relax restrictions on host name validation #4618

wanderingbort · 2018-07-12T21:36:05Z

include the resolved and raw ports in the cleared host list
allow an incoming connection to use the host of the IP:PORT it is actually connected to at a socket level

- include the resolved and raw ports in the cleared host list - allow an incoming connection to use the host of the IP:PORT it is actually connected to at a socket level

heifner · 2018-07-12T22:09:00Z

plugins/http_plugin/http_plugin.cpp

+               const auto& local_endpoint = con->get_socket().lowest_layer().local_endpoint();
+               auto local_socket_host = local_endpoint.address().to_string();
+               auto port = local_endpoint.port();
+               if (!(is_secure && port == 443) || (!is_secure && port == 80)) {


Is there a reason to restrict this to 443 for https and 80 for http? Seems like you could enable no matter what local_endpoint port is used.

relax restrictions on host name validation

8dce387

- include the resolved and raw ports in the cleared host list - allow an incoming connection to use the host of the IP:PORT it is actually connected to at a socket level

wanderingbort requested a review from heifner July 12, 2018 21:36

heifner reviewed Jul 12, 2018

View reviewed changes

remove erroneous port omission

6157118

heifner approved these changes Jul 12, 2018

View reviewed changes

wanderingbort merged commit 749e0fe into EOSIO:release/1.0.x Jul 13, 2018

wanderingbort deleted the feature/less-strict-host-checking branch July 13, 2018 02:17

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

relax restrictions on host name validation #4618

relax restrictions on host name validation #4618

wanderingbort commented Jul 12, 2018

heifner Jul 12, 2018

relax restrictions on host name validation #4618

relax restrictions on host name validation #4618

Conversation

wanderingbort commented Jul 12, 2018

heifner Jul 12, 2018

Choose a reason for hiding this comment