From 4ed63354288cb7a689fd793a2b26a523253ef97e Mon Sep 17 00:00:00 2001
From: Theo Arends <11044339+arendst@users.noreply.github.com>
Date: Sun, 15 Aug 2021 15:51:29 +0200
Subject: [PATCH] Add referer related debug info

---
 tasmota/xdrv_01_webserver.ino | 22 ++++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)

diff --git a/tasmota/xdrv_01_webserver.ino b/tasmota/xdrv_01_webserver.ino
index 8c9fc9945..d413d5b75 100644
--- a/tasmota/xdrv_01_webserver.ino
+++ b/tasmota/xdrv_01_webserver.ino
@@ -400,9 +400,6 @@ const uint16_t DNS_PORT = 53;
 enum HttpOptions {HTTP_OFF, HTTP_USER, HTTP_ADMIN, HTTP_MANAGER, HTTP_MANAGER_RESET_ONLY};
 enum WifiTestOptions {WIFI_NOT_TESTING, WIFI_TESTING, WIFI_TEST_FINISHED, WIFI_TEST_FINISHED_BAD};
 
-const char * headerKeys[] = {"Referer"};
-const size_t numberOfHeaders = 1;
-
 DNSServer *DnsServer;
 ESP8266WebServer *Webserver;
 
@@ -546,7 +543,9 @@ void StartWebserver(int type, IPAddress ipweb)
     if (!Webserver) {
       Webserver = new ESP8266WebServer((HTTP_MANAGER == type || HTTP_MANAGER_RESET_ONLY == type) ? 80 : WEB_PORT);
 
-      Webserver->collectHeaders(headerKeys, numberOfHeaders);
+      const char* headerkeys[] = { "Referer" };
+      size_t headerkeyssize = sizeof(headerkeys) / sizeof(char*);
+      Webserver->collectHeaders(headerkeys, headerkeyssize);
 
       // call `Webserver->on()` on each entry
       for (uint32_t i=0; i<nitems(WebServerDispatch); i++) {
@@ -658,13 +657,16 @@ bool HttpCheckPriviledgedAccess(bool autorequestauth = true)
   }
 
   if (!Settings->flag5.disable_referer_chk && !WifiIsInManagerMode()) {
-    String referer = Webserver->header("Referer");  // http://demo/? or http://192.168.2.153/?
-    referer.toUpperCase();
-    String hostname = NetworkHostname();
-    hostname.toUpperCase();
-    if ((referer.indexOf(hostname) > 0) || (referer.indexOf(NetworkAddress().toString()) > 0)) {
-      return true;
+    String referer = Webserver->header(F("Referer"));  // http://demo/? or http://192.168.2.153/?
+    if (referer.length()) {
+      referer.toUpperCase();
+      String hostname = NetworkHostname();
+      hostname.toUpperCase();
+      if ((referer.indexOf(hostname) == 7) || (referer.indexOf(NetworkAddress().toString()) == 7)) {
+        return true;
+      }
     }
+    AddLog(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP "Referer denied"));
     return false;
   } else {
     return true;