farcasclaudiu/Flowise
1
0
Fork 0
mirror of https://github.com/farcasclaudiu/Flowise.git synced 2026-06-22 11:01:22 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix isValidAllowedOrigins check and invalid URL

Browse Source
This commit is contained in:
Henry
2024-03-07 19:22:33 +08:00
parent 07503f9be8
commit 3b84e718a2
1 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/server/src/index.ts
+8 -4
View File
@@ -1328,14 +1328,18 @@ export class App {
if (chatflow.chatbotConfig) {
const parsedConfig = JSON.parse(chatflow.chatbotConfig)
// check whether the first one is not empty. if it is empty that means the user set a value and then removed it.
const isValidAllowedOrigins = parsedConfig.allowedOrigins[0] !== ''
if (parsedConfig.allowedOrigins && parsedConfig.allowedOrigins.length > 0 && isValidAllowedOrigins) {
const isValidAllowedOrigins = parsedConfig.allowedOrigins?.length && parsedConfig.allowedOrigins[0] !== ''
if (isValidAllowedOrigins) {
const originHeader = req.headers.origin as string
const origin = new URL(originHeader).host
isDomainAllowed =
parsedConfig.allowedOrigins.filter((domain: string) => {
const allowedOrigin = new URL(domain).host
return origin === allowedOrigin
try {
const allowedOrigin = new URL(domain).host
return origin === allowedOrigin
} catch (e) {
return false
}
}).length > 0
}
}