authorization: add warning if a domian in "cors_domains" contains a trailing slash

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
This commit is contained in:
Eric Callahan 2021-07-12 15:47:38 -04:00
parent f94a27c8e4
commit 7f740ccb5a
1 changed files with 8 additions and 2 deletions

View File

@ -119,8 +119,14 @@ class Authorization:
raise config.error(
f"Unsafe CORS Domain '{domain}'. Wildcards are not"
" permitted in the top level domain.")
self.cors_domains.append(
domain.replace(".", "\\.").replace("*", ".*"))
if domain.endswith("/"):
self.server.add_warning(
f"Invalid domain '{domain}' in option 'cors_domains', "
"section [authorization]. Domain's cannot contain a "
"trailing slash.")
else:
self.cors_domains.append(
domain.replace(".", "\\.").replace("*", ".*"))
# Get Trusted Clients
self.trusted_ips: List[IPAddr] = []