d4708/qBittorrent
1
0
Fork 0
mirror of https://github.com/d47081/qBittorrent.git synced 2025-01-24 05:25:37 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #7315 from Chocobo1/hostheader

Browse Source 
WebAPI: fix validating wrong header field. Closes #7311.
This commit is contained in:
sledgehammer999 2017-08-20 20:55:20 +03:00 committed by GitHub
commit 1e677c6728
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/webui/abstractwebapplication.cpp
View File

@ -420,8 +420,7 @@ bool AbstractWebApplication::isCrossSiteRequest(const Http::Request &request) co
bool AbstractWebApplication::validateHostHeader(const Http::Request &request, const Http::Environment &env, const QStringList &domains) const
{
const QUrl hostHeader = QUrl::fromUserInput(
request.headers.value(Http::HEADER_X_FORWARDED_HOST, request.headers.value(Http::HEADER_HOST)));
const QUrl hostHeader = QUrl::fromUserInput(request.headers.value(Http::HEADER_HOST));
// (if present) try matching host header's port with local port
const int requestPort = hostHeader.port();