diff options
author | Matthew Holt <[email protected]> | 2022-03-19 22:51:32 -0600 |
---|---|---|
committer | Matthew Holt <[email protected]> | 2022-03-19 22:51:32 -0600 |
commit | c2327161f725c820826587381f37d651a2b9736d (patch) | |
tree | 83c89b515a01d408603c9c2d1352f37718221cb4 | |
parent | c5fffb4ac2631f0b41a8e13b62925b9dc8346cb9 (diff) | |
download | caddy-c2327161f725c820826587381f37d651a2b9736d.tar.gz caddy-c2327161f725c820826587381f37d651a2b9736d.zip |
cmd: Set Origin header properly on API requests
Ref. https://caddy.community/t/bug-in-enforce-origin/15417
-rw-r--r-- | cmd/commandfuncs.go | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/cmd/commandfuncs.go b/cmd/commandfuncs.go index d308aeb8a..332374013 100644 --- a/cmd/commandfuncs.go +++ b/cmd/commandfuncs.go @@ -650,13 +650,13 @@ func AdminAPIRequest(adminAddr, method, uri string, headers http.Header, body io if err != nil || parsedAddr.PortRangeSize() > 1 { return nil, fmt.Errorf("invalid admin address %s: %v", adminAddr, err) } - origin := parsedAddr.JoinHostPort(0) + origin := "http://" + parsedAddr.JoinHostPort(0) if parsedAddr.IsUnixNetwork() { origin = "unixsocket" // hack so that http.NewRequest() is happy } // form the request - req, err := http.NewRequest(method, "http://"+origin+uri, body) + req, err := http.NewRequest(method, origin+uri, body) if err != nil { return nil, fmt.Errorf("making request: %v", err) } |