mirror/xiaomi-dafang-hacks
1
0
Fork 0
mirror of https://github.com/EliasKotlyar/Xiaomi-Dafang-Hacks.git synced 2025-09-02 20:52:41 +02:00
Code Issues Releases Wiki Activity

Prevent HTTPS redirects for 127.0.0.1 (#1846)

Browse Source 
This is helpful for when a host is connected over an ssh tunnel, and sends "localhost" for the HOST header.
If it is an ssh tunnel, it is already secured. And browsers have trouble with redirects to https://localhost
This commit is contained in:
unqueued
2023-05-23 15:43:50 -04:00
committed by GitHub
parent 6e1729539a
commit 7fc144b8ea
1 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
firmware_mod/config/lighttpd.conf.dist
View File

@@ -52,10 +52,13 @@ $HTTP["url"] !~ "^/.well-known/(.*)" {
#SSL is enabled by default
#If disabling SSL you must clear your site cookie
$HTTP["scheme"] == "http" {
# capture vhost name with regex conditiona -> %0 in redirect pattern
# must be the most inner block to the redirect rule
$HTTP["host"] =~ ".*" {
url.redirect = (".*" => "https://%0$0")
# Do not apply rule to 127.0.0.1, for ssh tunnels
$HTTP["remote-ip"] != "127.0.0.1" {
# capture vhost name with regex conditiona -> %0 in redirect pattern
# must be the most inner block to the redirect rule
$HTTP["host"] =~ ".*" {
url.redirect = (".*" => "https://%0$0")
}
}
}
}