diff --git a/src/ConfigContext.ts b/src/ConfigContext.ts index e492a3d13..18346e838 100644 --- a/src/ConfigContext.ts +++ b/src/ConfigContext.ts @@ -1,14 +1,14 @@ import { allowedAadEndpoints, allowedArcadiaEndpoints, - allowedArmEndpoints, - allowedBackendEndpoints, allowedEmulatorEndpoints, allowedGraphEndpoints, allowedHostedExplorerEndpoints, allowedJunoOrigins, allowedMongoBackendEndpoints, allowedMsalRedirectEndpoints, + defaultAllowedArmEndpoints, + defaultAllowedBackendEndpoints, validateEndpoint, } from "Utils/EndpointValidation"; @@ -20,6 +20,8 @@ export enum Platform { export interface ConfigContext { platform: Platform; + allowedArmEndpoints: ReadonlyArray; + allowedBackendEndpoints: ReadonlyArray; allowedParentFrameOrigins: ReadonlyArray; gitSha?: string; proxyPath?: string; @@ -49,6 +51,8 @@ export interface ConfigContext { // Default configuration let configContext: Readonly = { platform: Platform.Portal, + allowedArmEndpoints: defaultAllowedArmEndpoints, + allowedBackendEndpoints: defaultAllowedBackendEndpoints, allowedParentFrameOrigins: [ `^https:\\/\\/cosmos\\.azure\\.(com|cn|us)$`, `^https:\\/\\/[\\.\\w]*portal\\.azure\\.(com|cn|us)$`, @@ -77,7 +81,7 @@ let configContext: Readonly = { export function resetConfigContext(): void { if (process.env.NODE_ENV !== "test") { - throw new Error("resetConfigContext can only becalled in a test environment"); + throw new Error("resetConfigContext can only be called in a test environment"); } configContext = {} as ConfigContext; } @@ -87,7 +91,7 @@ export function updateConfigContext(newContext: Partial): void { return; } - if (!validateEndpoint(newContext.ARM_ENDPOINT, allowedArmEndpoints)) { + if (!validateEndpoint(newContext.ARM_ENDPOINT, configContext.allowedArmEndpoints || defaultAllowedArmEndpoints)) { delete newContext.ARM_ENDPOINT; } @@ -107,7 +111,12 @@ export function updateConfigContext(newContext: Partial): void { delete newContext.ARCADIA_ENDPOINT; } - if (!validateEndpoint(newContext.BACKEND_ENDPOINT, allowedBackendEndpoints)) { + if ( + !validateEndpoint( + newContext.BACKEND_ENDPOINT, + configContext.allowedBackendEndpoints || defaultAllowedBackendEndpoints + ) + ) { delete newContext.BACKEND_ENDPOINT; } @@ -130,7 +139,7 @@ export function updateConfigContext(newContext: Partial): void { Object.assign(configContext, newContext); } -// Injected for local develpment. These will be removed in the production bundle by webpack +// Injected for local development. These will be removed in the production bundle by webpack if (process.env.NODE_ENV === "development") { const port: string = process.env.PORT || "1234"; updateConfigContext({ diff --git a/src/Utils/EndpointValidation.ts b/src/Utils/EndpointValidation.ts index 25b805443..1e7740367 100644 --- a/src/Utils/EndpointValidation.ts +++ b/src/Utils/EndpointValidation.ts @@ -38,7 +38,7 @@ function validateEndpointInternal( return valid; } -export const allowedArmEndpoints: ReadonlyArray = [ +export const defaultAllowedArmEndpoints: ReadonlyArray = [ "https://​management.azure.com", "https://​management.usgovcloudapi.net", "https://management.chinacloudapi.cn", @@ -46,7 +46,7 @@ export const allowedArmEndpoints: ReadonlyArray = [ export const allowedAadEndpoints: ReadonlyArray = ["https://login.microsoftonline.com/"]; -export const allowedBackendEndpoints: ReadonlyArray = [ +export const defaultAllowedBackendEndpoints: ReadonlyArray = [ "https://main.documentdb.ext.azure.com", "https://main.documentdb.ext.azure.cn", "https://main.documentdb.ext.azure.us",