Browse Source

remove unused functions related to the admin endpoint host filtering

master
forest 6 months ago
parent
commit
2736c261b9
1 changed files with 0 additions and 28 deletions
  1. +0
    -28
      admin.go

+ 0
- 28
admin.go View File

@ -29,7 +29,6 @@ import (
"io/ioutil"
"net/http"
"net/http/pprof"
"net/url"
"os"
"path"
"regexp"
@ -433,33 +432,6 @@ func (h adminHandler) handleError(w http.ResponseWriter, r *http.Request, err er
}
}
// checkHost returns a handler that wraps next such that
// it will only be called if the request's Host header matches
// a trustworthy/expected value. This helps to mitigate DNS
// rebinding attacks.
func (h adminHandler) checkHost(r *http.Request) error {
var allowed bool
if !allowed {
return APIError{
HTTPStatus: http.StatusForbidden,
Err: fmt.Errorf("host not allowed: %s", r.Host),
}
}
return nil
}
func (h adminHandler) getOriginHost(r *http.Request) string {
origin := r.Header.Get("Origin")
if origin == "" {
origin = r.Header.Get("Referer")
}
originURL, err := url.Parse(origin)
if err == nil && originURL.Host != "" {
origin = originURL.Host
}
return origin
}
func handleConfig(w http.ResponseWriter, r *http.Request) error {
switch r.Method {
case http.MethodGet:


Loading…
Cancel
Save