ipn/localapi: also allow localhost as the LocalAPI host

The Mac and iOS LocalAPI clients make requests to it. Signed-off-by: Mihai Parparita <mihai@tailscale.com>
3 years ago · b3da5de10f
parent b0736fe6f7
commit b3da5de10f
1 changed files with 15 additions and 4 deletions
--- a/ipn/localapi/localapi.go
+++ b/ipn/localapi/localapi.go
@ -168,15 +168,26 @@ func validHost(h string) bool {
 	case "", apitype.LocalAPIHost:
 		return true
 	}
-	// Otherwise, any Host header we see should at most be an ip:port.
-	ap, err := netip.ParseAddrPort(h)
+	// Allow either localhost or loopback IP hosts.
+	host, portStr, err := net.SplitHostPort(h)
 	if err != nil {
 		return false
 	}
-	if runtime.GOOS == "windows" && ap.Port() != safesocket.WindowsLocalPort {
+	port, err := strconv.ParseUint(portStr, 10, 16)
+	if err != nil {
+		return false
+	}
+	if runtime.GOOS == "windows" && port != safesocket.WindowsLocalPort {
+		return false
+	}
+	if host == "localhost" {
+		return true
+	}
+	addr, err := netip.ParseAddr(h)
+	if err != nil {
 		return false
 	}
-	return ap.Addr().IsLoopback()
+	return addr.IsLoopback()
 }

 // handlerForPath returns the LocalAPI handler for the provided Request.URI.Path.