Merge pull request #3 from brave/upgrade_to_0.105.2

Upgrade to 0.105.2
brave · Jul 30, 2019 · 423f1fa · 423f1fa
2 parents 6dae42c + 3f70177
commit 423f1fa
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 11 deletions.
diff --git a/lib/server.js b/lib/server.js
@@ -54,13 +54,6 @@ function Server (torrent, opts = {}) {
     // deny them
     if (req.headers.origin == null) return false
 
-    // If a 'hostname' string is specified, deny requests with a 'Host'
-    // header that does not match the origin of the torrent server to prevent
-    // DNS rebinding attacks.
-    if (opts.hostname && req.headers.host !== `${opts.hostname}:${server.address().port}`) {
-      return false
-    }
-
     // The user allowed all origins
     if (opts.origin === '*') return true
 
@@ -77,6 +70,13 @@ function Server (torrent, opts = {}) {
   }
 
   function onRequest (req, res) {
+    // If a 'hostname' string is specified, deny requests with a 'Host'
+    // header that does not match the origin of the torrent server to prevent
+    // DNS rebinding attacks.
+    if (opts.hostname && req.headers.host !== `${opts.hostname}:${server.address().port}`) {
+      return req.destroy()
+    }
+
     const pathname = new URL(req.url, 'http://example.com').pathname
 
     if (pathname === '/favicon.ico') {

diff --git a/package.json b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "webtorrent",
   "description": "Streaming torrent client",
-  "version": "0.105.1",
+  "version": "0.105.2",
   "author": {
     "name": "WebTorrent, LLC",
     "email": "[email protected]",

diff --git a/webtorrent.min.js b/webtorrent.min.js