PR63688 balancer csrf problems

fix case-sensitive referer check Submitted By: Armin Abfalterer git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1865749 13f79535-47bb-0310-9956-ffa450edef68
author: Eric Covener <covener@apache.org> 2019-08-23 15:06:57 +0200
committer: Eric Covener <covener@apache.org> 2019-08-23 15:06:57 +0200
commit: 0951669df6cd687511c10b1c889ba746407f4229 (patch)
tree: ad87bdeae05f41cd548d6357924e75db6e7212c6 /modules
parent: mod_ssl: OCSP does not apply to proxy mode, fix verify context. (diff)
download: apache2-0951669df6cd687511c10b1c889ba746407f4229.tar.xz
apache2-0951669df6cd687511c10b1c889ba746407f4229.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/proxy/mod_proxy_balancer.c b/modules/proxy/mod_proxy_balancer.c
index 0ff3feb244..ca2462285b 100644
--- a/modules/proxy/mod_proxy_balancer.c
+++ b/modules/proxy/mod_proxy_balancer.c
@@ -1852,7 +1852,7 @@ static int safe_referer(request_rec *r, const char *ref)
     if (apr_uri_parse(r->pool, ref, &uri) || !uri.hostname)
         return 0;
 
-    return strcmp(uri.hostname, ap_get_server_name(r)) == 0;
+    return strcasecmp(uri.hostname, ap_get_server_name(r)) == 0;
 }
 
 /* Manages the loadfactors and member status
author	Eric Covener <covener@apache.org>	2019-08-23 15:06:57 +0200
committer	Eric Covener <covener@apache.org>	2019-08-23 15:06:57 +0200
commit	0951669df6cd687511c10b1c889ba746407f4229 (patch)
tree	ad87bdeae05f41cd548d6357924e75db6e7212c6 /modules
parent	mod_ssl: OCSP does not apply to proxy mode, fix verify context. (diff)
download	apache2-0951669df6cd687511c10b1c889ba746407f4229.tar.xz apache2-0951669df6cd687511c10b1c889ba746407f4229.zip