linkerd
/
linkerd2
mirror of https://github.com/linkerd/linkerd2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linkerd2/web/srv/check_same_origin.go

47 lines
927 B
Go
Raw Permalink Blame History

package srv
import (
"net/http"
"net/url"
"unicode/utf8"
)
// checkSameOrigin returns true if the origin is not set or is equal to the request host.
// Copied from gorilla/websocket.
func checkSameOrigin(r *http.Request) bool {
origin := r.Header["Origin"]
if len(origin) == 0 {
return true
}
u, err := url.Parse(origin[0])
if err != nil {
return false
}
return equalASCIIFold(u.Host, r.Host)
}
// equalASCIIFold returns true if s is equal to t with ASCII case folding as
// defined in RFC 4790.
// Copied from gorilla/websocket.
func equalASCIIFold(s, t string) bool {
for s != "" && t != "" {
sr, size := utf8.DecodeRuneInString(s)
s = s[size:]
tr, size := utf8.DecodeRuneInString(t)
t = t[size:]
if sr == tr {
continue
}
if 'A' <= sr && sr <= 'Z' {
sr = sr + 'a' - 'A'
}
if 'A' <= tr && tr <= 'Z' {
tr = tr + 'a' - 'A'
}
if sr != tr {
return false
}
}
return s == t
}
Reference in New Issue View Git Blame Copy Permalink