TyleoDvDelaware3217/GoDoxy
1
0
Fork 0
mirror of https://github.com/yusing/godoxy.git synced 2025-06-02 09:52:34 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(websocket): fix local address checks

Browse source
This commit is contained in:
yusing 2025-05-31 13:55:29 +08:00
parent 57200bc1e9
commit 54bf84dcba
1 changed files with 5 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
internal/net/gphttp/gpwebsocket/utils.go
View file

@ -3,7 +3,6 @@ package gpwebsocket
import (
"net"
"net/http"
"slices"
"strings"
"sync"
"time"
@ -30,8 +29,6 @@ func SetWebsocketAllowedDomains(h http.Header, domains []string) {
h[HeaderXGoDoxyWebsocketAllowedDomains] = domains
}
var localAddresses = []string{"127.0.0.1", "10.0.*.*", "172.16.*.*", "192.168.*.*"}
const writeTimeout = time.Second * 10
func Initiate(w http.ResponseWriter, r *http.Request) (*websocket.Conn, error) {
@ -49,9 +46,13 @@ func Initiate(w http.ResponseWriter, r *http.Request) (*websocket.Conn, error) {
if err != nil {
host = r.Host
}
if slices.Contains(localAddresses, host) {
if host == "localhost" {
return true
}
ip := net.ParseIP(host)
if ip != nil {
return ip.IsLoopback() || ip.IsPrivate()
}
for _, domain := range allowedDomains {
if domain[0] == '.' {
if host == domain[1:] || strings.HasSuffix(host, domain) {