proper cidr validation server-side

core/serializers.py

@@ -1,19 +1,67 @@
 # core/serializers.py
+import json
+import ipaddress
 
 from rest_framework import serializers
-from .models import UserAgent, StreamProfile, CoreSettings
+from .models import UserAgent, StreamProfile, CoreSettings, NETWORK_ACCESS
+
 
 class UserAgentSerializer(serializers.ModelSerializer):
     class Meta:
         model = UserAgent
-        fields = ['id', 'name', 'user_agent', 'description', 'is_active', 'created_at', 'updated_at']
+        fields = [
+            "id",
+            "name",
+            "user_agent",
+            "description",
+            "is_active",
+            "created_at",
+            "updated_at",
+        ]
+
 
 class StreamProfileSerializer(serializers.ModelSerializer):
     class Meta:
         model = StreamProfile
-        fields = ['id', 'name', 'command', 'parameters', 'is_active', 'user_agent', 'locked']
+        fields = [
+            "id",
+            "name",
+            "command",
+            "parameters",
+            "is_active",
+            "user_agent",
+            "locked",
+        ]
+
 
 class CoreSettingsSerializer(serializers.ModelSerializer):
     class Meta:
         model = CoreSettings
-        fields = '__all__'
+        fields = "__all__"
+
+    def update(self, instance, validated_data):
+        if instance.key == NETWORK_ACCESS:
+            errors = False
+            invalid = {}
+            value = json.loads(validated_data.get("value"))
+            for key, val in value.items():
+                cidrs = val.split(",")
+                for cidr in cidrs:
+                    try:
+                        ipaddress.ip_network(cidr)
+                    except:
+                        errors = True
+                        if key not in invalid:
+                            invalid[key] = []
+                        invalid[key].append(cidr)
+
+            if errors:
+                # Perform CIDR validation
+                raise serializers.ValidationError(
+                    {
+                        "message": "Invalid CIDRs",
+                        "value": invalid,
+                    }
+                )
+
+        return super().update(instance, validated_data)

dispatcharr/utils.py

@@ -29,7 +29,7 @@ def validate_logo_file(file):
 
 
 def get_client_ip(request):
-    x_forwarded_for = request.META.get("HTTP_X_FORWARDED_FOR")
+    x_forwarded_for = request.META.get("HTTP_X_REAL_IP")
     if x_forwarded_for:
         # X-Forwarded-For can be a comma-separated list of IPs
         ip = x_forwarded_for.split(",")[0].strip()
@@ -44,7 +44,7 @@ def network_access_allowed(request, settings_key):
     cidrs = (
         network_access[settings_key].split(",")
         if settings_key in network_access
-        else "0.0.0.0/0"
+        else ["0.0.0.0/0"]
     )
 
     network_allowed = False

frontend/src/pages/Settings.jsx

@@ -5,6 +5,7 @@ import useUserAgentsStore from '../store/userAgents';
 import useStreamProfilesStore from '../store/streamProfiles';
 import {
   Accordion,
+  Alert,
   Box,
   Button,
   Center,
@@ -31,6 +32,7 @@ const SettingsPage = () => {
   const authUser = useAuthStore((s) => s.user);
 
   const [accordianValue, setAccordianValue] = useState(null);
+  const [networkAccessSaved, setNetworkAccessSaved] = useState(false);
 
   // UI / local storage settings
   const [tableSize, setTableSize] = useLocalStorage('table-size', 'default');
@@ -376,11 +378,21 @@ const SettingsPage = () => {
   };
 
   const onNetworkAccessSubmit = async () => {
-    console.log(networkAccessForm.getValues());
-    API.updateSetting({
-      ...settings['network-access'],
-      value: JSON.stringify(networkAccessForm.getValues()),
-    });
+    let result = null;
+    setNetworkAccessSaved(false);
+    try {
+      await API.updateSetting({
+        ...settings['network-access'],
+        value: JSON.stringify(networkAccessForm.getValues()),
+      });
+      setNetworkAccessSaved(true);
+    } catch (e) {
+      const errors = {};
+      for (const key in e.body.value) {
+        errors[key] = `Invalid CIDR(s): ${e.body.value[key]}`;
+      }
+      networkAccessForm.setErrors(errors);
+    }
   };
 
   const onUISettingsChange = (name, value) => {
@@ -589,6 +601,13 @@ const SettingsPage = () => {
                         )}
                       >
                         <Stack gap="sm">
+                          {networkAccessSaved && (
+                            <Alert
+                              variant="light"
+                              color="green"
+                              title="Saved Successfully"
+                            ></Alert>
+                          )}
                           {Object.entries(NETWORK_ACCESS_OPTIONS).map(
                             ([key, config]) => {
                               return (

requirements.txt

@@ -23,7 +23,6 @@ tzlocal
 # PyTorch dependencies (CPU only)
 --extra-index-url https://download.pytorch.org/whl/cpu/
 torch==2.6.0+cpu
-tzlocal
 
 # ML/NLP dependencies
 sentence-transformers==3.4.1