Skip to content

Commit 9fde868

Browse files
alexander-akaitalexander-akait
committed
revert: header check
1 parent 2c16e98 commit 9fde868

File tree

2 files changed

+10
-12
lines changed

2 files changed

+10
-12
lines changed

lib/Server.js

Lines changed: 10 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1961,7 +1961,7 @@ class Server {
19611961
(req.headers);
19621962
const headerName = headers[":authority"] ? ":authority" : "host";
19631963

1964-
if (this.checkHeader(headers, headerName, true)) {
1964+
if (this.checkHeader(headers, headerName)) {
19651965
next();
19661966
return;
19671967
}
@@ -2668,8 +2668,8 @@ class Server {
26682668

26692669
if (
26702670
!headers ||
2671-
!this.checkHeader(headers, "host", true) ||
2672-
!this.checkHeader(headers, "origin", false)
2671+
!this.checkHeader(headers, "host") ||
2672+
!this.checkHeader(headers, "origin")
26732673
) {
26742674
this.sendMessage([client], "error", "Invalid Host/Origin header");
26752675

@@ -2703,7 +2703,8 @@ class Server {
27032703

27042704
if (
27052705
this.options.client &&
2706-
/** @type {ClientConfiguration} */ (this.options.client).reconnect
2706+
/** @type {ClientConfiguration} */
2707+
(this.options.client).reconnect
27072708
) {
27082709
this.sendMessage(
27092710
[client],
@@ -2718,9 +2719,9 @@ class Server {
27182719
/** @type {ClientConfiguration} */
27192720
(this.options.client).overlay
27202721
) {
2721-
const overlayConfig = /** @type {ClientConfiguration} */ (
2722-
this.options.client
2723-
).overlay;
2722+
const overlayConfig =
2723+
/** @type {ClientConfiguration} */
2724+
(this.options.client).overlay;
27242725

27252726
this.sendMessage(
27262727
[client],
@@ -3108,10 +3109,9 @@ class Server {
31083109
* @private
31093110
* @param {{ [key: string]: string | undefined }} headers
31103111
* @param {string} headerToCheck
3111-
* @param {boolean} allowIP
31123112
* @returns {boolean}
31133113
*/
3114-
checkHeader(headers, headerToCheck, allowIP) {
3114+
checkHeader(headers, headerToCheck) {
31153115
// allow user to opt out of this security check, at their own risk
31163116
// by explicitly enabling allowedHosts
31173117
if (this.options.allowedHosts === "all") {
@@ -3151,8 +3151,7 @@ class Server {
31513151
// and its subdomains (hostname.endsWith(".localhost")).
31523152
// allow hostname of listening address (hostname === this.options.host)
31533153
const isValidHostname =
3154-
(allowIP &&
3155-
hostname !== null &&
3154+
(hostname !== null &&
31563155
(ipaddr.IPv4.isValid(hostname) || ipaddr.IPv6.isValid(hostname))) ||
31573156
hostname === "localhost" ||
31583157
(hostname !== null && hostname.endsWith(".localhost")) ||

types/lib/Server.d.ts

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1351,7 +1351,6 @@ declare class Server<
13511351
* @private
13521352
* @param {{ [key: string]: string | undefined }} headers
13531353
* @param {string} headerToCheck
1354-
* @param {boolean} allowIP
13551354
* @returns {boolean}
13561355
*/
13571356
private checkHeader;

0 commit comments

Comments
 (0)