From 221211e71636b8bb1548ff276c236a29cd4b816b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=81lex=20Hermida?= <alexhermida@gmail.com>
Date: Tue, 9 Oct 2018 15:53:02 +0200
Subject: [PATCH] Add url validation

---
 taiga/webhooks/validators.py | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/taiga/webhooks/validators.py b/taiga/webhooks/validators.py
index 5bb5dcf2..33449ccd 100644
--- a/taiga/webhooks/validators.py
+++ b/taiga/webhooks/validators.py
@@ -15,12 +15,27 @@
 #
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
+import ipaddress
+
+from django.utils.translation import ugettext as _
 
 from taiga.base.api import validators
+from urllib.parse import urlparse
 
+from taiga.base.exceptions import ValidationError
 from .models import Webhook
 
 
 class WebhookValidator(validators.ModelValidator):
     class Meta:
         model = Webhook
+
+    def validate_url(self, attrs, source):
+        host = urlparse(attrs[source]).hostname
+        try:
+            ipa = ipaddress.ip_address(host)
+        except ValueError:
+            return attrs
+        if ipa.is_private:
+            raise ValidationError(_("Not allowed IP Address"))
+        return attrs