d4708
/
qBittorrent
mirror of https://github.com/d47081/qBittorrent.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge pull request #8008 from glassez/fix-ipv6 

Fix WebUI is not reachable via IPv6
adaptive-webui-19844
Vladimir Golovnev 7 years ago committed by GitHub
parent
60c9926834 fcde1ba09c
commit
84c84160fd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 3 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 14
      src/webui/abstractwebapplication.cpp

14
src/webui/abstractwebapplication.cpp
Unescape View File

@ -86,6 +86,14 @@ struct WebSession
} }
}; };
namespace
{
inline QUrl urlFromHostHeader(const QString &hostHeader)
{
return QUrl(QLatin1String("http://") + hostHeader);
}
}
// AbstractWebApplication // AbstractWebApplication
AbstractWebApplication::AbstractWebApplication(QObject *parent) AbstractWebApplication::AbstractWebApplication(QObject *parent)
@ -415,7 +423,7 @@ bool AbstractWebApplication::isCrossSiteRequest(const Http::Request &request) co
// sent with CORS requests, as well as with POST requests // sent with CORS requests, as well as with POST requests
if (!originValue.isEmpty()) { if (!originValue.isEmpty()) {
const bool isInvalid = !isSameOrigin(QUrl::fromUserInput(targetOrigin), originValue); const bool isInvalid = !isSameOrigin(urlFromHostHeader(targetOrigin), originValue);
if (isInvalid) if (isInvalid)
Logger::instance()->addMessage(tr("WebUI: Origin header & Target origin mismatch!") + "\n" Logger::instance()->addMessage(tr("WebUI: Origin header & Target origin mismatch!") + "\n"
+ tr("Source IP: '%1'. Origin header: '%2'. Target origin: '%3'") + tr("Source IP: '%1'. Origin header: '%2'. Target origin: '%3'")
@ -425,7 +433,7 @@ bool AbstractWebApplication::isCrossSiteRequest(const Http::Request &request) co
} }
if (!refererValue.isEmpty()) { if (!refererValue.isEmpty()) {
const bool isInvalid = !isSameOrigin(QUrl::fromUserInput(targetOrigin), refererValue); const bool isInvalid = !isSameOrigin(urlFromHostHeader(targetOrigin), refererValue);
if (isInvalid) if (isInvalid)
Logger::instance()->addMessage(tr("WebUI: Referer header & Target origin mismatch!") + "\n" Logger::instance()->addMessage(tr("WebUI: Referer header & Target origin mismatch!") + "\n"
+ tr("Source IP: '%1'. Referer header: '%2'. Target origin: '%3'") + tr("Source IP: '%1'. Referer header: '%2'. Target origin: '%3'")
@ -439,7 +447,7 @@ bool AbstractWebApplication::isCrossSiteRequest(const Http::Request &request) co
bool AbstractWebApplication::validateHostHeader(const QStringList &domains) const bool AbstractWebApplication::validateHostHeader(const QStringList &domains) const
{ {
const QUrl hostHeader = QUrl::fromUserInput(request().headers[Http::HEADER_HOST]); const QUrl hostHeader = urlFromHostHeader(request().headers[Http::HEADER_HOST]);
const QString requestHost = hostHeader.host(); const QString requestHost = hostHeader.host();
// (if present) try matching host header's port with local port // (if present) try matching host header's port with local port

Write Preview
Loading…
Cancel
Save