diff --git a/src/httpapi/security/client.py b/src/httpapi/security/client.py index 11ee4f99..71393dec 100644 --- a/src/httpapi/security/client.py +++ b/src/httpapi/security/client.py @@ -54,9 +54,10 @@ class ClientAPISecurity: """Validate request has set password & is the correct hostname.""" # For the purpose of preventing DNS rebinding attacks localhost = True - if request.host != '%s:%s' % \ - (client_api.host, client_api.bindPort): - localhost = False + if client_api.host != '0.0.0.0': + if request.host != '%s:%s' % \ + (client_api.host, client_api.bindPort): + localhost = False if not localhost and public_remote_enabled: if request.host not in public_remote_hostnames: diff --git a/src/netcontroller/torcontrol/__init__.py b/src/netcontroller/torcontrol/__init__.py index cb9763e6..2e861e6c 100644 --- a/src/netcontroller/torcontrol/__init__.py +++ b/src/netcontroller/torcontrol/__init__.py @@ -91,7 +91,7 @@ class NetController: if '100' not in line.decode(): logger.info(line.decode().strip(), terminal=True) if 'bootstrapped 100' in line.decode().lower(): - logger.info(line.decode()) + logger.info(line.decode(), terminal=True) break elif 'opening socks listener' in line.decode().lower(): logger.debug(line.decode().replace('\n', ''))