aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorMatthew Holt <[email protected]>2022-03-19 22:51:32 -0600
committerMatthew Holt <[email protected]>2022-03-19 22:51:32 -0600
commitc2327161f725c820826587381f37d651a2b9736d (patch)
tree83c89b515a01d408603c9c2d1352f37718221cb4
parentc5fffb4ac2631f0b41a8e13b62925b9dc8346cb9 (diff)
downloadcaddy-c2327161f725c820826587381f37d651a2b9736d.tar.gz
caddy-c2327161f725c820826587381f37d651a2b9736d.zip
cmd: Set Origin header properly on API requests
Ref. https://caddy.community/t/bug-in-enforce-origin/15417
-rw-r--r--cmd/commandfuncs.go4
1 files changed, 2 insertions, 2 deletions
diff --git a/cmd/commandfuncs.go b/cmd/commandfuncs.go
index d308aeb8a..332374013 100644
--- a/cmd/commandfuncs.go
+++ b/cmd/commandfuncs.go
@@ -650,13 +650,13 @@ func AdminAPIRequest(adminAddr, method, uri string, headers http.Header, body io
if err != nil || parsedAddr.PortRangeSize() > 1 {
return nil, fmt.Errorf("invalid admin address %s: %v", adminAddr, err)
}
- origin := parsedAddr.JoinHostPort(0)
+ origin := "http://" + parsedAddr.JoinHostPort(0)
if parsedAddr.IsUnixNetwork() {
origin = "unixsocket" // hack so that http.NewRequest() is happy
}
// form the request
- req, err := http.NewRequest(method, "http://"+origin+uri, body)
+ req, err := http.NewRequest(method, origin+uri, body)
if err != nil {
return nil, fmt.Errorf("making request: %v", err)
}