slon-project/slon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Slon/Modules/Api: Update whitelist_ip to specify multiple values

Browse source 
The whitelist_ip setting will now match on any value encapsulated by
single quotes, regardless of delimiter.
This commit is contained in:
Alec Murphy 2025-03-21 14:18:48 -04:00
parent 329c7fabf7
commit 3468d97da9
1 changed files with 4 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

9
Slon/Modules/Api.HC
View file

@ -19,12 +19,11 @@ class SlonCatboxUpload {
Bool @slon_api_authorized(SlonHttpSession* session) Bool @slon_api_authorized(SlonHttpSession* session)
{ {
U8 scratch_buffer[256];
U8* whitelist_ip = db->o("settings")->@("whitelist_ip"); U8* whitelist_ip = db->o("settings")->@("whitelist_ip");
if (!whitelist_ip) { if (whitelist_ip) {
return FALSE; StrPrint(scratch_buffer, "'%s'", session->header("x-forwarded-for"));
} return session->auth > 0 && StrFind(scratch_buffer, whitelist_ip);
if (StrICmp(session->header("x-forwarded-for"), whitelist_ip)) {
return FALSE;
} }
return session->auth > 0; return session->auth > 0;
} }