mirror of
https://github.com/linkwarden/linkwarden.git
synced 2026-06-28 14:55:49 +00:00
37 lines
838 B
TypeScript
37 lines
838 B
TypeScript
import { BrowserContext, Route } from "playwright";
|
|
import {
|
|
assertUrlIsSafeForServerSideFetch,
|
|
UnsafeUrlError,
|
|
} from "@linkwarden/lib/ssrf";
|
|
|
|
function isNonNetworkUrl(url: string) {
|
|
return (
|
|
url.startsWith("about:") ||
|
|
url.startsWith("blob:") ||
|
|
url.startsWith("data:")
|
|
);
|
|
}
|
|
|
|
export default async function protectPageRequests(context: BrowserContext) {
|
|
await context.route("**/*", async (route: Route) => {
|
|
const requestUrl = route.request().url();
|
|
|
|
if (isNonNetworkUrl(requestUrl)) {
|
|
await route.continue();
|
|
return;
|
|
}
|
|
|
|
try {
|
|
await assertUrlIsSafeForServerSideFetch(requestUrl);
|
|
await route.continue();
|
|
} catch (error) {
|
|
if (error instanceof UnsafeUrlError) {
|
|
await route.abort("blockedbyclient");
|
|
return;
|
|
}
|
|
|
|
throw error;
|
|
}
|
|
});
|
|
}
|