From 23a6284cc4b32eb887ab83f56451c12be667c031 Mon Sep 17 00:00:00 2001
From: Solderpunk <solderpunk@sdf.org>
Date: Thu, 21 Nov 2019 22:39:25 +0200
Subject: [PATCH] Check that request hostname matches configured hostname.

---
 handler.go | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/handler.go b/handler.go
index d703dcf..326061a 100644
--- a/handler.go
+++ b/handler.go
@@ -57,6 +57,13 @@ func handleGeminiRequest(conn net.Conn, config Config, logEntries chan LogEntry)
 		return
 	}
 
+	// Reject requests for content from other servers
+	if URL.Host != config.Hostname {
+		conn.Write([]byte("53 No proxying to other hosts!\r\n"))
+		log.Status = 53
+		return
+	}
+
 	// Fail if there are dots in the path
 	if strings.Contains(URL.Path, "..") {
 		conn.Write([]byte("50 Your directory traversal technique has been defeated!\r\n"))