Skip to content

G
Geth-Modification
Commit 4fe30bf5 authored by bas-vk's avatar bas-vk Committed by Felix Lange
Browse files
Options

rpc: check content-type for HTTP requests (#15220)

parent 4732ee89
Show whitespace changes
Inline Side-by-side
Showing with 11 additions and 0 deletions
rpc/http.go
View file @ 4fe30bf5
...@@ -23,6 +23,7 @@ import ( ...@@ -23,6 +23,7 @@ import (
"fmt" "fmt"
"io" "io"
"io/ioutil" "io/ioutil"
"mime"
"net" "net"
"net/http" "net/http"
"sync" "sync"
...@@ -151,6 +152,16 @@ func (srv *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) { ...@@ -151,6 +152,16 @@ func (srv *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
http.StatusRequestEntityTooLarge) http.StatusRequestEntityTooLarge)
return return
} }
ct := r.Header.Get("content-type")
mt, _, err := mime.ParseMediaType(ct)
if err != nil || mt != "application/json" {
http.Error(w,
"invalid content type, only application/json is supported",
http.StatusUnsupportedMediaType)
return
}
w.Header().Set("content-type", "application/json") w.Header().Set("content-type", "application/json")
// create a codec that reads direct from the request body until // create a codec that reads direct from the request body until
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment