From 807140ce43584e9612f7b5890b13d751247f8e6e Mon Sep 17 00:00:00 2001
From: jwijenbergh <jeroenwijenbergh@protonmail.com>
Date: Thu, 16 Feb 2023 15:48:52 +0100
Subject: Server: Validate endpoints

This commit validates the server endpoints by checking the Host and
scheme of each URL to check if they match eachother. This is to
prevent further mixup attacks
---
 internal/test/handler.go | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 internal/test/handler.go

(limited to 'internal/test/handler.go')

diff --git a/internal/test/handler.go b/internal/test/handler.go
new file mode 100644
index 0000000..5c02629
--- /dev/null
+++ b/internal/test/handler.go
@@ -0,0 +1,25 @@
+package test
+
+import (
+	"net/http"
+	"sync"
+)
+
+// HandlerSet is a struct with a mutex that allows us to swap handlers while a test server is running
+type HandlerSet struct {
+	mu sync.Mutex
+	handler http.Handler
+}
+
+func (hs *HandlerSet) SetHandler(handler http.Handler) {
+	hs.mu.Lock()
+	hs.handler = handler
+	hs.mu.Unlock()
+}
+
+func (hs *HandlerSet) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+	hs.mu.Lock()
+	handler := hs.handler
+	hs.mu.Unlock()
+	handler.ServeHTTP(w, r)
+}
-- 
cgit v1.2.3