diff options
author | Sadie Powell <sadie@witchery.services> | 2021-05-07 16:09:02 +0100 |
---|---|---|
committer | Sadie Powell <sadie@witchery.services> | 2021-05-07 16:09:02 +0100 |
commit | 876d6d3afe5b936d585159b6c4f444aed808b5b6 (patch) | |
tree | cb29a7bd2f5b4c2d98c29a8485f015e7579dad95 | |
parent | e4560ecec44e74cff7b31695114a3b52304beac3 (diff) |
Send 400 Bad Request if a WebSocket client doesn't send an origin.
-rw-r--r-- | src/modules/m_websocket.cpp | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/modules/m_websocket.cpp b/src/modules/m_websocket.cpp index da8bd382b..c7b7f6d4f 100644 --- a/src/modules/m_websocket.cpp +++ b/src/modules/m_websocket.cpp @@ -340,6 +340,11 @@ class WebSocketHook : public IOHookMiddle } } } + else + { + FailHandshake(sock, "HTTP/1.1 400 Bad Request\r\nConnection: close\r\n\r\n", "WebSocket: Received HTTP request that did not send the Origin header"); + return -1; + } if (!allowedorigin) { |