commit | aa4d73962890c28cadf50a936f86b327b162ac9e | [log] [tgz] |
---|---|---|
author | Eric Anderson <ejona@google.com> | Thu May 30 17:35:53 2013 -0700 |
committer | Eric Anderson <ejona@google.com> | Thu May 30 17:59:39 2013 -0700 |
tree | e6a5f16f0ff02811a7266ee937bbd5f4d48fd97e | |
parent | e6744204e5fb754c3290497aebaf32f7e11d779c [diff] |
Swap Authenticator to host+IP whitelist The Authenticator we use has a whitelist. Previously that whitelist was a list of URLs, which is very suboptimal (and only worked by chance for attachments). Now we simply observe the host and IP and make sure they are what we expect.