From 2a2fe635038e5c56ea21c3e7c620c9fd4d45aa2a Mon Sep 17 00:00:00 2001 From: Nathan Wagner Date: Sat, 15 Feb 2025 18:32:52 -0500 Subject: [PATCH] Update websocket.c Host header, Connection, and Authorization header should not be case sensitive --- common/network/websocket.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/common/network/websocket.c b/common/network/websocket.c index f128ffe..49d3a25 100644 --- a/common/network/websocket.c +++ b/common/network/websocket.c @@ -644,7 +644,7 @@ int parse_handshake(ws_ctx_t *ws_ctx, char *handshake) { strncpy(headers->path, start, end-start); headers->path[end-start] = '\0'; - start = strstr(handshake, "\r\nHost: "); + start = strcasestr(handshake, "\r\nHost: "); if (!start) { err("missing Host header"); return 0; } start += 8; end = strstr(start, "\r\n"); @@ -681,7 +681,7 @@ int parse_handshake(ws_ctx_t *ws_ctx, char *handshake) { strncpy(headers->key1, start, end-start); headers->key1[end-start] = '\0'; - start = strstr(handshake, "\r\nConnection: "); + start = strcasestr(handshake, "\r\nConnection: "); if (!start) { err("missing Connection header"); return 0; } start += 14; end = strstr(start, "\r\n"); @@ -1883,7 +1883,7 @@ ws_ctx_t *do_handshake(int sock, char * const ip) { unsigned char owner = 0; char inuser[USERNAME_LEN] = "-"; if (!settings.disablebasicauth) { - const char *hdr = strstr(handshake, "Authorization: Basic "); + const char *hdr = strcasestr(handshake, "Authorization: Basic "); if (!hdr) { bl_addFailure(ip); wserr("Authentication attempt failed, BasicAuth required, but client didn't send any\n");