From: MegaBrutal Date: Fri, 23 Nov 2018 23:30:30 +0000 (+0100) Subject: Block more HTTP request methods X-Git-Url: http://git.megabrutal.com/?p=mgsmtp.git;a=commitdiff_plain Block more HTTP request methods Block PUT, DELETE, CONNECT, OPTIONS, PATCH, and TRACE as well. modified: Listener.pas --- diff --git a/Listener.pas b/Listener.pas index 52d753d..fd607c9 100644 --- a/Listener.pas +++ b/Listener.pas @@ -230,7 +230,9 @@ begin if (Length(Cmd) = 0) or (not ReadSucceeded) or UnexpectedFail then { Nothing. } - else if (Cmd = 'GET') or (Cmd = 'HEAD') or (Cmd = 'POST') then begin + else if (Cmd = 'GET') or (Cmd = 'HEAD') or (Cmd = 'PUT') or (Cmd = 'POST') + or (Cmd = 'DELETE') or (Cmd = 'CONNECT') or (Cmd = 'OPTIONS') + or (Cmd = 'PATCH') or (Cmd = 'TRACE') then begin SendAndLogResponse(SMTP_R_SERVICE_NA, 'Please learn to speak SMTP for I won''t speak HTTP. Stop abusing my service!'); UnexpectedFail:= true; end