File improve_DNS_rebinding_protection_support_IPv6.patch of Package python-mitmproxy

From d9567850a665ac99864b685438d1002037d40a29 Mon Sep 17 00:00:00 2001
From: Maximilian Hils <git@maximilianhils.com>
Date: Thu, 12 Jul 2018 10:40:50 +0800
Subject: [PATCH] mitmweb: improve dns rebinding protection, support ipv6

---
 mitmproxy/tools/web/app.py | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

Index: mitmproxy-3.0.4/mitmproxy/tools/web/app.py
===================================================================
--- mitmproxy-3.0.4.orig/mitmproxy/tools/web/app.py
+++ mitmproxy-3.0.4/mitmproxy/tools/web/app.py
@@ -462,10 +462,20 @@ class SaveOptions(RequestHandler):
             raise APIError(400, "{}".format(err))
 
 
+class DnsRebind(RequestHandler):
+    def get(self):
+        raise tornado.web.HTTPError(
+            403,
+            reason="To protect against DNS rebinding, mitmweb can only be accessed by IP at the moment. "
+                   "(https://github.com/mitmproxy/mitmproxy/issues/3234)"
+        )
+
+
 class Application(tornado.web.Application):
     def __init__(self, master, debug):
         self.master = master
         super().__init__(
+            default_host="dns-rebind-protection",
             template_path=os.path.join(os.path.dirname(__file__), "templates"),
             static_path=os.path.join(os.path.dirname(__file__), "static"),
             xsrf_cookies=True,
@@ -474,9 +484,10 @@ class Application(tornado.web.Applicatio
             autoreload=False,
         )
 
+        self.add_handlers("dns-rebind-protection", [(r"/.*", DnsRebind)])
         self.add_handlers(
             # make mitmweb accessible by IP only to prevent DNS rebinding.
-            r'(localhost|\d+\.\d+\.\d+\.\d+)',
+            r'^(localhost|[0-9.:\[\]]+)$',
             [
                 (r"/", IndexHandler),
                 (r"/filter-help(?:\.json)?", FilterHelp),