mirrors/puter
1
0
Fork 0
mirror of https://github.com/HeyPuter/puter synced 2024-11-14 22:06:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update WebServerService.js

Browse Source
This commit is contained in:
Nariman Jelveh 2024-04-27 19:10:10 -07:00
parent fd4e2f59dc
commit 42d85abfc2
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
packages/backend/src/services/WebServerService.js
View File

@ -298,8 +298,8 @@ class WebServerService extends BaseService {
// Parse the Host header to isolate the hostname (strip out port if present)
const hostName = hostHeader.split(':')[0].trim().toLowerCase();
// Check if the hostname matches any of the allowed domains
if (allowedDomains.some(allowedDomain => hostName.endsWith(allowedDomain))) {
// Check if the hostname matches any of the allowed domains or is a subdomain of an allowed domain
if (allowedDomains.some(allowedDomain => hostName === allowedDomain || hostName.endsWith('.' + allowedDomain))) {
next(); // Proceed if the host is valid
} else {
return res.status(400).send('Invalid Host header.');