All requests originating in Django are now going through a Squid proxy:
https://github.com/libravatar/wiki.libravatar.org/commit/51cdee5ead711f662b4d2d7116dc8aadd756ccb8
and any requests to localhost are denied.
In addition, I verified that nobody was using an OpenID URL in the database and now enforce a standard port of 80 or 433 in the proxy.
The OpenID library itself already restricts the protocol to HTTP or HTTPS.
All requests originating in Django are now going through a Squid proxy:
https:/ /github. com/libravatar/ wiki.libravatar .org/commit/ 51cdee5ead711f6 62b4d2d7116dc8a add756ccb8
and any requests to localhost are denied.
In addition, I verified that nobody was using an OpenID URL in the database and now enforce a standard port of 80 or 433 in the proxy.
The OpenID library itself already restricts the protocol to HTTP or HTTPS.