Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: improve cors middleware #329

Merged
merged 1 commit into from
Jul 17, 2024
Merged

feat: improve cors middleware #329

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion chain-registry
Open in desktop
Submodule chain-registry updated 103 files
2 changes: 1 addition & 1 deletion initia-registry
Open in desktop
Submodule initia-registry updated 79 files
+1 −0 _api/src/aggregateChains.ts
+1 −1 _packages/initia-registry/package.json
+2 −0 _packages/initia-registry/src/testnet/assets.ts
+29 −0 _packages/initia-registry/src/testnet/blackwing/assets.ts
+2 −0 _packages/initia-registry/src/testnet/chains.ts
+29 −0 _packages/initia-registry/src/testnet/civitia/assets.ts
+1 −0 _packages/initia-registry/src/testnet/index.ts
+29 −0 _packages/initia-registry/src/testnet/init_ai/assets.ts
+409 −0 _packages/initia-registry/src/testnet/initia/assets.ts
+133 −0 _packages/initia-registry/src/testnet/initia/chain.ts
+93 −0 _packages/initia-registry/src/testnet/milkyway/assets.ts
+130 −0 _packages/initia-registry/src/testnet/milkyway/chain.ts
+5 −0 _packages/initia-registry/src/testnet/milkyway/index.ts
+29 −0 _packages/initia-registry/src/testnet/minimove/assets.ts
+1 −0 _packages/initia-registry/src/testnet/minimove/chain.ts
+29 −0 _packages/initia-registry/src/testnet/miniwasm/assets.ts
+1 −0 _packages/initia-registry/src/testnet/miniwasm/chain.ts
+29 −0 _packages/initia-registry/src/testnet/noon/assets.ts
+29 −0 _packages/initia-registry/src/testnet/tucana/assets.ts
+1 −1 _packages/types/package.json
+5 −0 _packages/types/src/types/Chain.ts
+12 −0 _packages/types/src/zods/Chain.ts
+8 −0 chain.schema.json
+1 −1 devnets/initia/assetlist.json
+1 −0 devnets/stonemove/chain.json
+1 −0 devnets/stonewasm/chain.json
+28 −0 testnets/blackwing/assetlist.json
+3 −4 testnets/blackwing/chain.json
+ testnets/blackwing/images/INIT.png
+4 −10 testnets/blackwing/images/INIT.svg
+57 −30 testnets/civitia/assetlist.json
+1 −0 testnets/civitia/chain.json
+ testnets/civitia/images/INIT.png
+4 −10 testnets/civitia/images/INIT.svg
+28 −0 testnets/init_ai/assetlist.json
+2 −1 testnets/init_ai/chain.json
+ testnets/init_ai/images/INIT.png
+4 −10 testnets/init_ai/images/INIT.svg
+398 −0 testnets/initia/assetlist.json
+33 −0 testnets/initia/chain.json
+ testnets/initia/images/INIT.png
+4 −10 testnets/initia/images/INIT.svg
+ testnets/initia/images/blackwingINIT.png
+ testnets/initia/images/civitiaINIT-INIT.png
+ testnets/initia/images/civitiaINIT.png
+ testnets/initia/images/initaiINIT-INIT.png
+ testnets/initia/images/initaiINIT.png
+ testnets/initia/images/minimoveINIT-INIT.png
+ testnets/initia/images/minimoveINIT.png
+ testnets/initia/images/miniwasmINIT-INIT.png
+ testnets/initia/images/miniwasmINIT.png
+ testnets/initia/images/noonINIT-INIT.png
+ testnets/initia/images/noonINIT.png
+ testnets/initia/images/omniINIT.png
+6 −0 testnets/initia/images/omniINIT.svg
+ testnets/initia/images/tucanaINIT-INIT.png
+ testnets/initia/images/tucanaINIT.png
+90 −0 testnets/milkyway/assetlist.json
+126 −0 testnets/milkyway/chain.json
+ testnets/milkyway/images/MILK.png
+4 −0 testnets/milkyway/images/MILK.svg
+ testnets/milkyway/images/MilkyWay.png
+5 −0 testnets/milkyway/images/MilkyWay.svg
+ testnets/milkyway/images/milkINIT.png
+21 −0 testnets/milkyway/images/milkINIT.svg
+28 −0 testnets/minimove/assetlist.json
+1 −0 testnets/minimove/chain.json
+ testnets/minimove/images/INIT.png
+4 −10 testnets/minimove/images/INIT.svg
+28 −0 testnets/miniwasm/assetlist.json
+1 −0 testnets/miniwasm/chain.json
+ testnets/miniwasm/images/INIT.png
+4 −10 testnets/miniwasm/images/INIT.svg
+28 −0 testnets/noon/assetlist.json
+82 −84 testnets/noon/chain.json
+ testnets/noon/images/INIT.png
+4 −10 testnets/noon/images/INIT.svg
+28 −0 testnets/tucana/assetlist.json
+1 −0 testnets/tucana/chain.json
58 changes: 52 additions & 6 deletions src/middleware.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,43 @@ const corsOptions = {
"Access-Control-Allow-Headers": "Content-Type, Authorization, solana-client",
};

const cleanOrigin = (str: string) => {
try {
const url = new URL(str);
let domain = url.hostname;

// Remove www.
if (domain.startsWith("www.")) {
domain = domain.slice(4);
}

return domain;
} catch (error) {
return str; // Return the original string if it's not a valid URL
}
};

const isVercelPreview = (str: string) => {
if (str.endsWith("vercel.app")) {
return true;
}
return false;
};

const isCloudflarePreview = (str: string) => {
if (str.endsWith("pages.dev")) {
return true;
}
return false;
};

const isPreview = (str: string) => {
if (isVercelPreview(str) || isCloudflarePreview(str)) {
return true;
}
return false;
};

export async function middleware(request: NextRequest) {
// Check the origin from the request
const origin = request.headers.get("origin") ?? "";
Expand All @@ -16,16 +53,25 @@ export async function middleware(request: NextRequest) {
return NextResponse.next();
}
const client = createClient(process.env.ALLOWED_LIST_EDGE_CONFIG);
const allowedOriginsData = await client.get("allowed-origins");
const allowedOrigins = await stringArraySchema.parseAsync(allowedOriginsData);
const isAllowedOrigin = allowedOrigins.includes(origin);
const isAllowed = await (async () => {
const domain = cleanOrigin(origin) || "";
if (isPreview(domain)) {
const allowedPreviewData = await client.get("preview-namespace");
const allowedPreview = await stringArraySchema.parseAsync(allowedPreviewData);
if (allowedPreview.find((d) => d.includes(domain))) {
return true;
}
}

const allowedOriginsData = await client.get("allowed-origins");
const allowedOrigins = await stringArraySchema.parseAsync(allowedOriginsData);
return allowedOrigins.includes(domain);
})();
// Handle preflighted requests
const isPreflight = request.method === "OPTIONS";

if (isPreflight) {
const preflightHeaders = {
...(isAllowedOrigin && { "Access-Control-Allow-Origin": origin }),
...(isAllowed && { "Access-Control-Allow-Origin": origin }),
...corsOptions,
};
return NextResponse.json({}, { headers: preflightHeaders });
Expand All @@ -34,7 +80,7 @@ export async function middleware(request: NextRequest) {
// Handle simple requests
const response = NextResponse.next();

if (isAllowedOrigin) {
if (isAllowed) {
response.headers.set("Access-Control-Allow-Origin", origin);
}

Expand Down
Loading