Home Explore Help
Sign In
mirrors
/
ntfy
mirror of https://github.com/binwiederhier/ntfy
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Make Upgrade header check for websockets case insensitive, closes #228

Philipp Heckel 3 years ago
parent
28bb8d4446
commit
edfed24c27
3 changed files with 39 additions and 24 deletions
Split View Show Diff Stats
  1. 21 20
      docs/config.md
  2. 17 3
      docs/releases.md
  3. 1 1
      server/server.go

+ 21 - 20
docs/config.md
View File 

@@ -519,24 +519,27 @@ or the root domain:
 
     ```
 
     <VirtualHost *:80>
 
         ServerName ntfy.sh
 
-        
-        SetEnv proxy-nokeepalive 1
 
-        SetEnv proxy-sendchunked 1
 
-        
+
 
+        # Proxy connections to ntfy (requires "a2enmod proxy")
 
         ProxyPass / http://127.0.0.1:2586/
 
         ProxyPassReverse / http://127.0.0.1:2586/
 
-        
+
 
+        SetEnv proxy-nokeepalive 1
 
+        SetEnv proxy-sendchunked 1
 
+
 
         # Higher than the max message size of 4096 bytes
 
         LimitRequestBody 102400
 
 
-        # WebSockets support
 
+        # Enable mod_rewrite (requires "a2enmod rewrite")
 
+        RewriteEngine on
 
+
 
+        # WebSockets support (requires "a2enmod rewrite proxy_wstunnel")
 
         RewriteCond %{HTTP:Upgrade} websocket [NC]
 
         RewriteCond %{HTTP:Connection} upgrade [NC]
 
         RewriteRule ^/?(.*) "ws://127.0.0.1:2586/$1" [P,L]
 
         
         # Redirect HTTP to HTTPS, but only for GET topic addresses, since we want 
         # it to work with curl without the annoying https:// prefix 
-        RewriteEngine on
 
         RewriteCond %{REQUEST_METHOD} GET
 
         RewriteRule ^/([-_A-Za-z0-9]{0,64})$ https://%{SERVER_NAME}/$1 [R,L]
 
     </VirtualHost>
 
@@ -548,26 +551,24 @@ or the root domain:
 
         SSLCertificateFile /etc/letsencrypt/live/ntfy.sh/fullchain.pem
 
         SSLCertificateKeyFile /etc/letsencrypt/live/ntfy.sh/privkey.pem
 
         Include /etc/letsencrypt/options-ssl-apache.conf
 
-        
-        SetEnv proxy-nokeepalive 1
 
-        SetEnv proxy-sendchunked 1
 
-        
+
 
+        # Proxy connections to ntfy (requires "a2enmod proxy")
 
         ProxyPass / http://127.0.0.1:2586/
 
         ProxyPassReverse / http://127.0.0.1:2586/
 
-        
+
 
+        SetEnv proxy-nokeepalive 1
 
+        SetEnv proxy-sendchunked 1
 
+
 
         # Higher than the max message size of 4096 bytes 
         LimitRequestBody 102400
 
 
-        # WebSockets support
 
+        # Enable mod_rewrite (requires "a2enmod rewrite")
 
+        RewriteEngine on
 
+
 
+        # WebSockets support (requires "a2enmod rewrite proxy_wstunnel")
 
         RewriteCond %{HTTP:Upgrade} websocket [NC]
 
         RewriteCond %{HTTP:Connection} upgrade [NC]
 
-        RewriteRule ^/?(.*) "ws://127.0.0.1:2586/$1" [P,L]
 
-        
-        # Redirect HTTP to HTTPS, but only for GET topic addresses, since we want 
-        # it to work with curl without the annoying https:// prefix 
-        RewriteEngine on
 
-        RewriteCond %{REQUEST_METHOD} GET
 
-        RewriteRule ^/([-_A-Za-z0-9]{0,64})$ https://%{SERVER_NAME}/$1 [R,L]
 
+        RewriteRule ^/?(.*) "ws://127.0.0.1:2586/$1" [P,L] 
     </VirtualHost>
 
     ```

+ 17 - 3
docs/releases.md
View File 

@@ -6,9 +6,19 @@ and the [ntfy Android app](https://github.com/binwiederhier/ntfy-android/release
 
 
 ## ntfy Android app v1.13.0 (UNRELEASED)
 
 
-Bugs:
 
-* Accurate naming of "mute notifications" from "pause notifications" ([#224](https://github.com/binwiederhier/ntfy/issues/224), 
-  thanks to [@shadow00](https://github.com/shadow00) for reporting)
 
+**Features:**
 
+
 
+* Cards in notification detail view ([#175](https://github.com/binwiederhier/ntfy/issues/224), thanks to [@cmeis](https://github.com/cmeis) for reporting)
 
+
 
+**Bugs:**
 
+
 
+* Accurate naming of "mute notifications" from "pause notifications" ([#224](https://github.com/binwiederhier/ntfy/issues/224), thanks to [@shadow00](https://github.com/shadow00) for reporting)
 
+* Make messages with links selectable ([#226](https://github.com/binwiederhier/ntfy/issues/226), thanks to [@StoyanDimitrov](https://github.com/StoyanDimitrov) for reporting)
 
+
 
+**Thanks for testing:**
 
+
 
+Thanks to [@cmeis](https://github.com/cmeis), [@StoyanDimitrov](https://github.com/StoyanDimitrov), [@Fallenbagel](https://github.com/Fallenbagel) for testing, and 
+to [@Joeharrison94](https://github.com/Joeharrison94) for the input. 
 
 ## ntfy server v1.22.0 (UNRELEASED)
 
 
@@ -16,6 +26,10 @@ Bugs:
 
 
 * Better parsing of the user actions, allowing quotes (no ticket)
 
 
+**Bugs:**
 
+
 
+* `Upgrade` header check is now case in-sensitive ([#228](https://github.com/binwiederhier/ntfy/issues/228), thanks to [@wunter8](https://github.com/wunter8) for finding it)
 
+
 
 -->
 
 
 ## ntfy Android app v1.12.0

+ 1 - 1
server/server.go
View File 

@@ -739,7 +739,7 @@ func (s *Server) handleSubscribeHTTP(w http.ResponseWriter, r *http.Request, v *
 
 }
 
 
 func (s *Server) handleSubscribeWS(w http.ResponseWriter, r *http.Request, v *visitor) error {
 
-	if r.Header.Get("Upgrade") != "websocket" {
 
+	if strings.ToLower(r.Header.Get("Upgrade")) != "websocket" {
 
 		return errHTTPBadRequestWebSocketsUpgradeHeaderMissing
 
 	}
 
 	if err := v.SubscriptionAllowed(); err != nil {