diff options
Diffstat (limited to 'modules/private/internal.go')
| -rw-r--r-- | modules/private/internal.go | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/modules/private/internal.go b/modules/private/internal.go index 3bd4eb06b1..e599c6eb8e 100644 --- a/modules/private/internal.go +++ b/modules/private/internal.go @@ -6,7 +6,6 @@ package private import ( "context" "crypto/tls" - "fmt" "net" "net/http" "os" @@ -40,10 +39,14 @@ func NewInternalRequest(ctx context.Context, url, method string) *httplib.Reques Ensure you are running in the correct environment or set the correct configuration file with -c.`, setting.CustomConf) } + if !strings.HasPrefix(url, setting.LocalURL) { + log.Fatal("Invalid internal request URL: %q", url) + } + req := httplib.NewRequest(url, method). SetContext(ctx). Header("X-Real-IP", getClientIP()). - Header("X-Gitea-Internal-Auth", fmt.Sprintf("Bearer %s", setting.InternalToken)). + Header("X-Gitea-Internal-Auth", "Bearer "+setting.InternalToken). SetTLSClientConfig(&tls.Config{ InsecureSkipVerify: true, ServerName: setting.Domain, |