random-mirrors/cosmos-explorer
1
0
Fork 0
mirror of https://github.com/Azure/cosmos-explorer.git synced 2025-04-16 22:58:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

Users/bogercraig/endpointvalidation (#1554)

Browse Source 
* Adding example endpoint with trailing forward slash.

* Move backend and ARM endpoint validation to configContext for initialization from config.json.

* Added debugging script and attempts to relocate endpoint validation list.

* Move default endpoint list to endpoint validation code and allow falling back to the default list during unit tests if configContext is not initialized.

* Remove leftover debugger statements.

* Remove test debug script in package.json for debugging unit tests in browser.

* Run prettier on modified files.

* Overwriting with package.json from master.

* Overwriting with version from master.

* Remove test ARM endpoint.

* Replace ternary operator with || for more concise arguments per Victor's feedback.

---------

Co-authored-by: Craig Boger <craig.boger@microsoft.com>
This commit is contained in:
bogercraig 2023-08-03 14:47:50 -04:00 committed by GitHub
parent fa55d528ad
commit 5f0c7bcea2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 17 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/ConfigContext.ts
View File

@ -1,14 +1,14 @@
import { import {
allowedAadEndpoints, allowedAadEndpoints,
allowedArcadiaEndpoints, allowedArcadiaEndpoints,
allowedArmEndpoints,
allowedBackendEndpoints,
allowedEmulatorEndpoints, allowedEmulatorEndpoints,
allowedGraphEndpoints, allowedGraphEndpoints,
allowedHostedExplorerEndpoints, allowedHostedExplorerEndpoints,
allowedJunoOrigins, allowedJunoOrigins,
allowedMongoBackendEndpoints, allowedMongoBackendEndpoints,
allowedMsalRedirectEndpoints, allowedMsalRedirectEndpoints,
defaultAllowedArmEndpoints,
defaultAllowedBackendEndpoints,
validateEndpoint, validateEndpoint,
} from "Utils/EndpointValidation"; } from "Utils/EndpointValidation";
@ -20,6 +20,8 @@ export enum Platform {
export interface ConfigContext { export interface ConfigContext {
platform: Platform; platform: Platform;
allowedArmEndpoints: ReadonlyArray<string>;
allowedBackendEndpoints: ReadonlyArray<string>;
allowedParentFrameOrigins: ReadonlyArray<string>; allowedParentFrameOrigins: ReadonlyArray<string>;
gitSha?: string; gitSha?: string;
proxyPath?: string; proxyPath?: string;
@ -49,6 +51,8 @@ export interface ConfigContext {
// Default configuration // Default configuration
let configContext: Readonly<ConfigContext> = { let configContext: Readonly<ConfigContext> = {
platform: Platform.Portal, platform: Platform.Portal,
allowedArmEndpoints: defaultAllowedArmEndpoints,
allowedBackendEndpoints: defaultAllowedBackendEndpoints,
allowedParentFrameOrigins: [ allowedParentFrameOrigins: [
`^https:\\/\\/cosmos\\.azure\\.(com|cn|us)$`, `^https:\\/\\/cosmos\\.azure\\.(com|cn|us)$`,
`^https:\\/\\/[\\.\\w]*portal\\.azure\\.(com|cn|us)$`, `^https:\\/\\/[\\.\\w]*portal\\.azure\\.(com|cn|us)$`,
@ -77,7 +81,7 @@ let configContext: Readonly<ConfigContext> = {
export function resetConfigContext(): void { export function resetConfigContext(): void {
if (process.env.NODE_ENV !== "test") { if (process.env.NODE_ENV !== "test") {
throw new Error("resetConfigContext can only becalled in a test environment"); throw new Error("resetConfigContext can only be called in a test environment");
} }
configContext = {} as ConfigContext; configContext = {} as ConfigContext;
} }
@ -87,7 +91,7 @@ export function updateConfigContext(newContext: Partial<ConfigContext>): void {
return; return;
} }
if (!validateEndpoint(newContext.ARM_ENDPOINT, allowedArmEndpoints)) { if (!validateEndpoint(newContext.ARM_ENDPOINT, configContext.allowedArmEndpoints || defaultAllowedArmEndpoints)) {
delete newContext.ARM_ENDPOINT; delete newContext.ARM_ENDPOINT;
} }
@ -107,7 +111,12 @@ export function updateConfigContext(newContext: Partial<ConfigContext>): void {
delete newContext.ARCADIA_ENDPOINT; delete newContext.ARCADIA_ENDPOINT;
} }
if (!validateEndpoint(newContext.BACKEND_ENDPOINT, allowedBackendEndpoints)) { if (
!validateEndpoint(
newContext.BACKEND_ENDPOINT,
configContext.allowedBackendEndpoints || defaultAllowedBackendEndpoints
)
) {
delete newContext.BACKEND_ENDPOINT; delete newContext.BACKEND_ENDPOINT;
} }
@ -130,7 +139,7 @@ export function updateConfigContext(newContext: Partial<ConfigContext>): void {
Object.assign(configContext, newContext); Object.assign(configContext, newContext);
} }
// Injected for local develpment. These will be removed in the production bundle by webpack // Injected for local development. These will be removed in the production bundle by webpack
if (process.env.NODE_ENV === "development") { if (process.env.NODE_ENV === "development") {
const port: string = process.env.PORT || "1234"; const port: string = process.env.PORT || "1234";
updateConfigContext({ updateConfigContext({

4
src/Utils/EndpointValidation.ts
View File

@ -38,7 +38,7 @@ function validateEndpointInternal(
return valid; return valid;
} }
export const allowedArmEndpoints: ReadonlyArray<string> = [ export const defaultAllowedArmEndpoints: ReadonlyArray<string> = [
"https://management.azure.com", "https://management.azure.com",
"https://management.usgovcloudapi.net", "https://management.usgovcloudapi.net",
"https://management.chinacloudapi.cn", "https://management.chinacloudapi.cn",
@ -46,7 +46,7 @@ export const allowedArmEndpoints: ReadonlyArray<string> = [
export const allowedAadEndpoints: ReadonlyArray<string> = ["https://login.microsoftonline.com/"]; export const allowedAadEndpoints: ReadonlyArray<string> = ["https://login.microsoftonline.com/"];
export const allowedBackendEndpoints: ReadonlyArray<string> = [ export const defaultAllowedBackendEndpoints: ReadonlyArray<string> = [
"https://main.documentdb.ext.azure.com", "https://main.documentdb.ext.azure.com",
"https://main.documentdb.ext.azure.cn", "https://main.documentdb.ext.azure.cn",
"https://main.documentdb.ext.azure.us", "https://main.documentdb.ext.azure.us",