diff --git a/src/main/java/org/qortal/api/Security.java b/src/main/java/org/qortal/api/Security.java index 4aca2c49..ca8783ea 100644 --- a/src/main/java/org/qortal/api/Security.java +++ b/src/main/java/org/qortal/api/Security.java @@ -56,7 +56,7 @@ public abstract class Security { public static void disallowLoopbackRequests(HttpServletRequest request) { try { InetAddress remoteAddr = InetAddress.getByName(request.getRemoteAddr()); - if (remoteAddr.isLoopbackAddress()) { + if (remoteAddr.isLoopbackAddress() && !Settings.getInstance().isGatewayLoopbackEnabled()) { throw ApiExceptionFactory.INSTANCE.createCustomException(request, ApiError.UNAUTHORIZED, "Local requests not allowed"); } } catch (UnknownHostException e) { diff --git a/src/main/java/org/qortal/settings/Settings.java b/src/main/java/org/qortal/settings/Settings.java index 0423f855..bc4f4204 100644 --- a/src/main/java/org/qortal/settings/Settings.java +++ b/src/main/java/org/qortal/settings/Settings.java @@ -104,6 +104,7 @@ public class Settings { private Integer gatewayPort; private boolean gatewayEnabled = false; private boolean gatewayLoggingEnabled = false; + private boolean gatewayLoopbackEnabled = false; // Specific to this node private boolean wipeUnconfirmedOnStart = false; @@ -633,6 +634,10 @@ public class Settings { return this.gatewayLoggingEnabled; } + public boolean isGatewayLoopbackEnabled() { + return this.gatewayLoopbackEnabled; + } + public boolean getWipeUnconfirmedOnStart() { return this.wipeUnconfirmedOnStart;