EnsureHostMatchesPlug: Remove match against default scheme port

Checking against the default port of the Endpoint URL scheme is
redundant as normal instances will have the combination https/443
by default created by pleroma.instance gen, Tor-only instances should
have combination http/80 and local testing instances httt/XXXX.

The default scheme port doesn't add anything usefull in these configs.

lib/pleroma/web/plugs/ensure_host_matches_plug.ex

@@ -17,7 +17,6 @@ defmodule Pleroma.Web.Plugs.EnsureHostMatchesPlug do
     host_header = get_req_header(conn, "host")
     host_uri = URI.parse("//#{host_header}")
     instance_uri = URI.parse(Endpoint.url())
-    instance_scheme_port = URI.default_port(instance_uri.scheme)
 
     case host_header do
       [host] ->
@@ -26,7 +25,7 @@ defmodule Pleroma.Web.Plugs.EnsureHostMatchesPlug do
             resp(conn, 400, "Host header not provided") |> halt()
 
           true ->
-            if host_matches?(host_uri, instance_uri, instance_scheme_port),
+            if host_matches?(host_uri, instance_uri),
               do: assign(conn, :valid_host_header, true),
               else: resp(conn, 400, "Host header does not match this instance") |> halt()
         end
@@ -52,17 +51,13 @@ defmodule Pleroma.Web.Plugs.EnsureHostMatchesPlug do
 
   # Host header did not provide port
   # Host header is scheme-less, URI.parse does not provide default port
-  defp host_matches?(%URI{host: req_host, port: nil}, %URI{host: instance_host}, _),
+  defp host_matches?(%URI{host: req_host, port: nil}, %URI{host: instance_host}),
     do: case_insensitive_compare(req_host, instance_host)
 
-  # Host header provided a port, reverse proxy configuration (port cannot match Endpoint port)
-  # Both port 80 and 443 are valid based on Endpoint configuration
-  defp host_matches?(%URI{host: req_host, port: port}, %URI{host: instance_host}, port),
+  # Host header provided a port
+  # Any port specified in the Endpoint url configuration is valid here
+  defp host_matches?(%URI{host: req_host, port: port}, %URI{host: instance_host, port: port}),
     do: case_insensitive_compare(req_host, instance_host)
 
-  # Host header provided port, configuration without reverse proxy (port matches Endpoint port)
-  defp host_matches?(%URI{host: req_host, port: port}, %URI{host: instance_host, port: port}, _),
-    do: case_insensitive_compare(req_host, instance_host)
-
-  defp host_matches?(_, _, _), do: false
+  defp host_matches?(_, _), do: false
 end

test/pleroma/web/plugs/ensure_host_matches_plug_test.exs

@@ -8,7 +8,6 @@ defmodule Pleroma.Web.Plugs.EnsureHostMatchesPlugTest do
   alias Pleroma.Web.Endpoint
   alias Pleroma.Web.Plugs.EnsureHostMatchesPlug
 
-  import Mock
   import Plug.Conn
   import Tesla.Mock
 
@@ -105,33 +104,7 @@ defmodule Pleroma.Web.Plugs.EnsureHostMatchesPlugTest do
       assert Map.get(conn.assigns, :valid_host_header, nil)
     end
 
-    test "it works for Host header with port as 80", %{conn: conn} do
-      endpoint = URI.parse(Endpoint.url())
-
-      conn =
-        conn
-        |> set_host("#{endpoint.host}:80")
-        |> EnsureHostMatchesPlug.call(%{})
-
-      assert conn.halted == false
-      assert Map.get(conn.assigns, :valid_host_header, nil)
-    end
-
-    test "it works for Host header with port as 443", %{conn: conn} do
-      with_mock Pleroma.Web.Endpoint, url: fn -> "https://localhost:4001" end do
-        endpoint = URI.parse(Endpoint.url())
-
-        conn =
-          conn
-          |> set_host("#{endpoint.host}:443")
-          |> EnsureHostMatchesPlug.call(%{})
-
-        assert conn.halted == false
-        assert Map.get(conn.assigns, :valid_host_header, nil)
-      end
-    end
-
-    test "it works for Host header with port as same as Endpoint (no reverse proxy config)", %{
+    test "it works for Host header with port same as Endpoint", %{
       conn: conn
     } do
       endpoint = URI.parse(Endpoint.url())