-
Notifications
You must be signed in to change notification settings - Fork 1
/
allowedhosts.go
47 lines (44 loc) · 1.27 KB
/
allowedhosts.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
package middleware
import (
"fmt"
"net/http"
"github.com/Nigel2392/router/v3"
"github.com/Nigel2392/router/v3/request"
)
// Check if the request.Host is in the allowed hosts list
func AllowedHosts(allowed_hosts ...string) func(next router.Handler) router.Handler {
if len(allowed_hosts) == 0 {
panic("AllowedHosts: No hosts provided.")
}
for _, host := range allowed_hosts {
if host == "" {
panic("AllowedHosts: Empty host not allowed.")
} else if host == "*" {
// If the host is set to *, allow all hosts
return func(next router.Handler) router.Handler {
return next
}
}
}
return func(next router.Handler) router.Handler {
return router.HandleFunc(func(r *request.Request) {
// Check if ALLOWED_HOSTS is set and if the request host is allowed
var allowed = false
var requestHost = request.GetHost(r)
for _, host := range allowed_hosts {
if host == requestHost {
allowed = true
break
}
}
if !allowed {
if DEFAULT_LOGGER != nil {
DEFAULT_LOGGER.Error(FormatMessage(r, "ERROR", "Host not allowed: %s", requestHost))
}
http.Error(r.Response, fmt.Sprintf("Host not allowed: %s", requestHost), http.StatusForbidden)
return
}
next.ServeHTTP(r)
})
}
}