CodeMirror/appwrite
1
0
Fork 0
mirror of synced 2024-06-29 11:40:45 +12:00
Code Issues Projects Releases Wiki Activity

Hostname-related features&fixes

Browse source
This commit is contained in:
Matej Bačo 2022-04-20 09:31:17 +00:00
parent 8b4ef53cfe
commit 8fcb2b4058
6 changed files with 61 additions and 44 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
app/controllers/api/projects.php
View file

@ -21,7 +21,7 @@ use Utopia\Domains\Domain;
use Appwrite\Extend\Exception; use Appwrite\Extend\Exception;
use Utopia\Validator\ArrayList; use Utopia\Validator\ArrayList;
use Utopia\Validator\Boolean; use Utopia\Validator\Boolean;
use Utopia\Validator\Integer; use Utopia\Validator\Hostname;
use Utopia\Validator\Range; use Utopia\Validator\Range;
use Utopia\Validator\Text; use Utopia\Validator\Text;
use Utopia\Validator\WhiteList; use Utopia\Validator\WhiteList;
@ -1016,6 +1016,12 @@ App::post('/v1/projects/:projectId/platforms')
/** @var Appwrite\Utopia\Response $response */ /** @var Appwrite\Utopia\Response $response */
/** @var Utopia\Database\Database $dbForConsole */ /** @var Utopia\Database\Database $dbForConsole */
// Ensure hostname has proper structure (no port, protocol..)
$validator = new Hostname();
if (!is_null($hostname) && !$validator->isValid($hostname)) {
throw new Exception($validator->getDescription(), 400, Exception::ATTRIBUTE_VALUE_INVALID);
}
$project = $dbForConsole->getDocument('projects', $projectId); $project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) { if ($project->isEmpty()) {
@ -1135,6 +1141,12 @@ App::put('/v1/projects/:projectId/platforms/:platformId')
/** @var Appwrite\Utopia\Response $response */ /** @var Appwrite\Utopia\Response $response */
/** @var Utopia\Database\Database $dbForConsole */ /** @var Utopia\Database\Database $dbForConsole */
// Ensure hostname has proper structure (no port, protocol..)
$validator = new Hostname();
if (!is_null($hostname) && !$validator->isValid($hostname)) {
throw new Exception($validator->getDescription(), 400, Exception::ATTRIBUTE_VALUE_INVALID);
}
$project = $dbForConsole->getDocument('projects', $projectId); $project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) { if ($project->isEmpty()) {

10
app/controllers/general.php
View file

@ -19,6 +19,7 @@ use Utopia\CLI\Console;
use Utopia\Database\Document; use Utopia\Database\Document;
use Utopia\Database\Query; use Utopia\Database\Query;
use Utopia\Database\Validator\Authorization; use Utopia\Database\Validator\Authorization;
use Utopia\Validator\Hostname;
use Appwrite\Utopia\Request\Filters\V12 as RequestV12; use Appwrite\Utopia\Request\Filters\V12 as RequestV12;
use Appwrite\Utopia\Request\Filters\V13 as RequestV13; use Appwrite\Utopia\Request\Filters\V13 as RequestV13;
use Utopia\Validator\Text; use Utopia\Validator\Text;
@ -123,8 +124,13 @@ App::init(function ($utopia, $request, $response, $console, $project, $dbForCons
$protocol = \parse_url($request->getOrigin($referrer), PHP_URL_SCHEME); $protocol = \parse_url($request->getOrigin($referrer), PHP_URL_SCHEME);
$port = \parse_url($request->getOrigin($referrer), PHP_URL_PORT); $port = \parse_url($request->getOrigin($referrer), PHP_URL_PORT);
$refDomain = (!empty($protocol) ? $protocol : $request->getProtocol()).'://'.((\in_array($origin, $clients)) $refDomainOrigin = 'localhost';
? $origin : 'localhost').(!empty($port) ? ':'.$port : ''); $validator = new Hostname($clients);
if ($validator->isValid($origin)) {
$refDomainOrigin = $origin;
}
$refDomain = (!empty($protocol) ? $protocol : $request->getProtocol()) . '://' . $refDomainOrigin . (!empty($port) ? ':' . $port : '');
$refDomain = (!$route->getLabel('origin', false)) // This route is publicly accessible $refDomain = (!$route->getLabel('origin', false)) // This route is publicly accessible
? $refDomain ? $refDomain

29
app/views/console/home/index.phtml
View file

@ -299,8 +299,9 @@ $usageStatsEnabled = $this->getParam('usageStatsEnabled', true);
<label for="name">Name <span class="tooltip large" data-tooltip="Choose any name that will help you distinguish between your different apps."><i class="icon-question"></i></span></label> <label for="name">Name <span class="tooltip large" data-tooltip="Choose any name that will help you distinguish between your different apps."><i class="icon-question"></i></span></label>
<input type="text" class="full-width" name="name" required autocomplete="off" placeholder="My Web App" maxlength="128" /> <input type="text" class="full-width" name="name" required autocomplete="off" placeholder="My Web App" maxlength="128" />
<label for="hostname">Hostname <span class="tooltip large" data-tooltip="The hostname that your website will use to interact with the <?php echo APP_NAME; ?> APIs in production or development environments. No port number required."><i class="icon-question"></i></span></label> <label for="hostname">Hostname <span class="tooltip large" data-tooltip="The hostname that your website will use to interact with the <?php echo APP_NAME; ?> APIs in production or development environments. No protocol or port number required."><i class="icon-question"></i></span></label>
<input name="hostname" type="text" class="margin-bottom" autocomplete="off" placeholder="localhost" required> <input name="hostname" type="text" class="margin-bottom" autocomplete="off" placeholder="yourapp.com" required>
<div class="text-fade text-size-xs margin-top-negative-small margin-bottom">You can use * to allow wildcard hostnames or subdomains.</div>
<div class="info margin-top margin-bottom"> <div class="info margin-top margin-bottom">
<div class="text-bold margin-bottom-small">Next Steps</div> <div class="text-bold margin-bottom-small">Next Steps</div>
@ -329,7 +330,8 @@ $usageStatsEnabled = $this->getParam('usageStatsEnabled', true);
data-success="alert,trigger" data-success="alert,trigger"
data-success-param-alert-text="Updated platform successfully" data-success-param-alert-text="Updated platform successfully"
data-success-param-trigger-events="projects.updatePlatform" data-success-param-trigger-events="projects.updatePlatform"
data-failure="alert" data-failure="alert,trigger"
data-failure-param-trigger-events="projects.updatePlatform"
data-failure-param-alert-text="Failed to update platform" data-failure-param-alert-text="Failed to update platform"
data-failure-param-alert-classname="error"> data-failure-param-alert-classname="error">
@ -340,7 +342,8 @@ $usageStatsEnabled = $this->getParam('usageStatsEnabled', true);
<input type="text" class="full-width" data-ls-attrs="id=name-{{platform.$id}}" name="name" required autocomplete="off" data-ls-bind="{{platform.name}}" placeholder="My Web App" maxlength="128" /> <input type="text" class="full-width" data-ls-attrs="id=name-{{platform.$id}}" name="name" required autocomplete="off" data-ls-bind="{{platform.name}}" placeholder="My Web App" maxlength="128" />
<label for="hostname">Hostname <span class="tooltip large" data-tooltip="The hostname that your website will use to interact with the <?php echo APP_NAME; ?> APIs in production or development environments. No port number required."><i class="icon-question"></i></span></label> <label for="hostname">Hostname <span class="tooltip large" data-tooltip="The hostname that your website will use to interact with the <?php echo APP_NAME; ?> APIs in production or development environments. No port number required."><i class="icon-question"></i></span></label>
<input name="hostname" type="text" class="margin-bottom" autocomplete="off" placeholder="localhost" data-ls-bind="{{platform.hostname}}" required /> <input name="hostname" type="text" class="margin-bottom" autocomplete="off" placeholder="yourapp.com" data-ls-bind="{{platform.hostname}}" required />
<div class="text-fade text-size-xs margin-top-negative-small margin-bottom">You can use * to allow wildcard hostnames or subdomains.</div>
<hr /> <hr />
@ -714,7 +717,8 @@ $usageStatsEnabled = $this->getParam('usageStatsEnabled', true);
data-success="alert,trigger" data-success="alert,trigger"
data-success-param-alert-text="Updated platform successfully" data-success-param-alert-text="Updated platform successfully"
data-success-param-trigger-events="projects.updatePlatform" data-success-param-trigger-events="projects.updatePlatform"
data-failure="alert" data-failure="alert,trigger"
data-failure-param-trigger-events="projects.updatePlatform"
data-failure-param-alert-text="Failed to update platform" data-failure-param-alert-text="Failed to update platform"
data-failure-param-alert-classname="error"> data-failure-param-alert-classname="error">
@ -746,7 +750,8 @@ $usageStatsEnabled = $this->getParam('usageStatsEnabled', true);
data-success="alert,trigger" data-success="alert,trigger"
data-success-param-alert-text="Updated platform successfully" data-success-param-alert-text="Updated platform successfully"
data-success-param-trigger-events="projects.updatePlatform" data-success-param-trigger-events="projects.updatePlatform"
data-failure="alert" data-failure="alert,trigger"
data-failure-param-trigger-events="projects.updatePlatform"
data-failure-param-alert-text="Failed to update platform" data-failure-param-alert-text="Failed to update platform"
data-failure-param-alert-classname="error"> data-failure-param-alert-classname="error">
@ -777,7 +782,8 @@ $usageStatsEnabled = $this->getParam('usageStatsEnabled', true);
data-success="alert,trigger" data-success="alert,trigger"
data-success-param-alert-text="Updated platform successfully" data-success-param-alert-text="Updated platform successfully"
data-success-param-trigger-events="projects.updatePlatform" data-success-param-trigger-events="projects.updatePlatform"
data-failure="alert" data-failure="alert,trigger"
data-failure-param-trigger-events="projects.updatePlatform"
data-failure-param-alert-text="Failed to update platform" data-failure-param-alert-text="Failed to update platform"
data-failure-param-alert-classname="error"> data-failure-param-alert-classname="error">
@ -808,7 +814,8 @@ $usageStatsEnabled = $this->getParam('usageStatsEnabled', true);
data-success="alert,trigger" data-success="alert,trigger"
data-success-param-alert-text="Updated platform successfully" data-success-param-alert-text="Updated platform successfully"
data-success-param-trigger-events="projects.updatePlatform" data-success-param-trigger-events="projects.updatePlatform"
data-failure="alert" data-failure="alert,trigger"
data-failure-param-trigger-events="projects.updatePlatform"
data-failure-param-alert-text="Failed to update platform" data-failure-param-alert-text="Failed to update platform"
data-failure-param-alert-classname="error"> data-failure-param-alert-classname="error">
@ -841,7 +848,8 @@ $usageStatsEnabled = $this->getParam('usageStatsEnabled', true);
data-success="alert,trigger" data-success="alert,trigger"
data-success-param-alert-text="Updated platform successfully" data-success-param-alert-text="Updated platform successfully"
data-success-param-trigger-events="projects.updatePlatform" data-success-param-trigger-events="projects.updatePlatform"
data-failure="alert" data-failure="alert,trigger"
data-failure-param-trigger-events="projects.updatePlatform"
data-failure-param-alert-text="Failed to update platform" data-failure-param-alert-text="Failed to update platform"
data-failure-param-alert-classname="error"> data-failure-param-alert-classname="error">
@ -873,7 +881,8 @@ $usageStatsEnabled = $this->getParam('usageStatsEnabled', true);
data-success="alert,trigger" data-success="alert,trigger"
data-success-param-alert-text="Updated platform successfully" data-success-param-alert-text="Updated platform successfully"
data-success-param-trigger-events="projects.updatePlatform" data-success-param-trigger-events="projects.updatePlatform"
data-failure="alert" data-failure="alert,trigger"
data-failure-param-trigger-events="projects.updatePlatform"
data-failure-param-alert-text="Failed to update platform" data-failure-param-alert-text="Failed to update platform"
data-failure-param-alert-classname="error"> data-failure-param-alert-classname="error">

34
composer.lock generated
View file

@ -2250,16 +2250,16 @@
}, },
{ {
"name": "utopia-php/framework", "name": "utopia-php/framework",
"version": "0.19.8", "version": "0.19.20",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/utopia-php/framework.git", "url": "https://github.com/utopia-php/framework.git",
"reference": "8c3b3e330546fd6cd65bd1f8d8d08882ff3abb7d" "reference": "65ced168db8f6e188ceeb0d101f57552c3d8b2af"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/utopia-php/framework/zipball/8c3b3e330546fd6cd65bd1f8d8d08882ff3abb7d", "url": "https://api.github.com/repos/utopia-php/framework/zipball/65ced168db8f6e188ceeb0d101f57552c3d8b2af",
"reference": "8c3b3e330546fd6cd65bd1f8d8d08882ff3abb7d", "reference": "65ced168db8f6e188ceeb0d101f57552c3d8b2af",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
@ -2293,9 +2293,9 @@
], ],
"support": { "support": {
"issues": "https://github.com/utopia-php/framework/issues", "issues": "https://github.com/utopia-php/framework/issues",
"source": "https://github.com/utopia-php/framework/tree/0.19.8" "source": "https://github.com/utopia-php/framework/tree/0.19.20"
}, },
"time": "2022-04-12T00:28:15+00:00" "time": "2022-04-14T15:42:37+00:00"
}, },
{ {
"name": "utopia-php/image", "name": "utopia-php/image",
@ -3551,16 +3551,16 @@
}, },
{ {
"name": "matthiasmullie/minify", "name": "matthiasmullie/minify",
"version": "1.3.66", "version": "1.3.67",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/matthiasmullie/minify.git", "url": "https://github.com/matthiasmullie/minify.git",
"reference": "45fd3b0f1dfa2c965857c6d4a470bea52adc31a6" "reference": "acaee1b7ca3cd67a39d7f98673cacd7e4739a8d9"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/matthiasmullie/minify/zipball/45fd3b0f1dfa2c965857c6d4a470bea52adc31a6", "url": "https://api.github.com/repos/matthiasmullie/minify/zipball/acaee1b7ca3cd67a39d7f98673cacd7e4739a8d9",
"reference": "45fd3b0f1dfa2c965857c6d4a470bea52adc31a6", "reference": "acaee1b7ca3cd67a39d7f98673cacd7e4739a8d9",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
@ -3609,23 +3609,15 @@
], ],
"support": { "support": {
"issues": "https://github.com/matthiasmullie/minify/issues", "issues": "https://github.com/matthiasmullie/minify/issues",
"source": "https://github.com/matthiasmullie/minify/tree/1.3.66" "source": "https://github.com/matthiasmullie/minify/tree/1.3.67"
}, },
"funding": [ "funding": [
{ {
"url": "https://github.com/[user1", "url": "https://github.com/matthiasmullie",
"type": "github"
},
{
"url": "https://github.com/matthiasmullie] # Replace with up to 4 GitHub Sponsors-enabled usernames e.g.",
"type": "github"
},
{
"url": "https://github.com/user2",
"type": "github" "type": "github"
} }
], ],
"time": "2021-01-06T15:18:10+00:00" "time": "2022-03-24T08:54:59+00:00"
}, },
{ {
"name": "matthiasmullie/path-converter", "name": "matthiasmullie/path-converter",

10
src/Appwrite/Network/Validator/Host.php
View file

@ -1,6 +1,7 @@
<?php <?php
namespace Appwrite\Network\Validator; namespace Appwrite\Network\Validator;
use Utopia\Validator\Hostname;
use Utopia\Validator; use Utopia\Validator;
@ -45,17 +46,16 @@ class Host extends Validator
*/ */
public function isValid($value): bool public function isValid($value): bool
{ {
// Check if value is valid URL
$urlValidator = new URL(); $urlValidator = new URL();
if (!$urlValidator->isValid($value)) { if (!$urlValidator->isValid($value)) {
return false; return false;
} }
if (\in_array(\parse_url($value, PHP_URL_HOST), $this->whitelist)) { $hostname = \parse_url($value, PHP_URL_HOST);
return true; $hostnameValudator = new Hostname($this->whitelist);
} return $hostnameValudator->isValid($hostname);
return false;
} }
/** /**

8
src/Appwrite/Network/Validator/Origin.php
View file

@ -1,6 +1,7 @@
<?php <?php
namespace Appwrite\Network\Validator; namespace Appwrite\Network\Validator;
use Utopia\Validator\Hostname;
use Utopia\Validator; use Utopia\Validator;
@ -122,11 +123,8 @@ class Origin extends Validator
return true; return true;
} }
if (\in_array($host, $this->clients)) { $validator = new Hostname($this->clients);
return true; return $validator->isValid($host);
}
return false;
} }
/** /**