forked from svrjs/svrjs
Moved invalid X-Forwader-For header handler
This commit is contained in:
parent
61b0d6ad9c
commit
5ba3d8f2b3
1 changed files with 7 additions and 7 deletions
14
svr.js
14
svr.js
|
@ -4032,6 +4032,13 @@ if (!cluster.isPrimary) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Check for invalid X-Forwarded-For header
|
||||||
|
if(!isForwardedValid) {
|
||||||
|
serverconsole.errmessage("X-Forwarded-For header is invalid.");
|
||||||
|
callServerError(400);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
// Sanitize URL
|
// Sanitize URL
|
||||||
var sanitizedHref = sanitizeURL(href);
|
var sanitizedHref = sanitizeURL(href);
|
||||||
|
|
||||||
|
@ -4069,13 +4076,6 @@ if (!cluster.isPrimary) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check for invalid X-Forwarded-For header
|
|
||||||
if(!isForwardedValid) {
|
|
||||||
serverconsole.errmessage("X-Forwarded-For header is invalid.");
|
|
||||||
callServerError(400);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Handle redirects to HTTPS
|
// Handle redirects to HTTPS
|
||||||
if(secure && !fromMain && !disableNonEncryptedServer && !disableToHTTPSRedirect) {
|
if(secure && !fromMain && !disableNonEncryptedServer && !disableToHTTPSRedirect) {
|
||||||
var hostx = req.headers.host;
|
var hostx = req.headers.host;
|
||||||
|
|
Reference in a new issue