NotificationsYou must be signed in to change notification settings
Fork913
Star10k

Commitf1da2f1

committed

Add url validation

1 parent8613b13 commitf1da2f1Copy full SHA for f1da2f1

File tree

7 files changed

+67

-11

lines changed

coderd/database
- dump.sql
- migrations
  - 000111_workspace_proxy.up.sql
- models.go
- queries
  - proxies.sql
- queries.sql.go
codersdk
- workspaceproxy.go
enterprise/coderd
- workspaceproxy.go

7 files changed

+67

-11

lines changed

`‎coderd/database/dump.sql`

Lines changed: 1 addition & 0 deletions

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

`‎coderd/database/migrations/000111_workspace_proxy.up.sql`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -3,6 +3,7 @@ CREATE TABLE workspace_proxies (`
`3`	`3`	`id uuidNOT NULL,`
`4`	`4`	`organization_id uuidNOT NULL,`
`5`	`5`	`nametextNOT NULL,`
	`6`	`+ display_nametextNOT NULL,`
`6`	`7`	`icontextNOT NULL,`
`7`	`8`	`urltextNOT NULL,`
`8`	`9`	`wildcard_urltextNOT NULL,`

`‎coderd/database/models.go`

Lines changed: 1 addition & 0 deletions

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

`‎coderd/database/queries.sql.go`

Lines changed: 20 additions & 9 deletions

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

`‎coderd/database/queries/proxies.sql`

Lines changed: 5 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -4,20 +4,23 @@ INSERT INTO`
`4`	`4`	`id,`
`5`	`5`	`organization_id,`
`6`	`6`	`name,`
	`7`	`+display_name,`
`7`	`8`	`icon,`
`8`	`9`	`url,`
`9`	`10`	`wildcard_url,`
`10`	`11`	`created_at,`
`11`		`-updated_at`
	`12`	`+updated_at,`
	`13`	`+deleted`
`12`	`14`	`)`
`13`	`15`	`VALUES`
`14`		`-($1, $2, $3, $4, $5, $6, $7, $8) RETURNING*;`
	`16`	`+($1, $2, $3, $4, $5, $6, $7, $8, $9, false) RETURNING*;`
`15`	`17`
`16`	`18`	`-- name: UpdateWorkspaceProxy :one`
`17`	`19`	`UPDATE`
`18`	`20`	`workspace_proxies`
`19`	`21`	`SET`
`20`	`22`	`name= @name,`
	`23`	`+display_name= @display_name,`
`21`	`24`	`url= @url,`
`22`	`25`	`wildcard_url= @wildcard_url,`
`23`	`26`	`icon= @icon,`

`‎codersdk/workspaceproxy.go`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -14,6 +14,7 @@ import (`
`14`	`14`
`15`	`15`	`typeCreateWorkspaceProxyRequeststruct {`
`16`	`16`	Namestring`json:"name"`
	`17`	+DisplayNamestring`json:"display_name"`
`17`	`18`	Iconstring`json:"icon"`
`18`	`19`	URLstring`json:"url"`
`19`	`20`	WildcardURLstring`json:"wildcard_url"`

`‎enterprise/coderd/workspaceproxy.go`

Lines changed: 38 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -4,6 +4,8 @@ import (`
`4`	`4`	`"database/sql"`
`5`	`5`	`"fmt"`
`6`	`6`	`"net/http"`
	`7`	`+"net/url"`
	`8`	`+"strings"`
`7`	`9`
`8`	`10`	`"golang.org/x/xerrors"`
`9`	`11`
`@@ -44,10 +46,27 @@ func (api API) postWorkspaceProxyByOrganization(rw http.ResponseWriter, r http`
`44`	`46`	`return`
`45`	`47`	`}`
`46`	`48`
	`49`	`+iferr:=validateProxyURL(req.URL,false);err!=nil {`
	`50`	`+httpapi.Write(ctx,rw,http.StatusBadRequest, codersdk.Response{`
	`51`	`+Message:"URL is invalid.",`
	`52`	`+Detail:err.Error(),`
	`53`	`+})`
	`54`	`+return`
	`55`	`+}`
	`56`	`+`
	`57`	`+iferr:=validateProxyURL(req.WildcardURL,true);err!=nil {`
	`58`	`+httpapi.Write(ctx,rw,http.StatusBadRequest, codersdk.Response{`
	`59`	`+Message:"Wildcard URL is invalid.",`
	`60`	`+Detail:err.Error(),`
	`61`	`+})`
	`62`	`+return`
	`63`	`+}`
	`64`	`+`
`47`	`65`	`proxy,err:=api.Database.InsertWorkspaceProxy(ctx, database.InsertWorkspaceProxyParams{`
`48`	`66`	`ID:uuid.New(),`
`49`	`67`	`OrganizationID:org.ID,`
`50`	`68`	`Name:req.Name,`
	`69`	`+DisplayName:req.DisplayName,`
`51`	`70`	`Icon:req.Icon,`
`52`	`71`	`// TODO: validate URLs`
`53`	`72`	`Url:req.URL,`
`@@ -70,6 +89,25 @@ func (api API) postWorkspaceProxyByOrganization(rw http.ResponseWriter, r http`
`70`	`89`	`httpapi.Write(ctx,rw,http.StatusCreated,convertProxy(proxy))`
`71`	`90`	`}`
`72`	`91`
	`92`	`+funcvalidateProxyURL(ustring,wildcardbool)error {`
	`93`	`+p,err:=url.Parse(u)`
	`94`	`+iferr!=nil {`
	`95`	`+returnerr`
	`96`	`+}`
	`97`	`+ifp.Scheme!="http"&&p.Scheme!="https" {`
	`98`	`+returnxerrors.New("scheme must be http or https")`
	`99`	`+}`
	`100`	`+if!(p.Path=="/"\|\|p.Path=="") {`
	`101`	`+returnxerrors.New("path must be empty or /")`
	`102`	`+}`
	`103`	`+ifwildcard {`
	`104`	`+if!strings.HasPrefix(p.Host,"*.") {`
	`105`	`+returnxerrors.Errorf("wildcard URL must have a wildcard subdomain (e.g. *.example.com)")`
	`106`	`+}`
	`107`	`+}`
	`108`	`+returnnil`
	`109`	`+}`
	`110`	`+`
`73`	`111`	`// @Summary Get workspace proxies`
`74`	`112`	`// @ID get-workspace-proxies`
`75`	`113`	`// @Security CoderSessionToken`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitf1da2f1

File tree

7 files changed

7 files changed

`‎coderd/database/dump.sql`

`‎coderd/database/migrations/000111_workspace_proxy.up.sql`

`‎coderd/database/models.go`

`‎coderd/database/queries.sql.go`

`‎coderd/database/queries/proxies.sql`

`‎codersdk/workspaceproxy.go`

`‎enterprise/coderd/workspaceproxy.go`

0 commit comments