On Mon, Apr 01, 2019 at 02:30:22AM +0200, Florian Obser wrote: > OK? > > diff --git server_http.c server_http.c > index 6c8549d2b41..f04a15bd056 100644 > --- server_http.c > +++ server_http.c > @@ -1176,7 +1176,7 @@ server_response(struct httpd *httpd, struct client *clt) > struct http_descriptor *resp = clt->clt_descresp; > struct server *srv = clt->clt_srv; > struct server_config *srv_conf = &srv->srv_conf; > - struct kv *kv, key, *host; > + struct kv *kv, key, *host, *ua; > struct str_find sm; > int portval = -1, ret; > char *hostval, *query; > @@ -1194,6 +1194,15 @@ server_response(struct httpd *httpd, struct client > *clt) > if ((desc->http_path = strdup(path)) == NULL) > goto fail; > > + key.kv_key = "user-agent";
I think this should be "User-Agent" to match the other cases in the file. With that change, ok brynet@ > + if ((ua = kv_find(&desc->http_headers, &key)) != NULL && > + ua->kv_value != NULL) { > + if (strstr(ua->kv_value, "curl") != NULL) { > + server_abort_http(clt, 403, "forbidden"); > + return (-1); > + } > + } > + > key.kv_key = "Host"; > if ((host = kv_find(&desc->http_headers, &key)) != NULL && > host->kv_value == NULL) > > -- > I'm not entirely sure you are real. > >