Fix for FS#270 - Bugs with stripping referer

The referer is now checked more strictly against the host. If setting 'referer' is set to 'same-domain', it now checks it against the public-suffix, so referers can be sent between subdomains. If 'referer' is set to 'same-fqdn' (NEW) the FQDN's must match strictly.
author: Elias Norberg <xyzzy@kudzu.se> 2012-03-30 00:12:38 +0200
committer: Elias Norberg <xyzzy@kudzu.se> 2012-04-09 18:12:59 +0200
commit: 519da60e0cb250aef8f2bd30f902b91bb82c4277 (patch)
tree: a8bc2c168df998573e75496bdcab6a11b8897e87 /settings.c
parent: ecfc8e535d85aebdc61ccf5440b0e273da6defa3 (diff)
download: xombrero-519da60e0cb250aef8f2bd30f902b91bb82c4277.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/settings.c b/settings.c
index 5f68b3f..2a847de 100644
--- a/settings.c
+++ b/settings.c
@@ -1103,6 +1103,8 @@ get_referer(struct settings *s)
 		return (g_strdup("never"));
 	if (referer_mode == XT_REFERER_SAME_DOMAIN)
 		return (g_strdup("same-domain"));
+	if (referer_mode == XT_REFERER_SAME_FQDN)
+		return (g_strdup("same-fqdn"));
 	if (referer_mode == XT_REFERER_CUSTOM)
 		return (g_strdup(referer_custom));
 	return (NULL);
@@ -1120,6 +1122,8 @@ set_referer(struct settings *s, char *value)
 		referer_mode = XT_REFERER_NEVER;
 	else if (!strcmp(value, "same-domain"))
 		referer_mode = XT_REFERER_SAME_DOMAIN;
+	else if (!strcmp(value, "same-fqdn"))
+		referer_mode = XT_REFERER_SAME_FQDN;
 	else if (!valid_url_type(value)) {
 		referer_mode = XT_REFERER_CUSTOM;
 		referer_custom = g_strdup(value);
author	Elias Norberg <xyzzy@kudzu.se>	2012-03-30 00:12:38 +0200
committer	Elias Norberg <xyzzy@kudzu.se>	2012-04-09 18:12:59 +0200
commit	519da60e0cb250aef8f2bd30f902b91bb82c4277 (patch)
tree	a8bc2c168df998573e75496bdcab6a11b8897e87 /settings.c
parent	ecfc8e535d85aebdc61ccf5440b0e273da6defa3 (diff)
download	xombrero-519da60e0cb250aef8f2bd30f902b91bb82c4277.tar.gz