MyFavMirrors/owntone-server
1
0
Fork 0
mirror of https://github.com/owntone/owntone-server.git synced 2025-02-05 10:48:09 -05:00
Code Issues Packages Projects Releases Wiki Activity

[httpd] Add requirement for Access-Control-Request-Method for preflight CORS

Browse Source
This commit is contained in:
ejurgensen 2016-10-19 17:29:22 +02:00
parent 57945a592c
commit 54a09fce63
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/httpd.c
View File

@ -1053,7 +1053,10 @@ httpd_gen_cb(struct evhttp_request *req, void *arg)
// Did we get a CORS preflight request? // Did we get a CORS preflight request?
input_headers = evhttp_request_get_input_headers(req); input_headers = evhttp_request_get_input_headers(req);
if (allow_origin && (evhttp_request_get_command(req) == EVHTTP_REQ_OPTIONS) && evhttp_find_header(input_headers, "Origin")) if ( input_headers && allow_origin &&
(evhttp_request_get_command(req) == EVHTTP_REQ_OPTIONS) &&
evhttp_find_header(input_headers, "Origin") &&
evhttp_find_header(input_headers, "Access-Control-Request-Method") )
{ {
output_headers = evhttp_request_get_output_headers(req); output_headers = evhttp_request_get_output_headers(req);