From ebd4ccdd55a509e02fd8964061b90361d6c93924 Mon Sep 17 00:00:00 2001
From: Hazelnoot <acomputerdog@gmail.com>
Date: Tue, 13 May 2025 22:22:40 -0400
Subject: [PATCH] enforce port restrictions against requests that happen to be
 missing the port

---
 packages/backend/src/core/HttpRequestService.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/backend/src/core/HttpRequestService.ts b/packages/backend/src/core/HttpRequestService.ts
index 7c086c9976..2951691129 100644
--- a/packages/backend/src/core/HttpRequestService.ts
+++ b/packages/backend/src/core/HttpRequestService.ts
@@ -32,7 +32,7 @@ export function isPrivateIp(allowedPrivateNetworks: PrivateNetwork[] | undefined
 
 	for (const { cidr, ports } of allowedPrivateNetworks ?? []) {
 		if (cidr[0].kind() === parsedIp.kind() && parsedIp.match(cidr)) {
-			if (port == null || ports == null || ports.includes(port)) {
+			if (ports == null || (port != null && ports.includes(port))) {
 				return false;
 			}
 		}