Bring validate_referer/1 from original
Project: http://git-wip-us.apache.org/repos/asf/couchdb-couch-httpd/repo Commit: http://git-wip-us.apache.org/repos/asf/couchdb-couch-httpd/commit/d2c703d6 Tree: http://git-wip-us.apache.org/repos/asf/couchdb-couch-httpd/tree/d2c703d6 Diff: http://git-wip-us.apache.org/repos/asf/couchdb-couch-httpd/diff/d2c703d6 Branch: refs/heads/split_out_httpd_stack Commit: d2c703d6379fcc51dfee5506a3fdb22dd8132f18 Parents: e040c01 Author: ILYA Khlopotov <iil...@ca.ibm.com> Authored: Fri Feb 26 09:52:55 2016 -0800 Committer: ILYA Khlopotov <iil...@ca.ibm.com> Committed: Tue Mar 1 08:35:08 2016 -0800 ---------------------------------------------------------------------- src/couch_httpd.erl | 15 +++++++++++++++ src/couch_httpd_original.erl | 18 +++--------------- 2 files changed, 18 insertions(+), 15 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/couchdb-couch-httpd/blob/d2c703d6/src/couch_httpd.erl ---------------------------------------------------------------------- diff --git a/src/couch_httpd.erl b/src/couch_httpd.erl index 800190c..4f78bac 100644 --- a/src/couch_httpd.erl +++ b/src/couch_httpd.erl @@ -88,6 +88,7 @@ -export([ validate_ctype/2, + validate_referer/1, validate_host/1 ]). @@ -429,6 +430,20 @@ validate_ctype(Req, Ctype) -> end end. +validate_referer(Req) -> + Host = host_for_request(Req), + Referer = header_value(Req, "Referer", fail), + case Referer of + fail -> + throw({bad_request, <<"Referer header required.">>}); + Referer -> + {_,RefererHost,_,_,_} = mochiweb_util:urlsplit(Referer), + if + RefererHost =:= Host -> ok; + true -> throw({bad_request, <<"Referer header must match host.">>}) + end + end. + validate_host(#httpd{} = Req) -> case config:get_boolean("httpd", "validate_host", false) of true -> http://git-wip-us.apache.org/repos/asf/couchdb-couch-httpd/blob/d2c703d6/src/couch_httpd_original.erl ---------------------------------------------------------------------- diff --git a/src/couch_httpd_original.erl b/src/couch_httpd_original.erl index d867279..c841399 100644 --- a/src/couch_httpd_original.erl +++ b/src/couch_httpd_original.erl @@ -21,7 +21,7 @@ -export([send_error/2,send_error/4, send_chunked_error/2]). --export([handle_request_int/5,validate_referer/1]). +-export([handle_request_int/5]). -export([validate_bind_address/1]). @@ -71,7 +71,8 @@ send_response/4, start_chunked_response/3, validate_host/1, - accepted_encodings/1 + accepted_encodings/1, + validate_referer/1 ]). -define(HANDLER_NAME_IN_MODULE_POS, 6). @@ -408,19 +409,6 @@ authenticate_request(Req) -> increment_method_stats(Method) -> couch_stats:increment_counter([couchdb, httpd_request_methods, Method]). -validate_referer(Req) -> - Host = host_for_request(Req), - Referer = header_value(Req, "Referer", fail), - case Referer of - fail -> - throw({bad_request, <<"Referer header required.">>}); - Referer -> - {_,RefererHost,_,_,_} = mochiweb_util:urlsplit(Referer), - if - RefererHost =:= Host -> ok; - true -> throw({bad_request, <<"Referer header must match host.">>}) - end - end. % Utilities
