mirror of
https://github.com/langgenius/dify.git
synced 2026-01-14 06:07:33 +08:00
fea2ffb3ba
Some checks are pending
Build and Push API & Web / build (api, DIFY_API_IMAGE_NAME, linux/amd64, build-api-amd64) (push) Waiting to run
Build and Push API & Web / build (api, DIFY_API_IMAGE_NAME, linux/arm64, build-api-arm64) (push) Waiting to run
Build and Push API & Web / build (web, DIFY_WEB_IMAGE_NAME, linux/amd64, build-web-amd64) (push) Waiting to run
Build and Push API & Web / build (web, DIFY_WEB_IMAGE_NAME, linux/arm64, build-web-arm64) (push) Waiting to run
Build and Push API & Web / create-manifest (api, DIFY_API_IMAGE_NAME, merge-api-images) (push) Blocked by required conditions
Build and Push API & Web / create-manifest (web, DIFY_WEB_IMAGE_NAME, merge-web-images) (push) Blocked by required conditions
Main CI Pipeline / Check Changed Files (push) Waiting to run
Main CI Pipeline / API Tests (push) Blocked by required conditions
Main CI Pipeline / Web Tests (push) Blocked by required conditions
Main CI Pipeline / Style Check (push) Waiting to run
Main CI Pipeline / VDB Tests (push) Blocked by required conditions
Main CI Pipeline / DB Migration Test (push) Blocked by required conditions
24 lines
707 B
TypeScript
24 lines
707 B
TypeScript
/**
|
|
* Validates that a URL is safe for redirection.
|
|
* Only allows HTTP and HTTPS protocols to prevent XSS attacks.
|
|
*
|
|
* @param url - The URL string to validate
|
|
* @throws Error if the URL has an unsafe protocol
|
|
*/
|
|
export function validateRedirectUrl(url: string): void {
|
|
try {
|
|
const parsedUrl = new URL(url)
|
|
if (parsedUrl.protocol !== 'http:' && parsedUrl.protocol !== 'https:')
|
|
throw new Error('Authorization URL must be HTTP or HTTPS')
|
|
}
|
|
catch (error) {
|
|
if (
|
|
error instanceof Error
|
|
&& error.message === 'Authorization URL must be HTTP or HTTPS'
|
|
)
|
|
throw error
|
|
// If URL parsing fails, it's also invalid
|
|
throw new Error(`Invalid URL: ${url}`)
|
|
}
|
|
}
|