Fixing origin/host validation (#1273)

2016-06-15 00:57:49 +02:00 · 2016-06-15 00:57:49 +02:00 · b562480173
commit b562480173
parent f7536876d5
2 changed files with 7 additions and 9 deletions
--- a/parity/configuration.rs
+++ b/parity/configuration.rs
@ -362,14 +362,12 @@ impl Configuration {
 	}

 	fn ipc_path(&self) -> String {
-		if self.args.flag_geth { self.geth_ipc_path() }
-		else {
-			if cfg!(windows) {
-				r"\\.\pipe\parity.jsonrpc".to_owned()
-			}
-			else {
-				Configuration::replace_home(&self.args.flag_ipcpath.clone().unwrap_or(self.args.flag_ipc_path.clone()))
-			}
+		if self.args.flag_geth {
+			self.geth_ipc_path()
+		} else if cfg!(windows) {
+			r"\\.\pipe\parity.jsonrpc".to_owned()
+		} else {
+			Configuration::replace_home(&self.args.flag_ipcpath.clone().unwrap_or(self.args.flag_ipc_path.clone()))
 		}
 	}

--- a/signer/src/ws_server/session.rs
+++ b/signer/src/ws_server/session.rs
@ -75,7 +75,7 @@ impl ws::Handler for Session {
 		let host = req.header("host").or_else(|| req.header("Host"));

 		// Check request origin and host header.
-		if !origin_is_allowed(&self.self_origin, origin) && !origin_is_allowed(&self.self_origin, host) {
+		if !origin_is_allowed(&self.self_origin, origin) && !(origin.is_none() && origin_is_allowed(&self.self_origin, host)) {
 			warn!(target: "signer", "Blocked connection to Signer API from untrusted origin.");
 			return Ok(ws::Response::forbidden(format!("You are not allowed to access system ui. Use: http://{}", self.self_origin)));
 		}