mirror of
https://github.com/processone/ejabberd.git
synced 2024-11-24 16:23:40 +01:00
Merge pull request #2868 from rstgroup/fix-rfc-6455-violation
Fix #2821 RFC6454 violation on websocket connection when validating Origin
This commit is contained in:
commit
5819733de6
@ -63,15 +63,15 @@
|
|||||||
-define(HEADER, [?CT_XML, ?AC_ALLOW_ORIGIN, ?AC_ALLOW_HEADERS]).
|
-define(HEADER, [?CT_XML, ?AC_ALLOW_ORIGIN, ?AC_ALLOW_HEADERS]).
|
||||||
|
|
||||||
check(_Path, Headers) ->
|
check(_Path, Headers) ->
|
||||||
RequiredHeaders = [{'Upgrade', <<"websocket">>},
|
HeadersValidators = [{'Upgrade', <<"websocket">>, true},
|
||||||
{'Connection', ignore}, {'Host', ignore},
|
{'Connection', ignore, true}, {'Host', ignore, true},
|
||||||
{<<"Sec-Websocket-Key">>, ignore},
|
{<<"Sec-Websocket-Key">>, ignore, true},
|
||||||
{<<"Sec-Websocket-Version">>, <<"13">>},
|
{<<"Sec-Websocket-Version">>, <<"13">>, true},
|
||||||
{<<"Origin">>, get_origin()}],
|
{<<"Origin">>, get_origin(), false}],
|
||||||
|
|
||||||
F = fun ({Tag, Val}) ->
|
F = fun ({Tag, Val, Required}) ->
|
||||||
case lists:keyfind(Tag, 1, Headers) of
|
case lists:keyfind(Tag, 1, Headers) of
|
||||||
false -> true; % header not found, keep in list
|
false -> Required; % header not found, keep in list if required
|
||||||
{_, HVal} ->
|
{_, HVal} ->
|
||||||
case Val of
|
case Val of
|
||||||
ignore -> false; % ignore value -> ok, remove from list
|
ignore -> false; % ignore value -> ok, remove from list
|
||||||
@ -82,9 +82,9 @@ check(_Path, Headers) ->
|
|||||||
end
|
end
|
||||||
end
|
end
|
||||||
end,
|
end,
|
||||||
case lists:filter(F, RequiredHeaders) of
|
case lists:filter(F, HeadersValidators) of
|
||||||
[] -> true;
|
[] -> true;
|
||||||
_MissingHeaders -> false
|
_InvalidHeaders -> false
|
||||||
end.
|
end.
|
||||||
|
|
||||||
socket_handoff(LocalPath, #request{method = 'GET', ip = IP, q = Q, path = Path,
|
socket_handoff(LocalPath, #request{method = 'GET', ip = IP, q = Q, path = Path,
|
||||||
|
Loading…
Reference in New Issue
Block a user