whitequark.org
+10
-2
src/auth.go
+10
-2
src/auth.go
···
12
"slices"
13
"strings"
14
"time"
15
)
16
17
type AuthError struct {
···
42
return nil
43
}
44
45
func GetHost(r *http.Request) (string, error) {
46
-
// FIXME: handle IDNA
47
host, _, err := net.SplitHostPort(r.Host)
48
if err != nil {
49
-
// dirty but the go stdlib doesn't have a "split port if present" function
50
host = r.Host
51
}
52
if strings.HasPrefix(host, ".") {
53
return "", AuthError{http.StatusBadRequest,
···
12
"slices"
13
"strings"
14
"time"
15
+
16
+
"golang.org/x/net/idna"
17
)
18
19
type AuthError struct {
···
44
return nil
45
}
46
47
+
var idnaProfile = idna.New(idna.MapForLookup(), idna.BidiRule())
48
+
49
func GetHost(r *http.Request) (string, error) {
50
host, _, err := net.SplitHostPort(r.Host)
51
if err != nil {
52
host = r.Host
53
+
}
54
+
// this also rejects invalid characters and labels
55
+
host, err = idnaProfile.ToASCII(host)
56
+
if err != nil {
57
+
return "", AuthError{http.StatusBadRequest,
58
+
fmt.Sprintf("malformed host name %q", host)}
59
}
60
if strings.HasPrefix(host, ".") {
61
return "", AuthError{http.StatusBadRequest,