Check that request hostname matches configured hostname.

2019-11-21 22:39:25 +02:00 · 2019-11-21 22:39:25 +02:00 · 23a6284cc4
parent b3a87c3739
commit 23a6284cc4
1 changed files with 7 additions and 0 deletions
--- a/handler.go
+++ b/handler.go
@ -57,6 +57,13 @@ func handleGeminiRequest(conn net.Conn, config Config, logEntries chan LogEntry)
 		return
 	}

+	// Reject requests for content from other servers
+	if URL.Host != config.Hostname {
+		conn.Write([]byte("53 No proxying to other hosts!\r\n"))
+		log.Status = 53
+		return
+	}
+
 	// Fail if there are dots in the path
 	if strings.Contains(URL.Path, "..") {
 		conn.Write([]byte("50 Your directory traversal technique has been defeated!\r\n"))