summaryrefslogtreecommitdiffstats
path: root/web/server/web_client.c
diff options
context:
space:
mode:
Diffstat (limited to 'web/server/web_client.c')
-rw-r--r--web/server/web_client.c8
1 files changed, 4 insertions, 4 deletions
diff --git a/web/server/web_client.c b/web/server/web_client.c
index 908e3a6a9..53a5944ce 100644
--- a/web/server/web_client.c
+++ b/web/server/web_client.c
@@ -791,7 +791,7 @@ static inline char *http_header_parse(struct web_client *w, char *s, int parse_u
w->auth_bearer_token = strdupz(v);
}
else if(hash == hash_host && !strcasecmp(s, "Host")){
- strncpyz(w->host, v, (ve - v));
+ strncpyz(w->server_host, v, ((size_t)(ve - v) < sizeof(w->server_host)-1 ? (size_t)(ve - v) : sizeof(w->server_host)-1));
}
#ifdef NETDATA_WITH_ZLIB
else if(hash == hash_accept_encoding && !strcasecmp(s, "Accept-Encoding")) {
@@ -1147,8 +1147,8 @@ static inline void web_client_send_http_header(struct web_client *w) {
char headerbegin[8328];
if (w->response.code == HTTP_RESP_MOVED_PERM) {
memcpy(headerbegin,"\r\nLocation: https://",20);
- size_t headerlength = strlen(w->host);
- memcpy(&headerbegin[20],w->host,headerlength);
+ size_t headerlength = strlen(w->server_host);
+ memcpy(&headerbegin[20],w->server_host,headerlength);
headerlength += 20;
size_t tmp = strlen(w->last_url);
memcpy(&headerbegin[headerlength],w->last_url,tmp);
@@ -1212,7 +1212,7 @@ static inline void web_client_send_http_header(struct web_client *w) {
if(w->mode == WEB_CLIENT_MODE_OPTIONS) {
buffer_strcat(w->response.header_output,
"Access-Control-Allow-Methods: GET, OPTIONS\r\n"
- "Access-Control-Allow-Headers: accept, x-requested-with, origin, content-type, cookie, pragma, cache-control\r\n"
+ "Access-Control-Allow-Headers: accept, x-requested-with, origin, content-type, cookie, pragma, cache-control, x-auth-token\r\n"
"Access-Control-Max-Age: 1209600\r\n" // 86400 * 14
);
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-18 03:07:18 +0000