@lockerpm/desktop-service 1.1.3 → 1.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -128,15 +128,32 @@ class SocketService {
128
128
  });
129
129
  }
130
130
  // ---------------------- PRIVATE METHODS ----------------------
131
+ isOriginAllowed(origin) {
132
+ if (!origin) {
133
+ return false;
134
+ }
135
+ const allowedPatterns = [
136
+ /^https?:\/\/[^\/]*\.locker\.io$/,
137
+ /^https?:\/\/[^\/]*\.cystack\.net$/,
138
+ /^https?:\/\/locker.io$/,
139
+ /^https?:\/\/cystack.net$/,
140
+ ];
141
+ return allowedPatterns.some((pattern) => pattern.test(origin));
142
+ }
131
143
  initSocketOnPort(port, enableSsl) {
132
144
  return new Promise((resolve) => {
133
145
  // Host API server
134
146
  const apiHandler = (req, res) => {
147
+ const origin = req.headers.origin;
148
+ const isAllowed = this.isOriginAllowed(origin);
135
149
  const headers = {
136
- 'Access-Control-Allow-Origin': '*',
137
150
  'Access-Control-Allow-Methods': 'OPTIONS, GET',
138
- 'Access-Control-Max-Age': 2592000, // 30 days
151
+ 'Access-Control-Max-Age': '2592000', // 30 days
139
152
  };
153
+ if (isAllowed && origin) {
154
+ headers['Access-Control-Allow-Origin'] = origin;
155
+ headers['Access-Control-Allow-Credentials'] = 'true';
156
+ }
140
157
  if (req.method === 'OPTIONS') {
141
158
  res.writeHead(204, headers);
142
159
  res.end();
@@ -32,6 +32,7 @@ export declare class SocketService {
32
32
  broadcastToAllExcept(clientId: string, envelop: OutgoingEnvelop<OutgoingMessageType>): void;
33
33
  initSocket(): Promise<void>;
34
34
  initSslSocket(): Promise<void>;
35
+ private isOriginAllowed;
35
36
  private initSocketOnPort;
36
37
  private sendMessage;
37
38
  private handleMessage;
@@ -1 +1 @@
1
- {"version":3,"file":"socket.service.d.ts","sourceRoot":"","sources":["../../../../src/services/socket.service.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAA;AAC1C,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AAClD,OAAO,EAIL,eAAe,EACf,mBAAmB,EAEpB,MAAM,gCAAgC,CAAA;AACvC,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAA;AAC5C,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAM9C,qBAAa,aAAa;IACxB,OAAO,CAAC,MAAM,CAAY;IAC1B,OAAO,CAAC,cAAc,CAAgB;IACtC,OAAO,CAAC,WAAW,CAAa;IAChC,OAAO,CAAC,YAAY,CAAc;IAElC,OAAO,CAAC,SAAS,CAKQ;IACzB,OAAO,CAAC,MAAM,CAAyC;IACvD,OAAO,CAAC,OAAO,CAET;IACN,OAAO,CAAC,YAAY,CAAK;IAEzB,WAAW,SAAI;IACf,cAAc,SAAI;gBAEN,MAAM,EAAE;QAClB,MAAM,EAAE,UAAU,CAAA;QAClB,cAAc,EAAE,cAAc,CAAA;QAC9B,WAAW,EAAE,WAAW,CAAA;QACxB,YAAY,EAAE,YAAY,CAAA;QAC1B,GAAG,CAAC,EAAE;YACJ,IAAI,EAAE,MAAM,CAAA;YACZ,GAAG,EAAE,MAAM,CAAA;SACZ,CAAA;QACD,YAAY,EAAE,MAAM,CAAA;KACrB;IAgBD,IAAI,OAAO,YAIV;IAEK,mBAAmB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,CAAC,mBAAmB,CAAC;IAsBzF,qBAAqB,CAAC,OAAO,EAAE,eAAe,CAAC,mBAAmB,CAAC;IAWnE,oBAAoB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,CAAC,mBAAmB,CAAC;IAa9E,UAAU;IAeV,aAAa;IAiBnB,OAAO,CAAC,gBAAgB;IA8FxB,OAAO,CAAC,WAAW;YAKL,aAAa;CAoG5B"}
1
+ {"version":3,"file":"socket.service.d.ts","sourceRoot":"","sources":["../../../../src/services/socket.service.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAA;AAC1C,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AAClD,OAAO,EAIL,eAAe,EACf,mBAAmB,EAEpB,MAAM,gCAAgC,CAAA;AACvC,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAA;AAC5C,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAM9C,qBAAa,aAAa;IACxB,OAAO,CAAC,MAAM,CAAY;IAC1B,OAAO,CAAC,cAAc,CAAgB;IACtC,OAAO,CAAC,WAAW,CAAa;IAChC,OAAO,CAAC,YAAY,CAAc;IAElC,OAAO,CAAC,SAAS,CAKQ;IACzB,OAAO,CAAC,MAAM,CAAyC;IACvD,OAAO,CAAC,OAAO,CAET;IACN,OAAO,CAAC,YAAY,CAAK;IAEzB,WAAW,SAAI;IACf,cAAc,SAAI;gBAEN,MAAM,EAAE;QAClB,MAAM,EAAE,UAAU,CAAA;QAClB,cAAc,EAAE,cAAc,CAAA;QAC9B,WAAW,EAAE,WAAW,CAAA;QACxB,YAAY,EAAE,YAAY,CAAA;QAC1B,GAAG,CAAC,EAAE;YACJ,IAAI,EAAE,MAAM,CAAA;YACZ,GAAG,EAAE,MAAM,CAAA;SACZ,CAAA;QACD,YAAY,EAAE,MAAM,CAAA;KACrB;IAgBD,IAAI,OAAO,YAIV;IAEK,mBAAmB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,CAAC,mBAAmB,CAAC;IAsBzF,qBAAqB,CAAC,OAAO,EAAE,eAAe,CAAC,mBAAmB,CAAC;IAWnE,oBAAoB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,CAAC,mBAAmB,CAAC;IAa9E,UAAU;IAeV,aAAa;IAiBnB,OAAO,CAAC,eAAe;IAevB,OAAO,CAAC,gBAAgB;IAqGxB,OAAO,CAAC,WAAW;YAKL,aAAa;CAoG5B"}
@@ -116,15 +116,32 @@ class SocketService {
116
116
  }
117
117
  }
118
118
  // ---------------------- PRIVATE METHODS ----------------------
119
+ isOriginAllowed(origin) {
120
+ if (!origin) {
121
+ return false;
122
+ }
123
+ const allowedPatterns = [
124
+ /^https?:\/\/[^\/]*\.locker\.io$/,
125
+ /^https?:\/\/[^\/]*\.cystack\.net$/,
126
+ /^https?:\/\/locker.io$/,
127
+ /^https?:\/\/cystack.net$/,
128
+ ];
129
+ return allowedPatterns.some((pattern) => pattern.test(origin));
130
+ }
119
131
  initSocketOnPort(port, enableSsl) {
120
132
  return new Promise((resolve) => {
121
133
  // Host API server
122
134
  const apiHandler = (req, res) => {
135
+ const origin = req.headers.origin;
136
+ const isAllowed = this.isOriginAllowed(origin);
123
137
  const headers = {
124
- 'Access-Control-Allow-Origin': '*',
125
138
  'Access-Control-Allow-Methods': 'OPTIONS, GET',
126
- 'Access-Control-Max-Age': 2592000, // 30 days
139
+ 'Access-Control-Max-Age': '2592000', // 30 days
127
140
  };
141
+ if (isAllowed && origin) {
142
+ headers['Access-Control-Allow-Origin'] = origin;
143
+ headers['Access-Control-Allow-Credentials'] = 'true';
144
+ }
128
145
  if (req.method === 'OPTIONS') {
129
146
  res.writeHead(204, headers);
130
147
  res.end();
@@ -32,6 +32,7 @@ export declare class SocketService {
32
32
  broadcastToAllExcept(clientId: string, envelop: OutgoingEnvelop<OutgoingMessageType>): void;
33
33
  initSocket(): Promise<void>;
34
34
  initSslSocket(): Promise<void>;
35
+ private isOriginAllowed;
35
36
  private initSocketOnPort;
36
37
  private sendMessage;
37
38
  private handleMessage;
@@ -1 +1 @@
1
- {"version":3,"file":"socket.service.d.ts","sourceRoot":"","sources":["../../../../src/services/socket.service.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAA;AAC1C,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AAClD,OAAO,EAIL,eAAe,EACf,mBAAmB,EAEpB,MAAM,gCAAgC,CAAA;AACvC,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAA;AAC5C,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAM9C,qBAAa,aAAa;IACxB,OAAO,CAAC,MAAM,CAAY;IAC1B,OAAO,CAAC,cAAc,CAAgB;IACtC,OAAO,CAAC,WAAW,CAAa;IAChC,OAAO,CAAC,YAAY,CAAc;IAElC,OAAO,CAAC,SAAS,CAKQ;IACzB,OAAO,CAAC,MAAM,CAAyC;IACvD,OAAO,CAAC,OAAO,CAET;IACN,OAAO,CAAC,YAAY,CAAK;IAEzB,WAAW,SAAI;IACf,cAAc,SAAI;gBAEN,MAAM,EAAE;QAClB,MAAM,EAAE,UAAU,CAAA;QAClB,cAAc,EAAE,cAAc,CAAA;QAC9B,WAAW,EAAE,WAAW,CAAA;QACxB,YAAY,EAAE,YAAY,CAAA;QAC1B,GAAG,CAAC,EAAE;YACJ,IAAI,EAAE,MAAM,CAAA;YACZ,GAAG,EAAE,MAAM,CAAA;SACZ,CAAA;QACD,YAAY,EAAE,MAAM,CAAA;KACrB;IAgBD,IAAI,OAAO,YAIV;IAEK,mBAAmB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,CAAC,mBAAmB,CAAC;IAsBzF,qBAAqB,CAAC,OAAO,EAAE,eAAe,CAAC,mBAAmB,CAAC;IAWnE,oBAAoB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,CAAC,mBAAmB,CAAC;IAa9E,UAAU;IAeV,aAAa;IAiBnB,OAAO,CAAC,gBAAgB;IA8FxB,OAAO,CAAC,WAAW;YAKL,aAAa;CAoG5B"}
1
+ {"version":3,"file":"socket.service.d.ts","sourceRoot":"","sources":["../../../../src/services/socket.service.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAA;AAC1C,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AAClD,OAAO,EAIL,eAAe,EACf,mBAAmB,EAEpB,MAAM,gCAAgC,CAAA;AACvC,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAA;AAC5C,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAM9C,qBAAa,aAAa;IACxB,OAAO,CAAC,MAAM,CAAY;IAC1B,OAAO,CAAC,cAAc,CAAgB;IACtC,OAAO,CAAC,WAAW,CAAa;IAChC,OAAO,CAAC,YAAY,CAAc;IAElC,OAAO,CAAC,SAAS,CAKQ;IACzB,OAAO,CAAC,MAAM,CAAyC;IACvD,OAAO,CAAC,OAAO,CAET;IACN,OAAO,CAAC,YAAY,CAAK;IAEzB,WAAW,SAAI;IACf,cAAc,SAAI;gBAEN,MAAM,EAAE;QAClB,MAAM,EAAE,UAAU,CAAA;QAClB,cAAc,EAAE,cAAc,CAAA;QAC9B,WAAW,EAAE,WAAW,CAAA;QACxB,YAAY,EAAE,YAAY,CAAA;QAC1B,GAAG,CAAC,EAAE;YACJ,IAAI,EAAE,MAAM,CAAA;YACZ,GAAG,EAAE,MAAM,CAAA;SACZ,CAAA;QACD,YAAY,EAAE,MAAM,CAAA;KACrB;IAgBD,IAAI,OAAO,YAIV;IAEK,mBAAmB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,CAAC,mBAAmB,CAAC;IAsBzF,qBAAqB,CAAC,OAAO,EAAE,eAAe,CAAC,mBAAmB,CAAC;IAWnE,oBAAoB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,CAAC,mBAAmB,CAAC;IAa9E,UAAU;IAeV,aAAa;IAiBnB,OAAO,CAAC,eAAe;IAevB,OAAO,CAAC,gBAAgB;IAqGxB,OAAO,CAAC,WAAW;YAKL,aAAa;CAoG5B"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@lockerpm/desktop-service",
3
- "version": "1.1.3",
3
+ "version": "1.1.5",
4
4
  "description": "",
5
5
  "exports": {
6
6
  ".": {
@@ -37,7 +37,7 @@
37
37
  "@types/chai": "^4.3.5",
38
38
  "@types/google-protobuf": "^3.15.9",
39
39
  "@types/mocha": "^10.0.1",
40
- "@types/ws": "^8.5.8",
40
+ "@types/ws": "^8.18.1",
41
41
  "chai": "^4.3.7",
42
42
  "dotenv": "^16.3.1",
43
43
  "mocha": "^10.2.0",
@@ -45,11 +45,11 @@
45
45
  "typescript": "^5.1.3"
46
46
  },
47
47
  "dependencies": {
48
- "@grpc/grpc-js": "^1.9.7",
49
- "axios": "^1.5.1",
48
+ "@grpc/grpc-js": "^1.14.3",
49
+ "axios": "^1.13.5",
50
50
  "eventemitter3": "^5.0.1",
51
51
  "find-process": "^1.4.7",
52
52
  "google-protobuf": "^3.21.2",
53
- "ws": "^8.14.2"
53
+ "ws": "^8.19.0"
54
54
  }
55
55
  }