44 lines
1.1 KiB
TypeScript
44 lines
1.1 KiB
TypeScript
export const DESKTOP_PRODUCTION_URL = "https://flow.deltaisland.io";
|
|
export const DESKTOP_LOCAL_DEV_URL = "http://127.0.0.1:3000";
|
|
|
|
const TRUSTED_ORIGINS = new Set([
|
|
new URL(DESKTOP_PRODUCTION_URL).origin,
|
|
new URL(DESKTOP_LOCAL_DEV_URL).origin,
|
|
"http://localhost:3000"
|
|
]);
|
|
|
|
const HTTP_PROTOCOLS = new Set(["http:", "https:"]);
|
|
|
|
const parseUrl = (candidate: string): URL | null => {
|
|
try {
|
|
return new URL(candidate);
|
|
} catch {
|
|
return null;
|
|
}
|
|
};
|
|
|
|
export const isTrustedAppUrl = (candidate: string): boolean => {
|
|
const url = parseUrl(candidate);
|
|
if (!url || !HTTP_PROTOCOLS.has(url.protocol)) {
|
|
return false;
|
|
}
|
|
|
|
return TRUSTED_ORIGINS.has(url.origin);
|
|
};
|
|
|
|
export const isSafeExternalUrl = (candidate: string): boolean => {
|
|
const url = parseUrl(candidate);
|
|
if (!url || !HTTP_PROTOCOLS.has(url.protocol)) {
|
|
return false;
|
|
}
|
|
|
|
return !TRUSTED_ORIGINS.has(url.origin);
|
|
};
|
|
|
|
export const resolveDesktopStartUrl = (candidate: string | undefined): string => {
|
|
if (candidate && isTrustedAppUrl(candidate)) {
|
|
return candidate;
|
|
}
|
|
|
|
return DESKTOP_PRODUCTION_URL;
|
|
};
|