forked from Kieran/void.cat
Fix origin check
This commit is contained in:
parent
72047a5098
commit
3f373e6ca3
@ -111,7 +111,7 @@ public class DownloadController : Controller
|
|||||||
|
|
||||||
private async Task<VoidFileResponse?> SetupDownload(Guid id)
|
private async Task<VoidFileResponse?> SetupDownload(Guid id)
|
||||||
{
|
{
|
||||||
var origin = Request.Headers.Origin.FirstOrDefault();
|
var origin = Request.Headers.Referer.FirstOrDefault() ?? Request.Headers.Origin.FirstOrDefault();
|
||||||
if (!string.IsNullOrEmpty(origin) && Uri.TryCreate(origin, UriKind.RelativeOrAbsolute, out var u))
|
if (!string.IsNullOrEmpty(origin) && Uri.TryCreate(origin, UriKind.RelativeOrAbsolute, out var u))
|
||||||
{
|
{
|
||||||
if (_settings.BlockedOrigins.Any(a => string.Equals(a, u.DnsSafeHost, StringComparison.InvariantCultureIgnoreCase)))
|
if (_settings.BlockedOrigins.Any(a => string.Equals(a, u.DnsSafeHost, StringComparison.InvariantCultureIgnoreCase)))
|
||||||
|
Loading…
Reference in New Issue
Block a user