mirror of
https://github.com/hedgedoc/hedgedoc.git
synced 2024-11-25 03:06:31 -05:00
fix: use joi uri validator in appConfig
validate HD_DOMAIN and HD_RENDERER_ORIGIN with the uri validator of Joi. This should prevent the problem described in #2150. Fixes #2150 See also: https://joi.dev/api/#stringurioptions Signed-off-by: Philip Molares <philip.molares@udo.edu>
This commit is contained in:
parent
7e8716ec95
commit
0a778d8a64
1 changed files with 8 additions and 1 deletions
|
@ -17,8 +17,15 @@ export interface AppConfig {
|
||||||
}
|
}
|
||||||
|
|
||||||
const schema = Joi.object({
|
const schema = Joi.object({
|
||||||
domain: Joi.string().label('HD_DOMAIN'),
|
domain: Joi.string()
|
||||||
|
.uri({
|
||||||
|
scheme: /https?/,
|
||||||
|
})
|
||||||
|
.label('HD_DOMAIN'),
|
||||||
rendererOrigin: Joi.string()
|
rendererOrigin: Joi.string()
|
||||||
|
.uri({
|
||||||
|
scheme: /https?/,
|
||||||
|
})
|
||||||
.default(Joi.ref('domain'))
|
.default(Joi.ref('domain'))
|
||||||
.optional()
|
.optional()
|
||||||
.label('HD_RENDERER_ORIGIN'),
|
.label('HD_RENDERER_ORIGIN'),
|
||||||
|
|
Loading…
Reference in a new issue