diff options
| author | Jeff Garzik <[email protected]> | 2013-05-02 12:26:55 -0700 |
|---|---|---|
| committer | Jeff Garzik <[email protected]> | 2013-05-02 12:26:55 -0700 |
| commit | d9dd0318e142341626619d4ec0d6eb505ee5d0fe (patch) | |
| tree | f3b946a577c65d95b02fe8c5e697cf7496efd6fd /src/bitcoinrpc.cpp | |
| parent | Merge pull request #2595 from sipa/noannloc (diff) | |
| parent | RPC: strictly require HTTP URI "/" (diff) | |
| download | discoin-d9dd0318e142341626619d4ec0d6eb505ee5d0fe.tar.xz discoin-d9dd0318e142341626619d4ec0d6eb505ee5d0fe.zip | |
Merge pull request #2601 from jgarzik/uri-validate
RPC: strictly require HTTP URI "/"
Diffstat (limited to 'src/bitcoinrpc.cpp')
| -rw-r--r-- | src/bitcoinrpc.cpp | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/bitcoinrpc.cpp b/src/bitcoinrpc.cpp index 9c126fc3d..a9b73fd5a 100644 --- a/src/bitcoinrpc.cpp +++ b/src/bitcoinrpc.cpp @@ -940,6 +940,11 @@ void ServiceConnection(AcceptedConnection *conn) // Read HTTP message headers and body ReadHTTPMessage(conn->stream(), mapHeaders, strRequest, nProto); + if (strURI != "/") { + conn->stream() << HTTPReply(HTTP_NOT_FOUND, "", false) << std::flush; + break; + } + // Check authorization if (mapHeaders.count("authorization") == 0) { |