kaxil commented on a change in pull request #18557:
URL: https://github.com/apache/airflow/pull/18557#discussion_r765788193
##########
File path: airflow/www/views.py
##########
@@ -702,6 +703,29 @@ def _iter_parsed_moved_data_table_names():
# Second segment is a version marker that we don't need to
show.
yield segments[2], table_name
+ if (
+ permissions.ACTION_CAN_ACCESS_MENU,
+ permissions.RESOURCE_ADMIN_MENU,
+ ) in user_permissions and conf.getboolean("webserver",
"warn_deployment_exposure"):
+ robots_file_access_count = (
+ session.query(Log)
+ .filter(Log.event == "robots")
+ .filter(Log.dttm > (utcnow() - timedelta(days=7)))
+ .count()
+ )
+ if robots_file_access_count > 0:
+ flash(
+ Markup(
+ 'Recent requests have been made to /robots.txt. '
+ 'This indicates that this deployment may be accessible
to the public internet. '
+ 'This warning can be disabled by setting
webserver.warn_deployment_exposure=False in '
+ 'airflow.cfg. Read more about web deployment security
<a href='
+
'"https://airflow.apache.org/docs/apache-airflow/stable/security/webserver.html";>'
Review comment:
Probably:
```suggestion
f'"{get_docs_url('security/webserver.html')}">'
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
