can access web2py app even if it's disabled
45 views
Skip to first unread message
Shawn Michaels
Jan 4, 2019, 12:06:45 PM1/4/19
to web2py-users
Hi,
I just noticed, I can access disabled app.
when I connect from local network with /etc/hosts file edited like this:
[server IP] [disabled.address]
The page:
# base router
BASE=dict(
default_application='app',
domains = {
"[address]" : "app",
"[disabled.address]" : "disabled_app",
},
),
)
Temporarily down for maintenance
is displayed
When I comment the hosts line out I can connect to disabled site.
Do anybody know why or is it something known?
I have defined base router for the disabled and second non-disabled app:
# -*- coding: utf-8 -*-
routers = dict(
routers = dict(
# base router
BASE=dict(
default_application='app',
domains = {
"[address]" : "app",
"[disabled.address]" : "disabled_app",
},
),
)
Massimo Di Pierro
Jan 5, 2019, 1:15:32 PM1/5/19
to web2py-users
I do not understand.
You disable an app by creating a DISABLED file in the app folder.
You can use the router to map different domains into different default apps.
You see to mapping one into app and one into disabled_app which I assumed has the DISABLED file.
You cannot map addresses into default apps. You can only map domains.
deim31
Jan 6, 2019, 6:02:50 AM1/6/19
to web...@googlegroups.com
The address in router means domain in fact.
The problem is when I connect from PC on same network as server and have
/etc/hosts file with the mentioned line enabled I see Temporarily down
for maintenance, that is correct. But it should be in second event the
same, but isn't. I comment out the line in hosts file and connect to
real domain "from outside". And now the disabled app is not disabled
even thou it's set as disabled.
I can see the two "types" of access in nginx log - one disabled second
enabled.
Hope You understand better now.
Thank You!
Dne 05. 01. 19 v 19:15 Massimo Di Pierro napsal(a):
> --
> Resources:
> - http://web2py.com
> - http://web2py.com/book (Documentation)
> - http://github.com/web2py/web2py (Source code)
> - https://code.google.com/p/web2py/issues/list (Report Issues)
> ---
> You received this message because you are subscribed to a topic in the
> Google Groups "web2py-users" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/web2py/48A3Dz5rO8c/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> web2py+un...@googlegroups.com
> <mailto:web2py+un...@googlegroups.com>.
> For more options, visit https://groups.google.com/d/optout.
The problem is when I connect from PC on same network as server and have
/etc/hosts file with the mentioned line enabled I see Temporarily down
for maintenance, that is correct. But it should be in second event the
same, but isn't. I comment out the line in hosts file and connect to
real domain "from outside". And now the disabled app is not disabled
even thou it's set as disabled.
I can see the two "types" of access in nginx log - one disabled second
enabled.
Hope You understand better now.
Thank You!
Dne 05. 01. 19 v 19:15 Massimo Di Pierro napsal(a):
> Resources:
> - http://web2py.com
> - http://web2py.com/book (Documentation)
> - http://github.com/web2py/web2py (Source code)
> - https://code.google.com/p/web2py/issues/list (Report Issues)
> ---
> You received this message because you are subscribed to a topic in the
> Google Groups "web2py-users" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/web2py/48A3Dz5rO8c/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> web2py+un...@googlegroups.com
> <mailto:web2py+un...@googlegroups.com>.
> For more options, visit https://groups.google.com/d/optout.
Anthony
Jan 6, 2019, 9:09:34 AM1/6/19
to web2py-users
Disabling an app does not affect local requests. Using the hosts file, you access the app as if it is an external request (via the host name defined in the hosts file), so disabling is enforced. When you instead switch to accessing the app locally (i.e., via "localhost" or 127.0.0.1), the "disabled" file is ignored and access is allowed.
Anthony
deim31
Jan 6, 2019, 9:16:00 AM1/6/19
to web...@googlegroups.com
What you wrote makes sense to me, but in nginx log there is no localhost
or it's IP address alternative but public IP address, which confuses me.
With enabled hosts file line in log is my PC's local IP address.
Dne 06. 01. 19 v 15:09 Anthony napsal(a):
or it's IP address alternative but public IP address, which confuses me.
With enabled hosts file line in log is my PC's local IP address.
Dne 06. 01. 19 v 15:09 Anthony napsal(a):
Anthony
Jan 6, 2019, 9:31:29 AM1/6/19
to web2py-users
On Sunday, January 6, 2019 at 9:16:00 AM UTC-5, Shawn Michaels wrote:
What you wrote makes sense to me, but in nginx log there is no localhost
or it's IP address alternative but public IP address, which confuses me.
With enabled hosts file line in log is my PC's local IP address.
What matters is what web2py is receiving. See:
and
You can add some logging/print statements to the above sections of main.py to understand what is happening in each case.
Anthony
Reply all
Reply to author
Forward
0 new messages