mirror of
https://github.com/MHSanaei/3x-ui.git
synced 2025-03-04 01:43:28 +03:00
d070a82b3d
- Refactor SUBController subs and subJsons methods to extract host from X-Forwarded-Host header, falling back to X-Real-IP header and then to the request host if unavailable. - Update html function to extract host from X-Forwarded-Host header, falling back to X-Real-IP header and then to the request host if unavailable. - Update DomainValidatorMiddleware to first attempt to extract host from X-Forwarded-Host header, falling back to X-Real-IP header and then to the request host. Fixes: #2284 Signed-off-by: Ahmad Thoriq Najahi <najahi@zephyrus.id>
26 lines
446 B
Go
26 lines
446 B
Go
package middleware
|
|
|
|
import (
|
|
"net"
|
|
"net/http"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
func DomainValidatorMiddleware(domain string) gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
host := c.GetHeader("X-Forwarded-Host")
|
|
if host == "" {
|
|
host = c.GetHeader("X-Real-IP")
|
|
}
|
|
if host == "" {
|
|
host, _, _ := net.SplitHostPort(c.Request.Host)
|
|
if host != domain {
|
|
c.AbortWithStatus(http.StatusForbidden)
|
|
return
|
|
}
|
|
c.Next()
|
|
}
|
|
}
|
|
}
|