mirror of
https://github.com/labring/FastGPT.git
synced 2026-05-02 01:02:05 +08:00
Archer
c93c3937e1
* refactor: fastgpt object storage & global proxy (#6155) * feat: migrate to fastgpt storage sdk * chore: rename env variable * chore: move to sdk dir * docs: object storage * CHORE * chore: storage mocks * chore: update docker-compose * fix: global proxy agent * fix: update COS proxy * refactor: use fetch instead of http.request * fix: axios request base url * fix: axios proxy request behavior * fix: bumps axios * fix: patch axios for proxy * fix: replace axios with proxied axios * fix: upload txt file encoding * clean code * fix: use "minio" for minio adapter (#6205) * fix: use minio client to delete files when using minio vendor (#6206) * doc * feat: filter citations and add response button control (#6170) * feat: filter citations and add response button control * i18n * fix * fix test * perf: chat api code * fix: workflow edge overlap and auto-align in folded loop nodes (#6204) * fix: workflow edge overlap and auto-align in folded loop nodes * sort * fix * fix edge * fix icon * perf: s3 file name * perf: admin get app api * perf: catch user error * fix: refactor useOrg hook to use debounced search key (#6180) * chore: comment minio adapter (#6207) * chore: filename with suffix random id * perf: s3 storage code * fix: encode filename when copy object --------- Co-authored-by: archer <545436317@qq.com> * fix: node card link * json * perf: chat index; * index * chat item soft delete (#6216) * chat item soft delete * temp * fix * remove code * perf: delete chat item --------- Co-authored-by: archer <545436317@qq.com> * feat: select wheather filter sensitive info when export apps (#6222) * fix some bugs (#6210) * fix v4.14.5 bugs * type * fix * fix * custom feedback * fix * code * fix * remove invalid function --------- Co-authored-by: archer <545436317@qq.com> * perf: test * fix file default local upload (#6223) * docs: improve object storage introduction (#6224) * doc --------- Co-authored-by: roy <whoeverimf5@gmail.com> Co-authored-by: heheer <heheer@sealos.io> Co-authored-by: Finley Ge <32237950+FinleyGe@users.noreply.github.com>
52 lines
1.3 KiB
TypeScript
52 lines
1.3 KiB
TypeScript
const systemWhiteList = (() => {
|
|
const list: string[] = [];
|
|
if (process.env.STORAGE_S3_ENDPOINT) {
|
|
list.push(process.env.STORAGE_S3_ENDPOINT);
|
|
}
|
|
if (process.env.STORAGE_EXTERNAL_ENDPOINT) {
|
|
try {
|
|
const urlData = new URL(process.env.STORAGE_EXTERNAL_ENDPOINT);
|
|
list.push(urlData.hostname);
|
|
} catch (error) {}
|
|
}
|
|
if (process.env.FE_DOMAIN) {
|
|
try {
|
|
const urlData = new URL(process.env.FE_DOMAIN);
|
|
list.push(urlData.hostname);
|
|
} catch (error) {}
|
|
}
|
|
if (process.env.PRO_URL) {
|
|
try {
|
|
const urlData = new URL(process.env.PRO_URL);
|
|
list.push(urlData.hostname);
|
|
} catch (error) {}
|
|
}
|
|
return list;
|
|
})();
|
|
|
|
export const validateFileUrlDomain = (url: string): boolean => {
|
|
try {
|
|
// Allow all URLs if the whitelist is empty
|
|
if ((global.systemEnv?.fileUrlWhitelist || []).length === 0) {
|
|
return true;
|
|
}
|
|
|
|
const whitelistArray = [...(global.systemEnv?.fileUrlWhitelist || []), ...systemWhiteList];
|
|
|
|
const urlObj = new URL(url);
|
|
|
|
const isAllowed = whitelistArray.some((domain) => {
|
|
if (!domain || typeof domain !== 'string') return false;
|
|
return urlObj.hostname === domain;
|
|
});
|
|
|
|
if (!isAllowed) {
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
} catch (error) {
|
|
return true;
|
|
}
|
|
};
|