diff options
| author | mhsanaei <ho3ein.sanaei@gmail.com> | 2024-07-15 00:55:04 +0300 |
|---|---|---|
| committer | mhsanaei <ho3ein.sanaei@gmail.com> | 2024-07-15 00:55:04 +0300 |
| commit | d298f4ffbda29d87440ee2c12e8d3acee698bee5 (patch) | |
| tree | 4db680de03096339beea52ba7ee1681c72825516 /web/middleware | |
| parent | 315e8af025105acf6364429dc16021e83dd4da66 (diff) | |
fix domain validator
Co-Authored-By: Alireza Ahmadi <alireza7@gmail.com>
Diffstat (limited to 'web/middleware')
| -rw-r--r-- | web/middleware/domainValidator.go | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/web/middleware/domainValidator.go b/web/middleware/domainValidator.go index 26a23895..52d2782c 100644 --- a/web/middleware/domainValidator.go +++ b/web/middleware/domainValidator.go @@ -3,6 +3,7 @@ package middleware import ( "net" "net/http" + "strings" "github.com/gin-gonic/gin" ) @@ -14,12 +15,17 @@ func DomainValidatorMiddleware(domain string) gin.HandlerFunc { host = c.GetHeader("X-Real-IP") } if host == "" { - host, _, _ := net.SplitHostPort(c.Request.Host) - if host != domain { - c.AbortWithStatus(http.StatusForbidden) - return + host = c.Request.Host + if colonIndex := strings.LastIndex(host, ":"); colonIndex != -1 { + host, _, _ = net.SplitHostPort(host) } - c.Next() } + + if host != domain { + c.AbortWithStatus(http.StatusForbidden) + return + } + + c.Next() } } |