lkddi/Xboard
1
0
Fork 0
mirror of https://github.com/lkddi/Xboard.git synced 2026-04-03 10:30:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: use getHost() for proper host comparison in safe mode

Browse Source
This commit is contained in:
xboard
2026-03-28 15:49:27 +08:00
parent 23294c1f93
commit bbc96a18bc
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
routes/web.php
View File

@@ -21,7 +21,10 @@ use Illuminate\Support\Facades\File;
Route::get('/', function (Request $request) { Route::get('/', function (Request $request) {
if (admin_setting('app_url') && admin_setting('safe_mode_enable', 0)) { if (admin_setting('app_url') && admin_setting('safe_mode_enable', 0)) {
if ($request->server('HTTP_HOST') !== parse_url(admin_setting('app_url'))['host']) { $requestHost = $request->getHost();
$configHost = parse_url(admin_setting('app_url'), PHP_URL_HOST);
if ($requestHost !== $configHost) {
abort(403); abort(403);
} }
} }