diff --git a/tasmota/xdrv_01_webserver.ino b/tasmota/xdrv_01_webserver.ino index 8c9fc9945..d413d5b75 100644 --- a/tasmota/xdrv_01_webserver.ino +++ b/tasmota/xdrv_01_webserver.ino @@ -400,9 +400,6 @@ const uint16_t DNS_PORT = 53; enum HttpOptions {HTTP_OFF, HTTP_USER, HTTP_ADMIN, HTTP_MANAGER, HTTP_MANAGER_RESET_ONLY}; enum WifiTestOptions {WIFI_NOT_TESTING, WIFI_TESTING, WIFI_TEST_FINISHED, WIFI_TEST_FINISHED_BAD}; -const char * headerKeys[] = {"Referer"}; -const size_t numberOfHeaders = 1; - DNSServer *DnsServer; ESP8266WebServer *Webserver; @@ -546,7 +543,9 @@ void StartWebserver(int type, IPAddress ipweb) if (!Webserver) { Webserver = new ESP8266WebServer((HTTP_MANAGER == type || HTTP_MANAGER_RESET_ONLY == type) ? 80 : WEB_PORT); - Webserver->collectHeaders(headerKeys, numberOfHeaders); + const char* headerkeys[] = { "Referer" }; + size_t headerkeyssize = sizeof(headerkeys) / sizeof(char*); + Webserver->collectHeaders(headerkeys, headerkeyssize); // call `Webserver->on()` on each entry for (uint32_t i=0; iflag5.disable_referer_chk && !WifiIsInManagerMode()) { - String referer = Webserver->header("Referer"); // http://demo/? or http://192.168.2.153/? - referer.toUpperCase(); - String hostname = NetworkHostname(); - hostname.toUpperCase(); - if ((referer.indexOf(hostname) > 0) || (referer.indexOf(NetworkAddress().toString()) > 0)) { - return true; + String referer = Webserver->header(F("Referer")); // http://demo/? or http://192.168.2.153/? + if (referer.length()) { + referer.toUpperCase(); + String hostname = NetworkHostname(); + hostname.toUpperCase(); + if ((referer.indexOf(hostname) == 7) || (referer.indexOf(NetworkAddress().toString()) == 7)) { + return true; + } } + AddLog(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP "Referer denied")); return false; } else { return true;