fix: host wildcard
This commit is contained in:
Innei
@@ -132,6 +132,7 @@
|
||||
"snakecase-keys": "5.4.2",
|
||||
"ua-parser-js": "1.0.2",
|
||||
"vm2": "3.9.9",
|
||||
"wildcard-match": "^5.1.2",
|
||||
"xss": "1.0.13",
|
||||
"zx-cjs": "6.1.0"
|
||||
},
|
||||
|
||||
6
pnpm-lock.yaml
generated
6
pnpm-lock.yaml
generated
@@ -118,6 +118,7 @@ specifiers:
|
||||
typescript: 4.7.4
|
||||
ua-parser-js: 1.0.2
|
||||
vm2: 3.9.9
|
||||
wildcard-match: ^5.1.2
|
||||
xss: 1.0.13
|
||||
zx-cjs: 6.1.0
|
||||
|
||||
@@ -190,6 +191,7 @@ dependencies:
|
||||
snakecase-keys: 5.4.2
|
||||
ua-parser-js: 1.0.2
|
||||
vm2: 3.9.9
|
||||
wildcard-match: 5.1.2
|
||||
xss: 1.0.13
|
||||
zx-cjs: 6.1.0
|
||||
|
||||
@@ -7971,6 +7973,10 @@ packages:
|
||||
string-width: 1.0.2
|
||||
dev: false
|
||||
|
||||
/wildcard-match/5.1.2:
|
||||
resolution: {integrity: sha512-qNXwI591Z88c8bWxp+yjV60Ch4F8Riawe3iGxbzquhy8Xs9m+0+SLFBGb/0yCTIDElawtaImC37fYZ+dr32KqQ==}
|
||||
dev: false
|
||||
|
||||
/windows-release/4.0.0:
|
||||
resolution: {integrity: sha512-OxmV4wzDKB1x7AZaZgXMVsdJ1qER1ed83ZrTYd5Bwq2HfJVg3DJS8nqlAG4sMoJ7mu8cuRmLEYyU13BKwctRAg==}
|
||||
engines: {node: '>=10'}
|
||||
|
||||
@@ -17,13 +17,15 @@ export const CROSS_DOMAIN = {
|
||||
? argv.allowed_origins?.split?.(',')
|
||||
: [
|
||||
'innei.ren',
|
||||
'*.innei.ren',
|
||||
'shizuri.net',
|
||||
'*.shizuri.net',
|
||||
'localhost',
|
||||
'127.0.0.1',
|
||||
'mbp.cc',
|
||||
'local.innei.test',
|
||||
'22333322.xyz',
|
||||
'.*dev',
|
||||
'*.dev',
|
||||
],
|
||||
|
||||
// allowedReferer: 'innei.ren',
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
import cluster from 'cluster'
|
||||
import { performance } from 'perf_hooks'
|
||||
import wcmatch from 'wildcard-match'
|
||||
|
||||
import { LogLevel, Logger, ValidationPipe } from '@nestjs/common'
|
||||
import { NestFactory } from '@nestjs/core'
|
||||
@@ -14,8 +15,8 @@ import { LoggingInterceptor } from './common/interceptors/logging.interceptor'
|
||||
import { isTest } from './global/env.global'
|
||||
import { MyLogger } from './processors/logger/logger.service'
|
||||
|
||||
const Origin = Array.isArray(CROSS_DOMAIN.allowedOrigins)
|
||||
? [...CROSS_DOMAIN.allowedOrigins, '*.shizuri.net']
|
||||
const Origin: false | string[] = Array.isArray(CROSS_DOMAIN.allowedOrigins)
|
||||
? [...CROSS_DOMAIN.allowedOrigins, '*.shizuri.net', '22333322.xyz']
|
||||
: false
|
||||
|
||||
declare const module: any
|
||||
@@ -31,14 +32,13 @@ export async function bootstrap() {
|
||||
},
|
||||
)
|
||||
|
||||
const hosts = Origin && Origin.map((host) => new RegExp(host, 'i'))
|
||||
|
||||
// Origin 如果不是数组就全部允许跨域
|
||||
app.enableCors(
|
||||
hosts
|
||||
Origin
|
||||
? {
|
||||
origin: (origin, callback) => {
|
||||
const allow = hosts.some((host) => host.test(origin))
|
||||
const currentHost = new URL(origin).host
|
||||
const allow = Origin.some((host) => wcmatch(host)(currentHost))
|
||||
|
||||
callback(null, allow)
|
||||
},
|
||||
|
||||
Reference in New Issue
Block a user