Trouble running WebThingServer inside docker container #78
Description
Unfortunallty, running the WebThingServer inside docker container causes trouble. Due to the network mapping the host validation which is part of the WebThingServer as shown below returns a 403
def prepare(self):
"""Validate Host header."""
host = self.request.headers.get('Host', None)
if host is not None and host.lower() in self.hosts:
return
raise tornado.web.HTTPError(403)
Running the WebThingServer in an ordinary way (here using port 8555; my hostname is xwxa-xvvwxf2, my IP is 192.168.1.114) works. In this case the values of my hosts variable are
['localhost', 'localhost:8555', 'xwxa-xvvwxf2.local', 'xwxa-xvvwxf2.local:8555', '127.0.0.1', '127.0.0.1:8555', '172.17.66.65', '172.17.66.65:8555', '192.168.1.114', '192.168.1.114:8555', '192.168.98.81', '192.168.98.81:8555', '[::1]', '[::1]:8555']
executing curl http://192.168.1.114:8555 returns a success response (this is not true by executing curl http://xwxa-xvvwxf2:8555)
Starting the same WebThingServer inside docker results into the values below
['localhost', 'localhost:8555', 'f9992ea8acb9.local', 'f9992ea8acb9.local:8555', '127.0.0.1', '127.0.0.1:8555', '172.17.0.2', '172.17.0.2:8555']
Here executing curl http://192.168.1.114:8555 returns an error
Using the hostname parameter (set with xwxa-xvvwxf2 in the example below) by running the WebThingServer helps if the same value is used for the container port and the Docker host port (e.g. docker run -p 8555:8555 ..). Here the values of hosts variable looks like:
['localhost', 'localhost:8555', '5b814e824d3c.local', '5b814e824d3c.local:8555', '127.0.0.1', '127.0.0.1:8555', '172.17.0.2', '172.17.0.2:8555', 'xwxa-xvvwxf2', 'xwxa-xvvwxf2:8555']
Here executing curl http://xwxa-xvvwxf2:8555 returns a success response (this is not true by executing curl http://192.168.1.114:8555)
However by using different values for the container port and the Docker host port (e.g. docker run -p 8600:8555 ..), the WebThingServer response with forbidden.
Here executing curl http://xwxa-xvvwxf2:8600 as well executing curl http://192.168.1.114:8600 returns an error (port 8600 will be mapped to 8555 by docker)
A workaround for this could be to make the host header validation deactivatable by using a flag. This would allow the run a WebThingServer inside a docker container, accepting that the header security check is deactivated.