3diy
/
moonraker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

authorization: add warning if a domian in "cors_domains" contains a trailing slash 

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
This commit is contained in:
Eric Callahan 2021-07-12 15:47:38 -04:00
parent f94a27c8e4
commit 7f740ccb5a
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
moonraker/components/authorization.py
View File

@ -119,8 +119,14 @@ class Authorization:
raise config.error( raise config.error(
f"Unsafe CORS Domain '{domain}'. Wildcards are not" f"Unsafe CORS Domain '{domain}'. Wildcards are not"
" permitted in the top level domain.") " permitted in the top level domain.")
self.cors_domains.append( if domain.endswith("/"):
domain.replace(".", "\\.").replace("*", ".*")) self.server.add_warning(
f"Invalid domain '{domain}' in option 'cors_domains', "
"section [authorization]. Domain's cannot contain a "
"trailing slash.")
else:
self.cors_domains.append(
domain.replace(".", "\\.").replace("*", ".*"))
# Get Trusted Clients # Get Trusted Clients
self.trusted_ips: List[IPAddr] = [] self.trusted_ips: List[IPAddr] = []