mirror of
https://github.com/warmcat/libwebsockets.git
synced 2025-03-09 00:00:04 +01:00
security disallow repeated GET
Signed-off-by: Andy Green <andy.green@linaro.org>
This commit is contained in:
parent
3ee9b31054
commit
94f94652ed
1 changed files with 6 additions and 0 deletions
|
@ -512,6 +512,12 @@ int libwebsocket_parse(struct libwebsocket *wsi, unsigned char c)
|
|||
|
||||
lwsl_parser("known hdr '%s'\n", wsi->u.hdr.name_buffer);
|
||||
|
||||
if (n == WSI_TOKEN_GET_URI &&
|
||||
wsi->u.hdr.ah->frag_index[WSI_TOKEN_GET_URI]) {
|
||||
lwsl_warn("Duplicated GET\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
/*
|
||||
* WSORIGIN is protocol equiv to ORIGIN,
|
||||
* JWebSocket likes to send it, map to ORIGIN
|
||||
|
|
Loading…
Add table
Reference in a new issue