mirrors/zotero
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

Fix Host check regexp from 10ad4c337

Browse source 
(And don't allow 127.0.0.1.evil.com)
This commit is contained in:
Dan Stillman 2016-10-13 01:16:01 -04:00
parent 10ad4c3379
commit b2d580f3c9
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
chrome/content/zotero/xpcom/server.js
View file

@ -237,7 +237,7 @@ Zotero.Server.DataListener.prototype._headerFinished = function() {
Zotero.debug(this.header, 5);
const methodRe = /^([A-Z]+) ([^ \r\n?]+)(\?[^ \r\n]+)?/;
const hostRe = /[\r\n]Host: *127\.0\.0\.1(:[0-9]+)?([^ \r\n]+)/i;
const hostRe = /[\r\n]Host: *127\.0\.0\.1(:[0-9]+)?[\r\n]/i;
const contentTypeRe = /[\r\n]Content-Type: *([^ \r\n]+)/i;
if(!Zotero.isServer) {