Project

General

Profile

« Previous | Next » 

Revision 1ba06f44

Added by Scott Ullrich about 15 years ago

Comment what we are doing here and add the ticket #.

View differences:

etc/inc/auth.inc
49 49

  
50 50
require_once("config.gui.inc");
51 51

  
52
/* DNS Binding attack prevention.  http://redmine.pfsense.org/issues/708 */
52 53
if ($_SERVER['HTTP_HOST'] != $config['system']['hostname'] . "." . $config['system']['domain'] and
53 54
	$_SERVER['HTTP_HOST'] != $_SERVER['SERVER_ADDR'] and 
54 55
	$_SERVER['HTTP_HOST'] != $config['system']['hostname']) {

Also available in: Unified diff