@lockerpm/desktop-service 1.1.3 → 1.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/cjs/services/socket.service.js +19 -2
- package/lib/cjs/types/services/socket.service.d.ts +1 -0
- package/lib/cjs/types/services/socket.service.d.ts.map +1 -1
- package/lib/esm/services/socket.service.js +19 -2
- package/lib/esm/types/services/socket.service.d.ts +1 -0
- package/lib/esm/types/services/socket.service.d.ts.map +1 -1
- package/package.json +5 -5
|
@@ -128,15 +128,32 @@ class SocketService {
|
|
|
128
128
|
});
|
|
129
129
|
}
|
|
130
130
|
// ---------------------- PRIVATE METHODS ----------------------
|
|
131
|
+
isOriginAllowed(origin) {
|
|
132
|
+
if (!origin) {
|
|
133
|
+
return false;
|
|
134
|
+
}
|
|
135
|
+
const allowedPatterns = [
|
|
136
|
+
/^https?:\/\/[^\/]*\.locker\.io$/,
|
|
137
|
+
/^https?:\/\/[^\/]*\.cystack\.net$/,
|
|
138
|
+
/^https?:\/\/locker.io$/,
|
|
139
|
+
/^https?:\/\/cystack.net$/,
|
|
140
|
+
];
|
|
141
|
+
return allowedPatterns.some((pattern) => pattern.test(origin));
|
|
142
|
+
}
|
|
131
143
|
initSocketOnPort(port, enableSsl) {
|
|
132
144
|
return new Promise((resolve) => {
|
|
133
145
|
// Host API server
|
|
134
146
|
const apiHandler = (req, res) => {
|
|
147
|
+
const origin = req.headers.origin;
|
|
148
|
+
const isAllowed = this.isOriginAllowed(origin);
|
|
135
149
|
const headers = {
|
|
136
|
-
'Access-Control-Allow-Origin': '*',
|
|
137
150
|
'Access-Control-Allow-Methods': 'OPTIONS, GET',
|
|
138
|
-
'Access-Control-Max-Age': 2592000, // 30 days
|
|
151
|
+
'Access-Control-Max-Age': '2592000', // 30 days
|
|
139
152
|
};
|
|
153
|
+
if (isAllowed && origin) {
|
|
154
|
+
headers['Access-Control-Allow-Origin'] = origin;
|
|
155
|
+
headers['Access-Control-Allow-Credentials'] = 'true';
|
|
156
|
+
}
|
|
140
157
|
if (req.method === 'OPTIONS') {
|
|
141
158
|
res.writeHead(204, headers);
|
|
142
159
|
res.end();
|
|
@@ -32,6 +32,7 @@ export declare class SocketService {
|
|
|
32
32
|
broadcastToAllExcept(clientId: string, envelop: OutgoingEnvelop<OutgoingMessageType>): void;
|
|
33
33
|
initSocket(): Promise<void>;
|
|
34
34
|
initSslSocket(): Promise<void>;
|
|
35
|
+
private isOriginAllowed;
|
|
35
36
|
private initSocketOnPort;
|
|
36
37
|
private sendMessage;
|
|
37
38
|
private handleMessage;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"socket.service.d.ts","sourceRoot":"","sources":["../../../../src/services/socket.service.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAA;AAC1C,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AAClD,OAAO,EAIL,eAAe,EACf,mBAAmB,EAEpB,MAAM,gCAAgC,CAAA;AACvC,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAA;AAC5C,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAM9C,qBAAa,aAAa;IACxB,OAAO,CAAC,MAAM,CAAY;IAC1B,OAAO,CAAC,cAAc,CAAgB;IACtC,OAAO,CAAC,WAAW,CAAa;IAChC,OAAO,CAAC,YAAY,CAAc;IAElC,OAAO,CAAC,SAAS,CAKQ;IACzB,OAAO,CAAC,MAAM,CAAyC;IACvD,OAAO,CAAC,OAAO,CAET;IACN,OAAO,CAAC,YAAY,CAAK;IAEzB,WAAW,SAAI;IACf,cAAc,SAAI;gBAEN,MAAM,EAAE;QAClB,MAAM,EAAE,UAAU,CAAA;QAClB,cAAc,EAAE,cAAc,CAAA;QAC9B,WAAW,EAAE,WAAW,CAAA;QACxB,YAAY,EAAE,YAAY,CAAA;QAC1B,GAAG,CAAC,EAAE;YACJ,IAAI,EAAE,MAAM,CAAA;YACZ,GAAG,EAAE,MAAM,CAAA;SACZ,CAAA;QACD,YAAY,EAAE,MAAM,CAAA;KACrB;IAgBD,IAAI,OAAO,YAIV;IAEK,mBAAmB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,CAAC,mBAAmB,CAAC;IAsBzF,qBAAqB,CAAC,OAAO,EAAE,eAAe,CAAC,mBAAmB,CAAC;IAWnE,oBAAoB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,CAAC,mBAAmB,CAAC;IAa9E,UAAU;IAeV,aAAa;IAiBnB,OAAO,CAAC,gBAAgB;
|
|
1
|
+
{"version":3,"file":"socket.service.d.ts","sourceRoot":"","sources":["../../../../src/services/socket.service.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAA;AAC1C,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AAClD,OAAO,EAIL,eAAe,EACf,mBAAmB,EAEpB,MAAM,gCAAgC,CAAA;AACvC,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAA;AAC5C,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAM9C,qBAAa,aAAa;IACxB,OAAO,CAAC,MAAM,CAAY;IAC1B,OAAO,CAAC,cAAc,CAAgB;IACtC,OAAO,CAAC,WAAW,CAAa;IAChC,OAAO,CAAC,YAAY,CAAc;IAElC,OAAO,CAAC,SAAS,CAKQ;IACzB,OAAO,CAAC,MAAM,CAAyC;IACvD,OAAO,CAAC,OAAO,CAET;IACN,OAAO,CAAC,YAAY,CAAK;IAEzB,WAAW,SAAI;IACf,cAAc,SAAI;gBAEN,MAAM,EAAE;QAClB,MAAM,EAAE,UAAU,CAAA;QAClB,cAAc,EAAE,cAAc,CAAA;QAC9B,WAAW,EAAE,WAAW,CAAA;QACxB,YAAY,EAAE,YAAY,CAAA;QAC1B,GAAG,CAAC,EAAE;YACJ,IAAI,EAAE,MAAM,CAAA;YACZ,GAAG,EAAE,MAAM,CAAA;SACZ,CAAA;QACD,YAAY,EAAE,MAAM,CAAA;KACrB;IAgBD,IAAI,OAAO,YAIV;IAEK,mBAAmB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,CAAC,mBAAmB,CAAC;IAsBzF,qBAAqB,CAAC,OAAO,EAAE,eAAe,CAAC,mBAAmB,CAAC;IAWnE,oBAAoB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,CAAC,mBAAmB,CAAC;IAa9E,UAAU;IAeV,aAAa;IAiBnB,OAAO,CAAC,eAAe;IAevB,OAAO,CAAC,gBAAgB;IAqGxB,OAAO,CAAC,WAAW;YAKL,aAAa;CAoG5B"}
|
|
@@ -116,15 +116,32 @@ class SocketService {
|
|
|
116
116
|
}
|
|
117
117
|
}
|
|
118
118
|
// ---------------------- PRIVATE METHODS ----------------------
|
|
119
|
+
isOriginAllowed(origin) {
|
|
120
|
+
if (!origin) {
|
|
121
|
+
return false;
|
|
122
|
+
}
|
|
123
|
+
const allowedPatterns = [
|
|
124
|
+
/^https?:\/\/[^\/]*\.locker\.io$/,
|
|
125
|
+
/^https?:\/\/[^\/]*\.cystack\.net$/,
|
|
126
|
+
/^https?:\/\/locker.io$/,
|
|
127
|
+
/^https?:\/\/cystack.net$/,
|
|
128
|
+
];
|
|
129
|
+
return allowedPatterns.some((pattern) => pattern.test(origin));
|
|
130
|
+
}
|
|
119
131
|
initSocketOnPort(port, enableSsl) {
|
|
120
132
|
return new Promise((resolve) => {
|
|
121
133
|
// Host API server
|
|
122
134
|
const apiHandler = (req, res) => {
|
|
135
|
+
const origin = req.headers.origin;
|
|
136
|
+
const isAllowed = this.isOriginAllowed(origin);
|
|
123
137
|
const headers = {
|
|
124
|
-
'Access-Control-Allow-Origin': '*',
|
|
125
138
|
'Access-Control-Allow-Methods': 'OPTIONS, GET',
|
|
126
|
-
'Access-Control-Max-Age': 2592000, // 30 days
|
|
139
|
+
'Access-Control-Max-Age': '2592000', // 30 days
|
|
127
140
|
};
|
|
141
|
+
if (isAllowed && origin) {
|
|
142
|
+
headers['Access-Control-Allow-Origin'] = origin;
|
|
143
|
+
headers['Access-Control-Allow-Credentials'] = 'true';
|
|
144
|
+
}
|
|
128
145
|
if (req.method === 'OPTIONS') {
|
|
129
146
|
res.writeHead(204, headers);
|
|
130
147
|
res.end();
|
|
@@ -32,6 +32,7 @@ export declare class SocketService {
|
|
|
32
32
|
broadcastToAllExcept(clientId: string, envelop: OutgoingEnvelop<OutgoingMessageType>): void;
|
|
33
33
|
initSocket(): Promise<void>;
|
|
34
34
|
initSslSocket(): Promise<void>;
|
|
35
|
+
private isOriginAllowed;
|
|
35
36
|
private initSocketOnPort;
|
|
36
37
|
private sendMessage;
|
|
37
38
|
private handleMessage;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"socket.service.d.ts","sourceRoot":"","sources":["../../../../src/services/socket.service.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAA;AAC1C,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AAClD,OAAO,EAIL,eAAe,EACf,mBAAmB,EAEpB,MAAM,gCAAgC,CAAA;AACvC,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAA;AAC5C,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAM9C,qBAAa,aAAa;IACxB,OAAO,CAAC,MAAM,CAAY;IAC1B,OAAO,CAAC,cAAc,CAAgB;IACtC,OAAO,CAAC,WAAW,CAAa;IAChC,OAAO,CAAC,YAAY,CAAc;IAElC,OAAO,CAAC,SAAS,CAKQ;IACzB,OAAO,CAAC,MAAM,CAAyC;IACvD,OAAO,CAAC,OAAO,CAET;IACN,OAAO,CAAC,YAAY,CAAK;IAEzB,WAAW,SAAI;IACf,cAAc,SAAI;gBAEN,MAAM,EAAE;QAClB,MAAM,EAAE,UAAU,CAAA;QAClB,cAAc,EAAE,cAAc,CAAA;QAC9B,WAAW,EAAE,WAAW,CAAA;QACxB,YAAY,EAAE,YAAY,CAAA;QAC1B,GAAG,CAAC,EAAE;YACJ,IAAI,EAAE,MAAM,CAAA;YACZ,GAAG,EAAE,MAAM,CAAA;SACZ,CAAA;QACD,YAAY,EAAE,MAAM,CAAA;KACrB;IAgBD,IAAI,OAAO,YAIV;IAEK,mBAAmB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,CAAC,mBAAmB,CAAC;IAsBzF,qBAAqB,CAAC,OAAO,EAAE,eAAe,CAAC,mBAAmB,CAAC;IAWnE,oBAAoB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,CAAC,mBAAmB,CAAC;IAa9E,UAAU;IAeV,aAAa;IAiBnB,OAAO,CAAC,gBAAgB;
|
|
1
|
+
{"version":3,"file":"socket.service.d.ts","sourceRoot":"","sources":["../../../../src/services/socket.service.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAA;AAC1C,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AAClD,OAAO,EAIL,eAAe,EACf,mBAAmB,EAEpB,MAAM,gCAAgC,CAAA;AACvC,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAA;AAC5C,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAM9C,qBAAa,aAAa;IACxB,OAAO,CAAC,MAAM,CAAY;IAC1B,OAAO,CAAC,cAAc,CAAgB;IACtC,OAAO,CAAC,WAAW,CAAa;IAChC,OAAO,CAAC,YAAY,CAAc;IAElC,OAAO,CAAC,SAAS,CAKQ;IACzB,OAAO,CAAC,MAAM,CAAyC;IACvD,OAAO,CAAC,OAAO,CAET;IACN,OAAO,CAAC,YAAY,CAAK;IAEzB,WAAW,SAAI;IACf,cAAc,SAAI;gBAEN,MAAM,EAAE;QAClB,MAAM,EAAE,UAAU,CAAA;QAClB,cAAc,EAAE,cAAc,CAAA;QAC9B,WAAW,EAAE,WAAW,CAAA;QACxB,YAAY,EAAE,YAAY,CAAA;QAC1B,GAAG,CAAC,EAAE;YACJ,IAAI,EAAE,MAAM,CAAA;YACZ,GAAG,EAAE,MAAM,CAAA;SACZ,CAAA;QACD,YAAY,EAAE,MAAM,CAAA;KACrB;IAgBD,IAAI,OAAO,YAIV;IAEK,mBAAmB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,CAAC,mBAAmB,CAAC;IAsBzF,qBAAqB,CAAC,OAAO,EAAE,eAAe,CAAC,mBAAmB,CAAC;IAWnE,oBAAoB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,CAAC,mBAAmB,CAAC;IAa9E,UAAU;IAeV,aAAa;IAiBnB,OAAO,CAAC,eAAe;IAevB,OAAO,CAAC,gBAAgB;IAqGxB,OAAO,CAAC,WAAW;YAKL,aAAa;CAoG5B"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@lockerpm/desktop-service",
|
|
3
|
-
"version": "1.1.
|
|
3
|
+
"version": "1.1.5",
|
|
4
4
|
"description": "",
|
|
5
5
|
"exports": {
|
|
6
6
|
".": {
|
|
@@ -37,7 +37,7 @@
|
|
|
37
37
|
"@types/chai": "^4.3.5",
|
|
38
38
|
"@types/google-protobuf": "^3.15.9",
|
|
39
39
|
"@types/mocha": "^10.0.1",
|
|
40
|
-
"@types/ws": "^8.
|
|
40
|
+
"@types/ws": "^8.18.1",
|
|
41
41
|
"chai": "^4.3.7",
|
|
42
42
|
"dotenv": "^16.3.1",
|
|
43
43
|
"mocha": "^10.2.0",
|
|
@@ -45,11 +45,11 @@
|
|
|
45
45
|
"typescript": "^5.1.3"
|
|
46
46
|
},
|
|
47
47
|
"dependencies": {
|
|
48
|
-
"@grpc/grpc-js": "^1.
|
|
49
|
-
"axios": "^1.5
|
|
48
|
+
"@grpc/grpc-js": "^1.14.3",
|
|
49
|
+
"axios": "^1.13.5",
|
|
50
50
|
"eventemitter3": "^5.0.1",
|
|
51
51
|
"find-process": "^1.4.7",
|
|
52
52
|
"google-protobuf": "^3.21.2",
|
|
53
|
-
"ws": "^8.
|
|
53
|
+
"ws": "^8.19.0"
|
|
54
54
|
}
|
|
55
55
|
}
|