mirror of
https://github.com/portainer/portainer.git
synced 2025-07-19 13:29:41 +02:00
feat(csrf): add trusted origins cli flags [BE-11972] (#836)
This commit is contained in:
Oscar Zhou
GitHub
parent
303047656e
commit
0556ffb4a1
9 changed files with 359 additions and 9 deletions
|
|
@ -80,3 +80,32 @@ func IsDNSName(s string) bool {
|
|||
|
||||
return !IsIP(s) && dnsNameRegex.MatchString(s)
|
||||
}
|
||||
|
||||
func IsTrustedOrigin(s string) bool {
|
||||
// Reject if a scheme is present
|
||||
if strings.Contains(s, "://") {
|
||||
return false
|
||||
}
|
||||
|
||||
// Prepend http:// for parsing
|
||||
strTemp := "http://" + s
|
||||
parsedOrigin, err := url.Parse(strTemp)
|
||||
if err != nil {
|
||||
return false
|
||||
}
|
||||
|
||||
// Validate host, and ensure no user, path, query, fragment, port, etc.
|
||||
if parsedOrigin.Host == "" ||
|
||||
parsedOrigin.User != nil ||
|
||||
parsedOrigin.Path != "" ||
|
||||
parsedOrigin.RawQuery != "" ||
|
||||
parsedOrigin.Fragment != "" ||
|
||||
parsedOrigin.Opaque != "" ||
|
||||
parsedOrigin.RawFragment != "" ||
|
||||
parsedOrigin.RawPath != "" ||
|
||||
parsedOrigin.Port() != "" {
|
||||
return false
|
||||
}
|
||||
|
||||
return true
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue