thiagoelg commented on code in PR #3353:
URL:
https://github.com/apache/incubator-kie-tools/pull/3353#discussion_r2590315369
##########
packages/cors-proxy/src/index.ts:
##########
@@ -42,12 +42,28 @@ function getAllowedOrigins(): string[] {
return originsList;
}
+function getAllowedHosts(): string[] {
+ const hosts = process.env.CORS_PROXY_ALLOWED_HOSTS ||
"localhost,*.github.com";
+ const hostsList = hosts.split(",").map((o) => o.trim());
+
+ if (hostsList.some((o) => o === "")) {
+ throw new Error("Invalid host: empty hosts are not allowed in
CORS_PROXY_ALLOWED_HOSTS.");
+ }
+
+ if (hostsList.some((o) => o === "*")) {
+ throw new Error('Invalid host: wildcard "*" is not allowed in
CORS_PROXY_ALLOWED_HOSTS.');
Review Comment:
Also, would you mind updating the `start:cors-proxy` script in the
`online-editor` package with the above? Thanks!
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
