From 14e556b2644efa5731a25a69c843cfbb52334b29 Mon Sep 17 00:00:00 2001
From: Leah Neukirchen <leah@vuxu.org>
Date: Fri, 8 May 2020 19:11:25 +0200
Subject: for vhost, detect Host: . and empty Host:

Thanks @duncaen.
---
 hittpd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hittpd.c b/hittpd.c
index 7b97042..09c89d8 100644
--- a/hittpd.c
+++ b/hittpd.c
@@ -543,7 +543,7 @@ on_message_complete(http_parser *p) {
 				*s = tolower(*s);
 			*s = 0;
 		}
-		if (strstr(host, "..")) {
+		if (!*host || *host == '.' || strstr(host, "..")) {
 			send_error(p, 403, "Forbidden");
 			return 0;
 		}
-- 
cgit 1.4.1