allow all private ip ranges

main/http_server/http_server.c

@@ -153,18 +153,34 @@ static esp_err_t check_is_same_network(httpd_req_t * req){
         origin_ip_addr = request_ip_addr;
     }
 
-
-    
     uint32_t requestor_network = request_ip_addr & server_netmask;
     uint32_t origin_network = origin_ip_addr & server_netmask;
 
-    //Check if client is in the same network as the server
-    if (server_network != origin_network || server_network != requestor_network) {
-        ESP_LOGI(TAG, "Client is NOT in the same network as the server.");
-        return ESP_FAIL;
-    } 
 
-    return ESP_OK;
+    //Private IP ranges
+    //192.168.0.0
+    uint32_t sixteen_bit_block = b11000000101010000000000000000000;
+    uint32_t sixteen_bit_mask = b11111111111111110000000000000000;
+    if(requestor_network & sixteen_bit_mask == sixteen_bit_block && origin_network & sixteen_bit_mask == sixteen_bit_block){
+         return ESP_OK;
+    }
+    //172.16.0.0 
+    uint32_t twenty_bit_block = b10101100000100000000000000000000;
+    uint32_t twenty_bit_mask = b11111111111100000000000000000000;
+    if(requestor_network & twenty_bit_mask == twenty_bit_block && origin_network & twenty_bit_mask == twenty_bit_block){
+         return ESP_OK;
+    }
+    //10.0.0.0
+    uint32_t twenty_four_bit_block = b00001010000000000000000000000000;
+    uint32_t twenty_four_bit_mask = b11111111000000000000000000000000;
+    if(requestor_network & twenty_four_bit_mask == twenty_four_bit_block && origin_network & twenty_four_bit_mask == twenty_four_bit_block){
+         return ESP_OK;
+    }
+
+
+    ESP_LOGI(TAG, "Client is NOT in the private ip ranges or same range as server.");
+    return ESP_FAIL;
+
 }