Added the LooseHost config setting.
Malformed requests are now logged with an integer denoting the block of code which triggered it.
This commit is contained in:
Azareal
parent
cdb2f0711d
commit
8bfd5adbbb
|
|
@ -92,6 +92,7 @@ type config struct {
|
|||
DisableLiveTopicList bool
|
||||
DisableJSAntispam bool
|
||||
//LooseCSP bool
|
||||
LooseHost bool
|
||||
DisableServerPush bool
|
||||
EnableCDNPush bool
|
||||
|
||||
|
|
|
|||
|
|
@ -84,6 +84,8 @@ DisableLiveTopicList - This switch allows you to disable the live topic list.
|
|||
|
||||
DisableJSAntispam - This switch lets you disable the JS anti-spam feature. It may be useful if you primarily get users who for one reason or another have decided to disable JavaScript.
|
||||
|
||||
LooseHost - Disable host header checks in the router. May be useful when using a reverse-proxy like Nginx.
|
||||
|
||||
DisableServerPush - This switch lets you disable the HTTP/2 server push feature.
|
||||
|
||||
EnableCDNPush - This switch lets you enable the HTTP/2 CDN Server Push feature. This operates by sending a Link header on every request and may also work with reverse-proxies like Nginx for doing HTTP/2 server pushes.
|
||||
|
|
|
|||
|
|
@ -704,10 +704,10 @@ func isLocalHost(host string) bool {
|
|||
// TODO: SetDefaultPath
|
||||
// TODO: GetDefaultPath
|
||||
func (r *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) {
|
||||
var malformedRequest = func() {
|
||||
var malformedRequest = func(typ int) {
|
||||
w.WriteHeader(200) // 400
|
||||
w.Write([]byte(""))
|
||||
r.DumpRequest(req,"Malformed Request")
|
||||
r.DumpRequest(req,"Malformed Request T"+strconv.Itoa(typ))
|
||||
counters.AgentViewCounter.Bump(27)
|
||||
}
|
||||
|
||||
|
|
@ -716,7 +716,7 @@ func (r *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) {
|
|||
if req.Host[0]=='[' {
|
||||
spl := strings.Split(req.Host,"]")
|
||||
if len(spl) > 2 {
|
||||
malformedRequest()
|
||||
malformedRequest(0)
|
||||
return
|
||||
}
|
||||
shost = strings.TrimPrefix(spl[0],"[")
|
||||
|
|
@ -724,7 +724,7 @@ func (r *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) {
|
|||
} else {
|
||||
spl := strings.Split(req.Host,":")
|
||||
if len(spl) > 2 {
|
||||
malformedRequest()
|
||||
malformedRequest(1)
|
||||
return
|
||||
}
|
||||
shost = spl[0]
|
||||
|
|
@ -734,7 +734,7 @@ func (r *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) {
|
|||
}
|
||||
// TODO: Reject requests from non-local IPs, if the site host is set to localhost or a localhost IP
|
||||
if common.Site.PortInt != 80 && common.Site.PortInt != 443 && sport != common.Site.Port {
|
||||
malformedRequest()
|
||||
malformedRequest(2)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
@ -759,8 +759,8 @@ func (r *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) {
|
|||
}
|
||||
|
||||
// Deflect malformed requests
|
||||
if len(req.URL.Path) == 0 || req.URL.Path[0] != '/' || shost != common.Site.Host {
|
||||
malformedRequest()
|
||||
if len(req.URL.Path) == 0 || req.URL.Path[0] != '/' || (!common.Config.LooseHost && shost != common.Site.Host) {
|
||||
malformedRequest(3)
|
||||
return
|
||||
}
|
||||
if common.Dev.FullReqLog {
|
||||
|
|
|
|||
|
|
@ -483,10 +483,10 @@ func isLocalHost(host string) bool {
|
|||
// TODO: SetDefaultPath
|
||||
// TODO: GetDefaultPath
|
||||
func (r *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) {
|
||||
var malformedRequest = func() {
|
||||
var malformedRequest = func(typ int) {
|
||||
w.WriteHeader(200) // 400
|
||||
w.Write([]byte(""))
|
||||
r.DumpRequest(req,"Malformed Request")
|
||||
r.DumpRequest(req,"Malformed Request T"+strconv.Itoa(typ))
|
||||
counters.AgentViewCounter.Bump({{.AllAgentMap.malformed}})
|
||||
}
|
||||
|
||||
|
|
@ -495,7 +495,7 @@ func (r *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) {
|
|||
if req.Host[0]=='[' {
|
||||
spl := strings.Split(req.Host,"]")
|
||||
if len(spl) > 2 {
|
||||
malformedRequest()
|
||||
malformedRequest(0)
|
||||
return
|
||||
}
|
||||
shost = strings.TrimPrefix(spl[0],"[")
|
||||
|
|
@ -503,7 +503,7 @@ func (r *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) {
|
|||
} else {
|
||||
spl := strings.Split(req.Host,":")
|
||||
if len(spl) > 2 {
|
||||
malformedRequest()
|
||||
malformedRequest(1)
|
||||
return
|
||||
}
|
||||
shost = spl[0]
|
||||
|
|
@ -513,7 +513,7 @@ func (r *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) {
|
|||
}
|
||||
// TODO: Reject requests from non-local IPs, if the site host is set to localhost or a localhost IP
|
||||
if common.Site.PortInt != 80 && common.Site.PortInt != 443 && sport != common.Site.Port {
|
||||
malformedRequest()
|
||||
malformedRequest(2)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
@ -538,8 +538,8 @@ func (r *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) {
|
|||
}
|
||||
|
||||
// Deflect malformed requests
|
||||
if len(req.URL.Path) == 0 || req.URL.Path[0] != '/' || shost != common.Site.Host {
|
||||
malformedRequest()
|
||||
if len(req.URL.Path) == 0 || req.URL.Path[0] != '/' || (!common.Config.LooseHost && shost != common.Site.Host) {
|
||||
malformedRequest(3)
|
||||
return
|
||||
}
|
||||
if common.Dev.FullReqLog {
|
||||
|
|
|
|||
Loading…
Reference in New Issue