Add detect_base_url config
This diff adds the detect_base_url config, controlled by the DETECT_BASE_URL env variable. When set to true, the BASE_URL setting is ignored, and the base_url is derived from the request protocol and host header. Test Plan: Started up a local instance in my homelab, running docker node:15 image with a nginx reverse proxy. Configured nginx to use the same backend with multiple hostnames on https. Opened in browser and confirmed og:url meta tag uses correct url.
This commit is contained in:
Cullen Walsh
parent
385ac595b9
commit
02e8cb264f
|
|
@ -130,6 +130,11 @@ const conf = convict({
|
||||||
default: 'https://send.firefox.com',
|
default: 'https://send.firefox.com',
|
||||||
env: 'BASE_URL'
|
env: 'BASE_URL'
|
||||||
},
|
},
|
||||||
|
detect_base_url: {
|
||||||
|
format: Boolean,
|
||||||
|
default: false,
|
||||||
|
env: 'DETECT_BASE_URL'
|
||||||
|
},
|
||||||
file_dir: {
|
file_dir: {
|
||||||
format: 'String',
|
format: 'String',
|
||||||
default: `${tmpdir()}${path.sep}send-${randomBytes(4).toString('hex')}`,
|
default: `${tmpdir()}${path.sep}send-${randomBytes(4).toString('hex')}`,
|
||||||
|
|
@ -206,4 +211,18 @@ const conf = convict({
|
||||||
conf.validate({ allowed: 'strict' });
|
conf.validate({ allowed: 'strict' });
|
||||||
|
|
||||||
const props = conf.getProperties();
|
const props = conf.getProperties();
|
||||||
module.exports = props;
|
|
||||||
|
const deriveBaseUrl = (req) => {
|
||||||
|
if (props.detect_base_url) {
|
||||||
|
const protocol = req.secure ? 'https://' : 'http://';
|
||||||
|
|
||||||
|
return `${protocol}${req.headers.host}`;
|
||||||
|
} else {
|
||||||
|
return props.base_url;
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
module.exports = {
|
||||||
|
...props,
|
||||||
|
deriveBaseUrl,
|
||||||
|
};
|
||||||
|
|
|
||||||
|
|
@ -36,9 +36,14 @@ module.exports = function(app) {
|
||||||
defaultSrc: ["'self'"],
|
defaultSrc: ["'self'"],
|
||||||
connectSrc: [
|
connectSrc: [
|
||||||
"'self'",
|
"'self'",
|
||||||
config.base_url.replace(/^https:\/\//, 'wss://')
|
function(req) {
|
||||||
|
const baseUrl = config.deriveBaseUrl(req);
|
||||||
|
const r = baseUrl.replace(/^http(s?):\/\//, 'ws$1://');
|
||||||
|
console.log([baseUrl, r]);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
],
|
],
|
||||||
imgSrc: ["'self'", "data:"],
|
imgSrc: ["'self'", 'data:'],
|
||||||
scriptSrc: [
|
scriptSrc: [
|
||||||
"'self'",
|
"'self'",
|
||||||
function(req) {
|
function(req) {
|
||||||
|
|
@ -52,10 +57,6 @@ module.exports = function(app) {
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
csp.directives.connectSrc.push(
|
|
||||||
config.base_url.replace(/^https:\/\//, 'wss://')
|
|
||||||
);
|
|
||||||
|
|
||||||
app.use(helmet.contentSecurityPolicy(csp));
|
app.use(helmet.contentSecurityPolicy(csp));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -23,6 +23,7 @@ module.exports = async function(req) {
|
||||||
if (config.survey_url) {
|
if (config.survey_url) {
|
||||||
prefs.surveyUrl = config.survey_url;
|
prefs.surveyUrl = config.survey_url;
|
||||||
}
|
}
|
||||||
|
const baseUrl = config.deriveBaseUrl(req);
|
||||||
return {
|
return {
|
||||||
archive: {
|
archive: {
|
||||||
numFiles: 0
|
numFiles: 0
|
||||||
|
|
@ -33,7 +34,7 @@ module.exports = async function(req) {
|
||||||
title: 'Send',
|
title: 'Send',
|
||||||
description:
|
description:
|
||||||
'Encrypt and send files with a link that automatically expires to ensure your important documents don’t stay online forever.',
|
'Encrypt and send files with a link that automatically expires to ensure your important documents don’t stay online forever.',
|
||||||
baseUrl: config.base_url,
|
baseUrl,
|
||||||
ui: {},
|
ui: {},
|
||||||
storage: {
|
storage: {
|
||||||
files: []
|
files: []
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue