From fba19e66cff17ffe05c8cf6f2f9d57e46d11921f Mon Sep 17 00:00:00 2001 From: DL6ER Date: Mon, 2 Jan 2017 16:46:13 +0100 Subject: [PATCH] Rephrase explaination what the code is doing because it is doing more than we expected --- scripts/pi-hole/php/auth.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/scripts/pi-hole/php/auth.php b/scripts/pi-hole/php/auth.php index d0c39a4b..690daed3 100644 --- a/scripts/pi-hole/php/auth.php +++ b/scripts/pi-hole/php/auth.php @@ -35,7 +35,11 @@ function check_cors() { // to validate that the client is authorized, only unauthorized. $server_host = $_SERVER['HTTP_HOST']; - // If HTTP_HOST contains a non-standard port (!= 80) we have to strip the port + // Use parse_url if HTTP_HOST contains a colon (:) to get the host name + // e.g. + // https://pi.hole + // pi.hole:8080 + // However, we don't use parse_url(...) if there is no colon, since it will fail for e.g. "pi.hole" if(strpos($server_host, ":")) { $server_host = parse_url($_SERVER['HTTP_HOST'], PHP_URL_HOST); @@ -48,7 +52,7 @@ function check_cors() { if(isset($_SERVER['HTTP_ORIGIN'])) { $server_origin = $_SERVER['HTTP_ORIGIN']; - // If HTTP_ORIGIN contains a non-standard port (!= 80) we have to strip the port + // Detect colon in $_SERVER['HTTP_ORIGIN'] (see comment above) if(strpos($server_origin, ":")) { $server_origin = parse_url($_SERVER['HTTP_ORIGIN'], PHP_URL_HOST);