Implement HTTP host header filtering

This filtering is required to defend against DNS rebinding attack.

src/base/http/connection.cpp

@@ -74,8 +74,8 @@ void Connection::read()
         break;
 
     case RequestParser::NoError:
-        Environment env;
-        env.clientAddress = m_socket->peerAddress();
+        const Environment env {m_socket->localAddress(), m_socket->localPort(), m_socket->peerAddress(), m_socket->peerPort()};
+
         Response response = m_requestHandler->processRequest(request, env);
         if (acceptsGzipEncoding(request.headers["accept-encoding"]))
             response.headers[HEADER_CONTENT_ENCODING] = "gzip";

src/base/http/types.h

@@ -65,7 +65,11 @@ namespace Http
 
     struct Environment
     {
+        QHostAddress localAddress;
+        quint16 localPort;
+
         QHostAddress clientAddress;
+        quint16 clientPort;
     };
 
     struct UploadedFile

src/base/preferences.cpp

@@ -449,6 +449,16 @@ void Preferences::setWebUiLocalAuthEnabled(bool enabled)
     setValue("Preferences/WebUI/LocalHostAuth", enabled);
 }
 
+QString Preferences::getServerDomains() const
+{
+    return value("Preferences/WebUI/ServerDomains", "*").toString();
+}
+
+void Preferences::setServerDomains(const QString &str)
+{
+    setValue("Preferences/WebUI/ServerDomains", str);
+}
+
 quint16 Preferences::getWebUiPort() const
 {
     return value("Preferences/WebUI/Port", 8080).toInt();

src/base/preferences.h

@@ -178,6 +178,8 @@ public:
     void setWebUiEnabled(bool enabled);
     bool isWebUiLocalAuthEnabled() const;
     void setWebUiLocalAuthEnabled(bool enabled);
+    QString getServerDomains() const;
+    void setServerDomains(const QString &str);
     quint16 getWebUiPort() const;
     void setWebUiPort(quint16 port);
     bool useUPnPForWebUIPort() const;