe all SSL through frontends, and explicitly reject directly
accessing the main host. However, this call has no payload, so we can
safely allow it without SSL through the frontends. Do that for now, while
we should look at fixing the SSL issue sometime in the future

diff --git a/pgweb/core/views.py b/pgweb/core/views.py
index 462427fe3e83c02b99fa71d87c6888255363edf4..37288ebd5a96cfc00ec9aca2e4739a34f15c7438 100644 (file)
--- a/pgweb/core/views.py
+++ b/pgweb/core/views.py
@@ -286,10 +286,10 @@ def api_varnish_purge(request):
        transaction.commit_unless_managed()
        return HttpResponse("Purged %s entries\n" % n)
 
-@ssl_required
+@nocache
 @csrf_exempt
 def api_repo_updated(request):
-       if not request.META['REMOTE_ADDR'] in settings.SITE_UPDATE_HOSTS:
+       if not get_client_ip(request) in settings.SITE_UPDATE_HOSTS:
                return HttpServerError("Invalid client address")
        # Ignore methods and contents, just drop the trigger
        open(settings.SITE_UPDATE_TRIGGER_FILE, 'a').close()