@co0ontty/wand 1.43.3 → 1.43.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/build-info.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
|
-
"commit": "
|
|
3
|
-
"builtAt": "2026-05-31T06:
|
|
4
|
-
"version": "1.43.
|
|
2
|
+
"commit": "304e8031c34e30a7e87403616636c0f056622442",
|
|
3
|
+
"builtAt": "2026-05-31T06:46:18.755Z",
|
|
4
|
+
"version": "1.43.4",
|
|
5
5
|
"channel": "stable"
|
|
6
6
|
}
|
package/dist/server.js
CHANGED
|
@@ -533,6 +533,29 @@ function getPublicRequestHost(req, config) {
|
|
|
533
533
|
?? req.headers.host
|
|
534
534
|
?? `${config.host}:${config.port}`);
|
|
535
535
|
}
|
|
536
|
+
function firstQueryStringValue(value) {
|
|
537
|
+
if (typeof value === "string")
|
|
538
|
+
return value;
|
|
539
|
+
if (Array.isArray(value))
|
|
540
|
+
return firstQueryStringValue(value[0]);
|
|
541
|
+
return undefined;
|
|
542
|
+
}
|
|
543
|
+
function normalizePublicOrigin(value) {
|
|
544
|
+
const raw = value?.trim();
|
|
545
|
+
if (!raw)
|
|
546
|
+
return undefined;
|
|
547
|
+
try {
|
|
548
|
+
const parsed = new URL(raw);
|
|
549
|
+
if (parsed.protocol !== "http:" && parsed.protocol !== "https:")
|
|
550
|
+
return undefined;
|
|
551
|
+
if (!parsed.hostname || parsed.username || parsed.password)
|
|
552
|
+
return undefined;
|
|
553
|
+
return parsed.origin;
|
|
554
|
+
}
|
|
555
|
+
catch {
|
|
556
|
+
return undefined;
|
|
557
|
+
}
|
|
558
|
+
}
|
|
536
559
|
function decodeConnectCode(code) {
|
|
537
560
|
try {
|
|
538
561
|
const decoded = Buffer.from(code, "base64").toString("utf8");
|
|
@@ -1388,7 +1411,8 @@ export async function startServer(config, configPath) {
|
|
|
1388
1411
|
const effectivePassword = dbPassword ?? config.password;
|
|
1389
1412
|
const protocol = getPublicRequestProtocol(req, useHttps ? "https" : "http");
|
|
1390
1413
|
const host = getPublicRequestHost(req, config);
|
|
1391
|
-
const
|
|
1414
|
+
const browserOrigin = normalizePublicOrigin(firstQueryStringValue(req.query.origin));
|
|
1415
|
+
const serverUrl = browserOrigin ?? `${protocol}://${host}`;
|
|
1392
1416
|
const appSecret = config.appSecret ?? "";
|
|
1393
1417
|
const token = generateAppToken(effectivePassword, appSecret);
|
|
1394
1418
|
const code = encodeConnectCode(serverUrl, token);
|
|
@@ -10987,7 +10987,11 @@
|
|
|
10987
10987
|
connectCodeEl.textContent = "加载中...";
|
|
10988
10988
|
if (connectQrEmpty) connectQrEmpty.textContent = "生成中…";
|
|
10989
10989
|
if (connectQrCanvas) connectQrCanvas.style.visibility = "hidden";
|
|
10990
|
-
|
|
10990
|
+
var connectCodeUrl = "/api/app-connect-code";
|
|
10991
|
+
if (window.location && window.location.origin) {
|
|
10992
|
+
connectCodeUrl += "?origin=" + encodeURIComponent(window.location.origin);
|
|
10993
|
+
}
|
|
10994
|
+
fetch(connectCodeUrl, { credentials: "same-origin" }).then(function(r) { return r.json(); }).then(function(d) {
|
|
10991
10995
|
if (d.code) {
|
|
10992
10996
|
connectCodeEl.textContent = d.code;
|
|
10993
10997
|
state.androidConnectCode = d.code;
|