Skip to content

GitLab

Unverified Commit 757eeacc authored by frob's avatar frob Committed by GitHub
Browse files

server: lowercase hostname for Host header check (#5851)

parent dd42acf7
Hide whitespace changes
Inline Side-by-side
Showing with 3 additions and 1 deletion
server/routes.go
View file @ 757eeacc
...@@ -1071,11 +1071,13 @@ func isLocalIP(ip netip.Addr) bool { ...@@ -1071,11 +1071,13 @@ func isLocalIP(ip netip.Addr) bool {
} }
func allowedHost(host string) bool { func allowedHost(host string) bool {
host = strings.ToLower(host)
if host == "" || host == "localhost" { if host == "" || host == "localhost" {
return true return true
} }
if hostname, err := os.Hostname(); err == nil && host == hostname { if hostname, err := os.Hostname(); err == nil && host == strings.ToLower(hostname) {
return true return true
} }
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment