Merge pull request #912 from grelca/allow-host-with-port

allow Host header with explicit :80 included
99designs · Apr 12, 2022 · be9b43d · be9b43d
2 parents c4fa012 + 2aac403
commit be9b43d
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/server/ec2server.go b/server/ec2server.go
@@ -81,7 +81,7 @@ func withSecurityChecks(next *http.ServeMux) http.HandlerFunc {
 		// Check that the request is to 169.254.169.254
 		// Without this it's possible for an attacker to mount a DNS rebinding attack
 		// See https://github.com/99designs/aws-vault/issues/578
-		if r.Host != ec2MetadataEndpointIP {
+		if r.Host != ec2MetadataEndpointIP && r.Host != ec2MetadataEndpointAddr {
 			http.Error(w, fmt.Sprintf("Access denied for host '%s'", r.Host), http.StatusUnauthorized)
 			return
 		}