From 9c4b7bd820363da063396f9bce1efa1c62725f54 Mon Sep 17 00:00:00 2001
From: Kieran <kieran@harkin.me>
Date: Fri, 9 Sep 2022 13:01:20 +0100
Subject: [PATCH] Fix virus hot-linking redirect

---
 VoidCat/Controllers/DownloadController.cs | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/VoidCat/Controllers/DownloadController.cs b/VoidCat/Controllers/DownloadController.cs
index bcafe49..088852e 100644
--- a/VoidCat/Controllers/DownloadController.cs
+++ b/VoidCat/Controllers/DownloadController.cs
@@ -113,10 +113,10 @@ public class DownloadController : Controller
         }
 
         // prevent hot-linking viruses
-        var origin = Request.Headers.Origin.Count > 0 ? new Uri(Request.Headers.Origin.First()) : null;
-        var originWrong = !origin?.Host.Equals(_settings.SiteUrl.Host, StringComparison.InvariantCultureIgnoreCase) ??
-                          false;
-        if (meta.VirusScan?.IsVirus == true && originWrong)
+        var referer = Request.Headers.Referer.Count > 0 ? new Uri(Request.Headers.Referer.First()) : null;
+        var hasCorrectReferer = referer?.Host.Equals(_settings.SiteUrl.Host, StringComparison.InvariantCultureIgnoreCase) ??
+                               false;
+        if (meta.VirusScan?.IsVirus == true && !hasCorrectReferer)
         {
             Response.StatusCode = (int) HttpStatusCode.Redirect;
             Response.Headers.Location = $"/{id.ToBase58()}";