add trusted-origins cli argument (#6319)
This commit is contained in:
parent
7926647058
commit
93e60f7b0e
@ -79,6 +79,7 @@ export interface UserProvidedArgs extends UserProvidedCodeArgs {
|
||||
"bind-addr"?: string
|
||||
socket?: string
|
||||
"socket-mode"?: string
|
||||
"trusted-origins"?: string[]
|
||||
version?: boolean
|
||||
"proxy-domain"?: string[]
|
||||
"reuse-window"?: boolean
|
||||
@ -208,6 +209,11 @@ export const options: Options<Required<UserProvidedArgs>> = {
|
||||
|
||||
socket: { type: "string", path: true, description: "Path to a socket (bind-addr will be ignored)." },
|
||||
"socket-mode": { type: "string", description: "File mode of the socket." },
|
||||
"trusted-origins": {
|
||||
type: "string[]",
|
||||
description:
|
||||
"Disables authenticate origin check for trusted origin. Useful if not able to access reverse proxy configuration.",
|
||||
},
|
||||
version: { type: "boolean", short: "v", description: "Display version information." },
|
||||
_: { type: "string[]" },
|
||||
|
||||
|
@ -355,6 +355,11 @@ export function authenticateOrigin(req: express.Request): void {
|
||||
throw new Error(`unable to parse malformed origin "${originRaw}"`)
|
||||
}
|
||||
|
||||
const trustedOrigins = req.args["trusted-origins"] || []
|
||||
if (trustedOrigins.includes(origin) || trustedOrigins.includes("*")) {
|
||||
return
|
||||
}
|
||||
|
||||
const host = getHost(req)
|
||||
if (typeof host === "undefined") {
|
||||
// A missing host likely means the reverse proxy has not been configured to
|
||||
|
@ -70,6 +70,7 @@ describe("http", () => {
|
||||
origin: test.origin,
|
||||
[key]: value,
|
||||
},
|
||||
args: {},
|
||||
})
|
||||
if (typeof test.expected === "string") {
|
||||
expect(() => http.authenticateOrigin(req)).toThrow(test.expected)
|
||||
|
Reference in New Issue
Block a user