sofar/mtmediasrv
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Reject non-POST methods.

Browse Source
This commit is contained in:
Auke Kok 2018-01-13 19:29:47 -08:00
parent 27fecb9e61
commit 46a398e079
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
main.go
View File

@ -56,7 +56,6 @@ func (writer logWriter) Write(bytes []byte) (int, error) {
type FastCGIServer struct{}
func (s FastCGIServer) ServeHTTP(w http.ResponseWriter, req *http.Request) {
header := make([]byte, 4)
version := make([]byte, 2)
@ -72,6 +71,13 @@ func (s FastCGIServer) ServeHTTP(w http.ResponseWriter, req *http.Request) {
}
remoteip := net.ParseIP(ip).String()
if req.Method != "POST" {
w.Header().Set("Access-Control-Allow-Headers", "POST")
http.Error(w, err.Error(), http.StatusMethodNotAllowed)
log.Printf("Invalid GET from %v\n", remoteip)
return
}
if !bytes.Equal(header, []byte("MTHS")) {
log.Print(remoteip, ": invalid MTHS header")
return