mirror/api
1
0
Fork 0
mirror of https://github.com/unraid/api.git synced 2026-05-05 06:33:03 -05:00
Code Issues Packages Projects Releases Wiki Activity

refactor: include extraOrigins in list of allowedOrigins when checking for warning

Browse Source
This commit is contained in:
Zack Spear
2023-12-08 15:58:54 -05:00
committed by Zack Spear
parent db6ca23533
commit 181026567e
1 changed files with 11 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
plugin/source/dynamix.unraid.net/usr/local/emhttp/plugins/dynamix.my.servers/Connect.page
+11 -1
View File
@@ -519,9 +519,19 @@ $('body').on('click', '.js-goToExtraOrigins', function(e) {
*/
$host = $_SERVER['HTTP_HOST'] ?? "unknown";
$allowedOrigins = $mystatus['allowedOrigins'] ?? "";
$extraOrigins = $myservers['api']['extraOrigins'] ?? "";
$allowedOriginsArr = [];
if (stripos($allowedOrigins.",", "/".$host.",") === false) {
// if the current host is not in the allowed origins list and extra origins list, display a warning
if (stripos($allowedOrigins.",", "/".$host.",") === false && stripos($extraOrigins.",", "/".$host.",") === false) {
$allowedOriginsArr = explode(", ", $allowedOrigins);
if (strpos($extraOrigins, ",") !== false) { // check if the extra origins is a comma separated list of URLs
$extraOriginsArr = explode(",", $extraOrigins);
$allowedOriginsArr = array_merge($allowedOriginsArr, $extraOriginsArr);
} elseif ($extraOrigins) { // if the extra origins is not comma separated assume it's a single URL
$allowedOriginsArr[] = $extraOrigins;
}
if ($allowedOriginsArr) {
foreach($allowedOriginsArr as $key => $origin) {
if ( (strpos($origin, "http") === false) || (strpos($origin, "localhost") !== false) ) {