I'm going to try this out to reduce the risk of a security breach: in a model:
def is_localhost():
import socket
http_host = request.env.http_host.split(':')[0]
try:
hosts = (http_host, socket.gethostname(),
socket.gethostbyname(http_host),
'::1','127.0.0.1','::ffff:127.0.0.1')
except:
hosts = (http_host,)
if request.env.remote_addr in hosts:
return True
in generic.xxx:
{{if is_localhost():}}
<!-- content -->
{{else:}}
Not allowed
{{pass}}
