kenmirrors/ente
1
0
Fork 0
mirror of https://github.com/ente-io/ente.git synced 2025-08-08 07:28:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Apparently shared albums code also uses the upload URL

Browse Source 
Need to understand more why this is happening, but it is.
This commit is contained in:
Manav Rathi 2024-06-18 09:55:44 +05:30
parent 64dedb7edd
commit 1dffe49069
No known key found for this signature in database
1 changed files with 8 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
infra/workers/uploader/src/index.ts
View File

@ -39,20 +39,18 @@ const handleOPTIONS = (request: Request) => {
};
const isAllowedOrigin = (origin: string | null) => {
const desktopApp = "ente://app";
const allowedHostnames = [
"web.ente.io",
"photos.ente.io",
"photos.ente.sh",
"localhost",
];
if (!origin) return false;
try {
const url = new URL(origin);
return origin == desktopApp || allowedHostnames.includes(url.hostname);
const hostname = url.hostname;
return (
origin == "ente://app" /* desktop app */ ||
hostname.endsWith("ente.io") ||
hostname.endsWith("ente.sh") ||
hostname == "localhost"
);
} catch {
// origin is likely an invalid URL
// `origin` is likely an invalid URL.
return false;
}
};