Lxcloud/core
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: host wildcard

Browse Source
This commit is contained in:
Innei
2022-06-23 19:59:59 +08:00
parent 5e599cd9cb
commit 382d55ffcc
4 changed files with 16 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
package.json
View File

@@ -132,6 +132,7 @@
"snakecase-keys": "5.4.2", "snakecase-keys": "5.4.2",
"ua-parser-js": "1.0.2", "ua-parser-js": "1.0.2",
"vm2": "3.9.9", "vm2": "3.9.9",
"wildcard-match": "^5.1.2",
"xss": "1.0.13", "xss": "1.0.13",
"zx-cjs": "6.1.0" "zx-cjs": "6.1.0"
}, },

6
pnpm-lock.yaml generated
View File

@@ -118,6 +118,7 @@ specifiers:
typescript: 4.7.4 typescript: 4.7.4
ua-parser-js: 1.0.2 ua-parser-js: 1.0.2
vm2: 3.9.9 vm2: 3.9.9
wildcard-match: ^5.1.2
xss: 1.0.13 xss: 1.0.13
zx-cjs: 6.1.0 zx-cjs: 6.1.0
@@ -190,6 +191,7 @@ dependencies:
snakecase-keys: 5.4.2 snakecase-keys: 5.4.2
ua-parser-js: 1.0.2 ua-parser-js: 1.0.2
vm2: 3.9.9 vm2: 3.9.9
wildcard-match: 5.1.2
xss: 1.0.13 xss: 1.0.13
zx-cjs: 6.1.0 zx-cjs: 6.1.0
@@ -7971,6 +7973,10 @@ packages:
string-width: 1.0.2 string-width: 1.0.2
dev: false dev: false
/wildcard-match/5.1.2:
resolution: {integrity: sha512-qNXwI591Z88c8bWxp+yjV60Ch4F8Riawe3iGxbzquhy8Xs9m+0+SLFBGb/0yCTIDElawtaImC37fYZ+dr32KqQ==}
dev: false
/windows-release/4.0.0: /windows-release/4.0.0:
resolution: {integrity: sha512-OxmV4wzDKB1x7AZaZgXMVsdJ1qER1ed83ZrTYd5Bwq2HfJVg3DJS8nqlAG4sMoJ7mu8cuRmLEYyU13BKwctRAg==} resolution: {integrity: sha512-OxmV4wzDKB1x7AZaZgXMVsdJ1qER1ed83ZrTYd5Bwq2HfJVg3DJS8nqlAG4sMoJ7mu8cuRmLEYyU13BKwctRAg==}
engines: {node: '>=10'} engines: {node: '>=10'}

4
src/app.config.ts
View File

@@ -17,13 +17,15 @@ export const CROSS_DOMAIN = {
? argv.allowed_origins?.split?.(',') ? argv.allowed_origins?.split?.(',')
: [ : [
'innei.ren', 'innei.ren',
'*.innei.ren',
'shizuri.net', 'shizuri.net',
'*.shizuri.net',
'localhost', 'localhost',
'127.0.0.1', '127.0.0.1',
'mbp.cc', 'mbp.cc',
'local.innei.test', 'local.innei.test',
'22333322.xyz', '22333322.xyz',
'.*dev', '*.dev',
], ],
// allowedReferer: 'innei.ren', // allowedReferer: 'innei.ren',

12
src/bootstrap.ts
View File

@@ -1,5 +1,6 @@
import cluster from 'cluster' import cluster from 'cluster'
import { performance } from 'perf_hooks' import { performance } from 'perf_hooks'
import wcmatch from 'wildcard-match'
import { LogLevel, Logger, ValidationPipe } from '@nestjs/common' import { LogLevel, Logger, ValidationPipe } from '@nestjs/common'
import { NestFactory } from '@nestjs/core' import { NestFactory } from '@nestjs/core'
@@ -14,8 +15,8 @@ import { LoggingInterceptor } from './common/interceptors/logging.interceptor'
import { isTest } from './global/env.global' import { isTest } from './global/env.global'
import { MyLogger } from './processors/logger/logger.service' import { MyLogger } from './processors/logger/logger.service'
const Origin = Array.isArray(CROSS_DOMAIN.allowedOrigins) const Origin: false | string[] = Array.isArray(CROSS_DOMAIN.allowedOrigins)
? [...CROSS_DOMAIN.allowedOrigins, '*.shizuri.net'] ? [...CROSS_DOMAIN.allowedOrigins, '*.shizuri.net', '22333322.xyz']
: false : false
declare const module: any declare const module: any
@@ -31,14 +32,13 @@ export async function bootstrap() {
}, },
) )
const hosts = Origin && Origin.map((host) => new RegExp(host, 'i'))
// Origin 如果不是数组就全部允许跨域 // Origin 如果不是数组就全部允许跨域
app.enableCors( app.enableCors(
hosts Origin
? { ? {
origin: (origin, callback) => { origin: (origin, callback) => {
const allow = hosts.some((host) => host.test(origin)) const currentHost = new URL(origin).host
const allow = Origin.some((host) => wcmatch(host)(currentHost))
callback(null, allow) callback(null, allow)
}, },