Simplify host restriction

2023-04-05 20:17:44 +02:00 · 2023-04-05 20:17:44 +02:00 · 102bd6bf30
parent c0292e080d
commit 102bd6bf30
1 changed files with 1 additions and 3 deletions
--- a/Controllers/RedirectController.cs
+++ b/Controllers/RedirectController.cs
@ -9,10 +9,8 @@ namespace AutheliaMultiDomainProxy.Controllers;
 public class RedirectController : Controller {
 	public IActionResult Get([FromQuery] string tgt) {
 		// Check if we are on an allowed domain
-		if (!Vars.PermittedDomains.Any(p => Request.Host.Host.EndsWith($".{p}"))) {
-			Response.StatusCode = 421;
+		if (Vars.PermittedDomains.All(p => Request.Host.Host != $"{Vars.AuthProxySubdomain}.{p}"))
 			return StatusCode(StatusCodes.Status421MisdirectedRequest);
-		}

 		var dstDomain = AuthHelpers.GetRootDomain(tgt);