Update

2025-05-05 03:23:49 +08:00 · 2020-08-29 22:24:53 +08:00 · 2020-08-29 22:24:53 +08:00 · 1f7c4cab50
commit 1f7c4cab50
parent d35ad66adf
1 changed files with 9 additions and 9 deletions
--- a/server/websocket.go
+++ b/server/websocket.go
@ -210,14 +210,14 @@ func (s *websocketServer) event(w http.ResponseWriter, r *http.Request) {
 			log.Warnf("已拒绝 %v 的 Websocket 请求: Token错误", r.RemoteAddr)
 			w.WriteHeader(401)
 			return
-		} else if auth := r.Header.Get("Authorization"); auth != "" {
-			if strings.SplitN(auth, " ", 2)[1] != s.token {
+		} else if auth := strings.SplitN(r.Header.Get("Authorization"), " ", 2); len(auth) == 2 {
+			if auth[1] != s.token {
 				log.Warnf("已拒绝 %v 的 Websocket 请求: Token错误", r.RemoteAddr)
 				w.WriteHeader(401)
 				return
 			}
 		} else {
-			log.Warnf("已拒绝 %v 的 Websocket 请求: 空Token", r.RemoteAddr)
+			log.Warnf("已拒绝 %v 的 Websocket 请求: 空Token或传入格式错误", r.RemoteAddr)
 			w.WriteHeader(401)
 			return
 		}
@ -249,14 +249,14 @@ func (s *websocketServer) api(w http.ResponseWriter, r *http.Request) {
 			log.Warnf("已拒绝 %v 的 Websocket 请求: Token错误", r.RemoteAddr)
 			w.WriteHeader(401)
 			return
-		} else if auth := r.Header.Get("Authorization"); auth != "" {
-			if strings.SplitN(auth, " ", 2)[1] != s.token {
+		} else if auth := strings.SplitN(r.Header.Get("Authorization"), " ", 2); len(auth) == 2 {
+			if auth[1] != s.token {
 				log.Warnf("已拒绝 %v 的 Websocket 请求: Token错误", r.RemoteAddr)
 				w.WriteHeader(401)
 				return
 			}
 		} else {
-			log.Warnf("已拒绝 %v 的 Websocket 请求: 空Token", r.RemoteAddr)
+			log.Warnf("已拒绝 %v 的 Websocket 请求: 空Token或传入格式错误", r.RemoteAddr)
 			w.WriteHeader(401)
 			return
 		}
@ -277,14 +277,14 @@ func (s *websocketServer) any(w http.ResponseWriter, r *http.Request) {
 			log.Warnf("已拒绝 %v 的 Websocket 请求: Token错误", r.RemoteAddr)
 			w.WriteHeader(401)
 			return
-		} else if auth := r.Header.Get("Authorization"); auth != "" {
-			if strings.SplitN(auth, " ", 2)[1] != s.token {
+		} else if auth := strings.SplitN(r.Header.Get("Authorization"), " ", 2); len(auth) == 2 {
+			if auth[1] != s.token {
 				log.Warnf("已拒绝 %v 的 Websocket 请求: Token错误", r.RemoteAddr)
 				w.WriteHeader(401)
 				return
 			}
 		} else {
-			log.Warnf("已拒绝 %v 的 Websocket 请求: 空Token", r.RemoteAddr)
+			log.Warnf("已拒绝 %v 的 Websocket 请求: 空Token或传入格式错误", r.RemoteAddr)
 			w.WriteHeader(401)
 			return
 		}