admin/dify
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

fix: improve URL validation logic in validateRedirectUrl function (#27058)

Browse Source
This commit is contained in:
GuanMu
2025-10-17 17:46:28 +08:00
committed by GitHub
parent 64f55d55a1
commit fea2ffb3ba
1 changed files with 13 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
web/utils/urlValidation.ts
View File

@@ -7,18 +7,17 @@
*/ */
export function validateRedirectUrl(url: string): void { export function validateRedirectUrl(url: string): void {
try { try {
const parsedUrl = new URL(url); const parsedUrl = new URL(url)
if (parsedUrl.protocol !== "http:" && parsedUrl.protocol !== "https:") { if (parsedUrl.protocol !== 'http:' && parsedUrl.protocol !== 'https:')
throw new Error("Authorization URL must be HTTP or HTTPS"); throw new Error('Authorization URL must be HTTP or HTTPS')
}
} catch (error) {
if (
error instanceof Error &&
error.message === "Authorization URL must be HTTP or HTTPS"
) {
throw error;
}
// If URL parsing fails, it's also invalid
throw new Error(`Invalid URL: ${url}`);
} }
} catch (error) {
if (
error instanceof Error
&& error.message === 'Authorization URL must be HTTP or HTTPS'
)
throw error
// If URL parsing fails, it's also invalid
throw new Error(`Invalid URL: ${url}`)
}
}