mirror of
https://github.com/grafana/grafana.git
synced 2024-12-29 10:21:41 -06:00
live: handle origin without port set (#36834)
This commit is contained in:
parent
248b442ca3
commit
37caebc934
@ -402,9 +402,17 @@ func checkAllowedOrigin(origin string, appURL *url.URL, originGlobs []glob.Glob)
|
||||
logger.Warn("Failed to parse request origin", "error", err, "origin", origin)
|
||||
return false, err
|
||||
}
|
||||
if strings.EqualFold(originURL.Scheme, appURL.Scheme) && strings.EqualFold(originURL.Host, appURL.Host) {
|
||||
return true, nil
|
||||
// Try to match over configured [server] root_url first.
|
||||
if originURL.Port() == "" {
|
||||
if strings.EqualFold(originURL.Scheme, appURL.Scheme) && strings.EqualFold(originURL.Host, appURL.Hostname()) {
|
||||
return true, nil
|
||||
}
|
||||
} else {
|
||||
if strings.EqualFold(originURL.Scheme, appURL.Scheme) && strings.EqualFold(originURL.Host, appURL.Host) {
|
||||
return true, nil
|
||||
}
|
||||
}
|
||||
// If there is still no match try [live] allowed_origins patterns.
|
||||
for _, pattern := range originGlobs {
|
||||
if pattern.Match(origin) {
|
||||
return true, nil
|
||||
|
@ -75,6 +75,12 @@ func TestCheckOrigin(t *testing.T) {
|
||||
appURL: "http://localhost:3000/",
|
||||
success: true,
|
||||
},
|
||||
{
|
||||
name: "valid_origin_no_port",
|
||||
origin: "https://www.example.com",
|
||||
appURL: "https://www.example.com:443/grafana/",
|
||||
success: true,
|
||||
},
|
||||
{
|
||||
name: "unauthorized_origin",
|
||||
origin: "http://localhost:8000",
|
||||
|
Loading…
Reference in New Issue
Block a user