flashii/misuzu
flashii/misuzu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Some adjustments.

Browse source
This commit is contained in:
flash 2022-02-14 21:04:34 +00:00
parent a28b5b275c
commit e5dcd654d3
1 changed files with 5 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
src/Http/Handlers/SockChatHandler.php
View file

@ -395,15 +395,16 @@ final class SockChatHandler extends Handler {
}
public function token(HttpResponse $response, HttpRequest $request) {
$httpOrigin = $request->getHeaderLine('Origin');
$host = $request->getHeaderLine('Host');
$origin = strtolower(parse_url($request->getHeaderLine('Origin'), PHP_URL_HOST));
if(!empty($httpOrigin)) {
if(!empty($origin) && $origin !== $host) {
$whitelist = Config::get('sockChat.origins', Config::TYPE_ARR, []);
if(!in_array($httpOrigin, $whitelist))
if(!in_array($origin, $whitelist))
return 403;
$request->setHeader('Access-Control-Allow-Origin', $httpOrigin);
$request->setHeader('Access-Control-Allow-Origin', $origin);
$request->setHeader('Access-Control-Allow-Methods', 'OPTIONS, GET');
$request->setHeader('Access-Control-Allow-Credentials', 'true');
$request->setHeader('Vary', 'Origin');