remove trailing slashes from configured origins

in both the server and the example config file
pull/1/head
ansuz 4 years ago
parent c10a49145d
commit 3141d7add1

@ -54,7 +54,7 @@ module.exports = {
* and it may have unintended consequences in practice. * and it may have unintended consequences in practice.
* *
*/ */
httpUnsafeOrigin: 'http://localhost:3000/', httpUnsafeOrigin: 'http://localhost:3000',
/* httpSafeOrigin is the URL that is used for the 'sandbox' described above. /* httpSafeOrigin is the URL that is used for the 'sandbox' described above.
* If you're testing or developing with CryptPad on your local machine then * If you're testing or developing with CryptPad on your local machine then

@ -16,15 +16,19 @@ var Env = require("./lib/env").create(config);
var app = Express(); var app = Express();
var canonicalizeOrigin = function (s) {
return (s || '').trim().replace(/\/+$/, '');
};
(function () { (function () {
// you absolutely must provide an 'httpUnsafeOrigin' // you absolutely must provide an 'httpUnsafeOrigin'
if (typeof(config.httpUnsafeOrigin) !== 'string') { if (typeof(config.httpUnsafeOrigin) !== 'string') {
throw new Error("No 'httpUnsafeOrigin' provided"); throw new Error("No 'httpUnsafeOrigin' provided");
} }
config.httpUnsafeOrigin = config.httpUnsafeOrigin.trim(); config.httpUnsafeOrigin = canonicalizeOrigin(config.httpUnsafeOrigin);
if (typeof(config.httpSafeOrigin) === 'string') { if (typeof(config.httpSafeOrigin) === 'string') {
config.httpSafeOrigin = config.httpSafeOrigin.trim().replace(/\/$/, ''); config.httpSafeOrigin = canonicalizeOrigin(config.httpSafeOrigin);
} }
// fall back to listening on a local address // fall back to listening on a local address

Loading…
Cancel
Save