3x-ui/web/middleware/domainValidator.go

// Package middleware provides HTTP middleware functions for the 3x-ui web panel,
// including domain validation and URL redirection utilities.
package middleware

import (
	"net"
	"net/http"
	"strings"

	"github.com/gin-gonic/gin"
)

// DomainValidatorMiddleware returns a Gin middleware that validates the request domain.
// It extracts the host from the request, strips any port number, and compares it
// against the configured domain. Requests from unauthorized domains are rejected
// with HTTP 403 Forbidden status.
func DomainValidatorMiddleware(domain string) gin.HandlerFunc {
	return func(c *gin.Context) {
		host := c.Request.Host
		if colonIndex := strings.LastIndex(host, ":"); colonIndex != -1 {
			host, _, _ = net.SplitHostPort(c.Request.Host)
		}

		if host != domain {
			c.AbortWithStatus(http.StatusForbidden)
			return
		}

		c.Next()
	}
}
docs: add comments for all functions 2025-09-20 07:35:50 +00:00			`// Package middleware provides HTTP middleware functions for the 3x-ui web panel,`
			`// including domain validation and URL redirection utilities.`
create and move middlewares to seperate folder 2023-05-30 20:43:46 +00:00			`package middleware`

			`import (`
Ensure IPv6 compliant host Co-Authored-By: vnxme <46669194+vnxme@users.noreply.github.com> 2024-05-22 15:51:55 +00:00			`"net"`
create and move middlewares to seperate folder 2023-05-30 20:43:46 +00:00			`"net/http"`
fix domain validator Co-Authored-By: Alireza Ahmadi <alireza7@gmail.com> 2024-07-14 21:55:04 +00:00			`"strings"`
create and move middlewares to seperate folder 2023-05-30 20:43:46 +00:00
			`"github.com/gin-gonic/gin"`
			`)`

docs: add comments for all functions 2025-09-20 07:35:50 +00:00			`// DomainValidatorMiddleware returns a Gin middleware that validates the request domain.`
			`// It extracts the host from the request, strips any port number, and compares it`
			`// against the configured domain. Requests from unauthorized domains are rejected`
			`// with HTTP 403 Forbidden status.`
create and move middlewares to seperate folder 2023-05-30 20:43:46 +00:00			`func DomainValidatorMiddleware(domain string) gin.HandlerFunc {`
			`return func(c *gin.Context) {`
Fix domain validation for Nginx/CDN compatibility #2450 2024-08-08 08:52:59 +00:00			`host := c.Request.Host`
			`if colonIndex := strings.LastIndex(host, ":"); colonIndex != -1 {`
			`host, _, _ = net.SplitHostPort(c.Request.Host)`
feat: Enhance host extraction from headers (#2292) - Refactor SUBController subs and subJsons methods to extract host from X-Forwarded-Host header, falling back to X-Real-IP header and then to the request host if unavailable. - Update html function to extract host from X-Forwarded-Host header, falling back to X-Real-IP header and then to the request host if unavailable. - Update DomainValidatorMiddleware to first attempt to extract host from X-Forwarded-Host header, falling back to X-Real-IP header and then to the request host. Fixes: #2284 Signed-off-by: Ahmad Thoriq Najahi <najahi@zephyrus.id> 2024-05-23 21:51:19 +00:00			`}`
fix domain validator Co-Authored-By: Alireza Ahmadi <alireza7@gmail.com> 2024-07-14 21:55:04 +00:00
			`if host != domain {`
			`c.AbortWithStatus(http.StatusForbidden)`
			`return`
			`}`

			`c.Next()`
create and move middlewares to seperate folder 2023-05-30 20:43:46 +00:00			`}`
			`}`