opensource
/
dify
mirror of https://github.com/langgenius/dify.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix: improve URL validation logic in validateRedirectUrl function (#27058)

This commit is contained in:
GuanMu 2025-10-17 17:46:28 +08:00 committed by GitHub
parent 64f55d55a1
commit fea2ffb3ba
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 13 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
web/utils/urlValidation.ts
View File

@ -7,18 +7,17 @@
*/
export function validateRedirectUrl(url: string): void {
try {
const parsedUrl = new URL(url);
if (parsedUrl.protocol !== "http:" && parsedUrl.protocol !== "https:") {
throw new Error("Authorization URL must be HTTP or HTTPS");
}
} catch (error) {
if (
error instanceof Error &&
error.message === "Authorization URL must be HTTP or HTTPS"
) {
throw error;
}
// If URL parsing fails, it's also invalid
throw new Error(`Invalid URL: ${url}`);
const parsedUrl = new URL(url)
if (parsedUrl.protocol !== 'http:' && parsedUrl.protocol !== 'https:')
throw new Error('Authorization URL must be HTTP or HTTPS')
}
}
catch (error) {
if (
error instanceof Error
&& error.message === 'Authorization URL must be HTTP or HTTPS'
)
throw error
// If URL parsing fails, it's also invalid
throw new Error(`Invalid URL: ${url}`)
}
}