diff options
Diffstat (limited to 'etc/inc/auth.inc')
-rw-r--r-- | etc/inc/auth.inc | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index 15bf2e2..7ad5291 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -58,14 +58,15 @@ if (function_exists("display_error_form") && !isset($config['system']['webgui'][ /* DNS ReBinding attack prevention. http://redmine.pfsense.org/issues/708 */ $found_host = false; - if(strstr($_SERVER['HTTP_HOST'], ":")) { - $http_host_port = explode(":", $_SERVER['HTTP_HOST']); + /* Either a IPv6 address with or without a alternate port */ + if(strstr($_SERVER['HTTP_HOST'], "]")) { + $http_host_port = explode("]", $_SERVER['HTTP_HOST']); /* v6 address has more parts, drop the last part */ if(count($http_host_port) > 1) { array_pop($http_host_port); $http_host = str_replace(array("[", "]"), "", implode(":", $http_host_port)); } else { - $http_host = $http_host_port[0]; + $http_host = str_replace(array("[", "]"), "", implode(":", $http_host_port)); } } else { $http_host = $_SERVER['HTTP_HOST']; |