From bd649cfb33303fe57f7ba0cb0f8e315b7ee7a102 Mon Sep 17 00:00:00 2001
From: shortcutme <tamas@zeronet.io>
Date: Thu, 14 Feb 2019 15:49:10 +0100
Subject: [PATCH] Remove ui_server allowed http host learning

---
 src/Ui/UiRequest.py | 6 ------
 src/Ui/UiServer.py  | 3 ---
 2 files changed, 9 deletions(-)

diff --git a/src/Ui/UiRequest.py b/src/Ui/UiRequest.py
index 87b88287..dfd7a3e0 100644
--- a/src/Ui/UiRequest.py
+++ b/src/Ui/UiRequest.py
@@ -72,12 +72,6 @@ class UiRequest(object):
             else:
                 return False
 
-        if self.server.learn_allowed_host:
-            # Learn the first request's host as allowed one
-            self.server.learn_allowed_host = False
-            self.learnHost(host)
-            return True
-
         return False
 
     # Call the request handler function base on path
diff --git a/src/Ui/UiServer.py b/src/Ui/UiServer.py
index c82f0280..90b6a31c 100644
--- a/src/Ui/UiServer.py
+++ b/src/Ui/UiServer.py
@@ -60,7 +60,6 @@ class UiServer:
             self.ip = "0.0.0.0"  # Bind all
         if config.ui_host:
             self.allowed_hosts = set(config.ui_host)
-            self.learn_allowed_host = False
         elif config.ui_ip == "127.0.0.1":
             # IP Addresses are inherently allowed as they are immune to DNS
             # rebinding attacks.
@@ -73,10 +72,8 @@ class UiServer:
             # use.
             if config.ui_port == 80:
                 self.allowed_hosts.update(["localhost"])
-            self.learn_allowed_host = False
         else:
             self.allowed_hosts = set([])
-            self.learn_allowed_host = True  # It will pin to the first http request's host
         self.allow_trans_proxy = config.ui_trans_proxy
 
         self.wrapper_nonces = []