nterminal 1.2.6 → 1.2.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +2 -2
- package/dist/server/config.js +1 -4
- package/dist/server/config.js.map +1 -1
- package/dist/server/http.js +46 -0
- package/dist/server/http.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
# NTerminal
|
|
2
2
|
|
|
3
|
-
<img src="https://cdn.jsdelivr.net/npm/nterminal@1.2.4/public/icons/app-icon-1024.png?v=readme-1.2.
|
|
3
|
+
<img src="https://cdn.jsdelivr.net/npm/nterminal@1.2.4/public/icons/app-icon-1024.png?v=readme-1.2.7" alt="NTerminal app icon" width="96" height="96">
|
|
4
4
|
|
|
5
5
|
NTerminal turns your own machines into one secure browser workspace for real shells, Codex, Claude, files, and long-running terminal sessions.
|
|
6
6
|
|
|
7
|
-
<img src="https://cdn.jsdelivr.net/npm/nterminal@1.2.4/assets/screenshot/scr.png?v=readme-1.2.
|
|
7
|
+
<img src="https://cdn.jsdelivr.net/npm/nterminal@1.2.4/assets/screenshot/scr.png?v=readme-1.2.7" alt="NTerminal workspace with split terminal panes" width="100%">
|
|
8
8
|
|
|
9
9
|
NTerminal is a single-owner web terminal for machines you control. It is not a hosted shell product, not a SaaS app, and not a multi-user IDE.
|
|
10
10
|
|
package/dist/server/config.js
CHANGED
|
@@ -115,10 +115,7 @@ export function loadConfig(env = process.env) {
|
|
|
115
115
|
};
|
|
116
116
|
}
|
|
117
117
|
export function isAllowedOrigin(config, origin) {
|
|
118
|
-
|
|
119
|
-
return true;
|
|
120
|
-
}
|
|
121
|
-
return config.allowedOrigins.includes(origin);
|
|
118
|
+
return Boolean(origin && config.allowedOrigins.includes(origin));
|
|
122
119
|
}
|
|
123
120
|
function stripEnvQuotes(value) {
|
|
124
121
|
if ((value.startsWith('"') && value.endsWith('"')) || (value.startsWith("'") && value.endsWith("'"))) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/server/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AA4B7B,SAAS,OAAO,CAAC,KAAyB,EAAE,QAAgB,EAAE,IAAY;IACxE,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;QAC/C,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IAC7B,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,MAAM,IAAI,CAAC,EAAE,CAAC;QAC7C,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,6BAA6B,CAAC,CAAC;IACxD,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,aAAa,CAAC,GAAc,EAAE,IAAY,EAAE,eAAwB;IAC3E,MAAM,KAAK,GAAG,GAAG,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC;IAChC,MAAM,MAAM,GAAG,KAAK,IAAI,CAAC,GAAG,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;IAChF,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,cAAc,CAAC,CAAC;IACzC,CAAC;IACD,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,iCAAiC,CAAC,CAAC;IAC5D,CAAC;IACD,IAAI,IAAI,KAAK,0BAA0B,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAC9D,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,iCAAiC,CAAC,CAAC;IAC5D,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,eAAe,CAAC,GAAuB;IAC9C,MAAM,KAAK,GAAG,GAAG,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAI,CAAC,KAAK,IAAI,KAAK,KAAK,OAAO,EAAE,CAAC;QAChC,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,KAAK,KAAK,MAAM,EAAE,CAAC;QACrB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,6FAA6F;IAC7F,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,YAAY,CAAC,GAAc;IAClC,OAAO,GAAG,CAAC,eAAe,EAAE,IAAI,EAAE,IAAI,GAAG,CAAC,KAAK,EAAE,IAAI,EAAE,IAAI,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,OAAO,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC;AAC1H,CAAC;AAED,SAAS,YAAY,CAAC,GAAuB,EAAE,IAAY,EAAE,IAAY;IACvE,MAAM,UAAU,GAAG,GAAG;QACpB,EAAE,KAAK,CAAC,GAAG,CAAC;SACX,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;SAC9B,MAAM,CAAC,OAAO,CAAC,CAAC;IACnB,IAAI,UAAU,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxC,OAAO,UAAU,CAAC;IACpB,CAAC;IACD,OAAO,CAAC,UAAU,IAAI,IAAI,IAAI,EAAE,EAAE,oBAAoB,IAAI,EAAE,EAAE,oBAAoB,IAAI,EAAE,CAAC,CAAC;AAC5F,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,QAAQ,GAAG,MAAM,EAAE,UAAqB,OAAO,CAAC,GAAG;IAChF,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC7B,OAAO,OAAO,CAAC;IACjB,CAAC;IACD,MAAM,MAAM,GAAc,EAAE,GAAG,OAAO,EAAE,CAAC;IACzC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAClD,KAAK,MAAM,OAAO,IAAI,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;QAC7C,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAClC,SAAS;QACX,CAAC;QACD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACpC,IAAI,SAAS,KAAK,CAAC,CAAC,EAAE,CAAC;YACrB,SAAS;QACX,CAAC;QACD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC;QAC5C,IAAI,CAAC,GAAG,IAAI,MAAM,CAAC,GAAG,CAAC,KAAK,SAAS,EAAE,CAAC;YACtC,SAAS;QACX,CAAC;QACD,MAAM,CAAC,GAAG,CAAC,GAAG,cAAc,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;IACjE,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,MAAiB,OAAO,CAAC,GAAG;IACrD,MAAM,IAAI,GAAG,GAAG,CAAC,cAAc,EAAE,IAAI,EAAE,IAAI,WAAW,CAAC;IACvD,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,EAAE,gBAAgB,CAAC,CAAC;IACjE,uEAAuE;IACvE,wEAAwE;IACxE,uEAAuE;IACvE,+CAA+C;IAC/C,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,GAAG,CAAC,wBAAwB,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;IACzG,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,IAAI,EAAE,IAAI,uBAAuB,CAAC,CAAC;IAC5F,MAAM,iBAAiB,GAAG,OAAO,CAAC,GAAG,CAAC,6BAA6B,EAAE,MAAM,EAAE,+BAA+B,CAAC,CAAC;IAC9G,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,0BAA0B,EAAE,IAAI,EAAE,4BAA4B,CAAC,CAAC;IACnG,MAAM,kBAAkB,GAAG,OAAO,CAAC,GAAG,CAAC,+BAA+B,EAAE,WAAW,EAAE,iCAAiC,CAAC,CAAC;IACxH,MAAM,mBAAmB,GAAG,OAAO,CAAC,GAAG,CAAC,gCAAgC,EAAE,aAAa,EAAE,kCAAkC,CAAC,CAAC;IAC7H,MAAM,kBAAkB,GAAG,OAAO,CAAC,GAAG,CAAC,+BAA+B,EAAE,IAAI,EAAE,iCAAiC,CAAC,CAAC;IACjH,MAAM,gBAAgB,GAAG,OAAO,CAAC,GAAG,CAAC,6BAA6B,EAAE,SAAS,EAAE,+BAA+B,CAAC,CAAC;IAChH,MAAM,mBAAmB,GAAG,OAAO,CAAC,GAAG,CAAC,gCAAgC,EAAE,UAAU,EAAE,kCAAkC,CAAC,CAAC;IAC1H,MAAM,YAAY,GAAG,GAAG,CAAC,QAAQ,KAAK,YAAY,CAAC;IACnD,MAAM,aAAa,GAAG,GAAG,CAAC,qBAAqB,EAAE,IAAI,EAAE,IAAI,IAAI,CAAC;IAChE,MAAM,UAAU,GAAG,aAAa,IAAI,aAAa,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC;IACtF,MAAM,UAAU,GAAG,eAAe,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;IAC9D,OAAO;QACL,IAAI;QACJ,IAAI;QACJ,aAAa;QACb,KAAK,EAAE,YAAY,CAAC,GAAG,CAAC;QACxB,SAAS;QACT,aAAa,EAAE,aAAa,CAAC,GAAG,EAAE,0BAA0B,EAAE,yCAAyC,CAAC;QACxG,YAAY,EAAE,iBAAiB,GAAG,IAAI;QACtC,YAAY,EAAE,GAAG,CAAC,uBAAuB,KAAK,MAAM,IAAI,CAAC,YAAY,IAAI,GAAG,CAAC,uBAAuB,KAAK,OAAO,CAAC;QACjH,cAAc,EAAE,YAAY,CAAC,GAAG,CAAC,yBAAyB,EAAE,IAAI,EAAE,IAAI,CAAC;QACvE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,qBAAqB,EAAE,IAAI,EAAE,IAAI,aAAa,CAAC;QAC5E,YAAY;QACZ,UAAU;QACV,UAAU;QACV,cAAc;QACd,kBAAkB;QAClB,mBAAmB;QACnB,kBAAkB;QAClB,gBAAgB;QAChB,mBAAmB;KACpB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,MAAyC,EAAE,MAA0B;IACnG,
|
|
1
|
+
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/server/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AA4B7B,SAAS,OAAO,CAAC,KAAyB,EAAE,QAAgB,EAAE,IAAY;IACxE,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;QAC/C,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IAC7B,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,MAAM,IAAI,CAAC,EAAE,CAAC;QAC7C,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,6BAA6B,CAAC,CAAC;IACxD,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,aAAa,CAAC,GAAc,EAAE,IAAY,EAAE,eAAwB;IAC3E,MAAM,KAAK,GAAG,GAAG,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC;IAChC,MAAM,MAAM,GAAG,KAAK,IAAI,CAAC,GAAG,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;IAChF,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,cAAc,CAAC,CAAC;IACzC,CAAC;IACD,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,iCAAiC,CAAC,CAAC;IAC5D,CAAC;IACD,IAAI,IAAI,KAAK,0BAA0B,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAC9D,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,iCAAiC,CAAC,CAAC;IAC5D,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,eAAe,CAAC,GAAuB;IAC9C,MAAM,KAAK,GAAG,GAAG,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAI,CAAC,KAAK,IAAI,KAAK,KAAK,OAAO,EAAE,CAAC;QAChC,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,KAAK,KAAK,MAAM,EAAE,CAAC;QACrB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,6FAA6F;IAC7F,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,YAAY,CAAC,GAAc;IAClC,OAAO,GAAG,CAAC,eAAe,EAAE,IAAI,EAAE,IAAI,GAAG,CAAC,KAAK,EAAE,IAAI,EAAE,IAAI,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,OAAO,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC;AAC1H,CAAC;AAED,SAAS,YAAY,CAAC,GAAuB,EAAE,IAAY,EAAE,IAAY;IACvE,MAAM,UAAU,GAAG,GAAG;QACpB,EAAE,KAAK,CAAC,GAAG,CAAC;SACX,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;SAC9B,MAAM,CAAC,OAAO,CAAC,CAAC;IACnB,IAAI,UAAU,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxC,OAAO,UAAU,CAAC;IACpB,CAAC;IACD,OAAO,CAAC,UAAU,IAAI,IAAI,IAAI,EAAE,EAAE,oBAAoB,IAAI,EAAE,EAAE,oBAAoB,IAAI,EAAE,CAAC,CAAC;AAC5F,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,QAAQ,GAAG,MAAM,EAAE,UAAqB,OAAO,CAAC,GAAG;IAChF,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC7B,OAAO,OAAO,CAAC;IACjB,CAAC;IACD,MAAM,MAAM,GAAc,EAAE,GAAG,OAAO,EAAE,CAAC;IACzC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAClD,KAAK,MAAM,OAAO,IAAI,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;QAC7C,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAClC,SAAS;QACX,CAAC;QACD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACpC,IAAI,SAAS,KAAK,CAAC,CAAC,EAAE,CAAC;YACrB,SAAS;QACX,CAAC;QACD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC;QAC5C,IAAI,CAAC,GAAG,IAAI,MAAM,CAAC,GAAG,CAAC,KAAK,SAAS,EAAE,CAAC;YACtC,SAAS;QACX,CAAC;QACD,MAAM,CAAC,GAAG,CAAC,GAAG,cAAc,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;IACjE,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,MAAiB,OAAO,CAAC,GAAG;IACrD,MAAM,IAAI,GAAG,GAAG,CAAC,cAAc,EAAE,IAAI,EAAE,IAAI,WAAW,CAAC;IACvD,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,EAAE,gBAAgB,CAAC,CAAC;IACjE,uEAAuE;IACvE,wEAAwE;IACxE,uEAAuE;IACvE,+CAA+C;IAC/C,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,GAAG,CAAC,wBAAwB,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;IACzG,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,IAAI,EAAE,IAAI,uBAAuB,CAAC,CAAC;IAC5F,MAAM,iBAAiB,GAAG,OAAO,CAAC,GAAG,CAAC,6BAA6B,EAAE,MAAM,EAAE,+BAA+B,CAAC,CAAC;IAC9G,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,0BAA0B,EAAE,IAAI,EAAE,4BAA4B,CAAC,CAAC;IACnG,MAAM,kBAAkB,GAAG,OAAO,CAAC,GAAG,CAAC,+BAA+B,EAAE,WAAW,EAAE,iCAAiC,CAAC,CAAC;IACxH,MAAM,mBAAmB,GAAG,OAAO,CAAC,GAAG,CAAC,gCAAgC,EAAE,aAAa,EAAE,kCAAkC,CAAC,CAAC;IAC7H,MAAM,kBAAkB,GAAG,OAAO,CAAC,GAAG,CAAC,+BAA+B,EAAE,IAAI,EAAE,iCAAiC,CAAC,CAAC;IACjH,MAAM,gBAAgB,GAAG,OAAO,CAAC,GAAG,CAAC,6BAA6B,EAAE,SAAS,EAAE,+BAA+B,CAAC,CAAC;IAChH,MAAM,mBAAmB,GAAG,OAAO,CAAC,GAAG,CAAC,gCAAgC,EAAE,UAAU,EAAE,kCAAkC,CAAC,CAAC;IAC1H,MAAM,YAAY,GAAG,GAAG,CAAC,QAAQ,KAAK,YAAY,CAAC;IACnD,MAAM,aAAa,GAAG,GAAG,CAAC,qBAAqB,EAAE,IAAI,EAAE,IAAI,IAAI,CAAC;IAChE,MAAM,UAAU,GAAG,aAAa,IAAI,aAAa,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC;IACtF,MAAM,UAAU,GAAG,eAAe,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;IAC9D,OAAO;QACL,IAAI;QACJ,IAAI;QACJ,aAAa;QACb,KAAK,EAAE,YAAY,CAAC,GAAG,CAAC;QACxB,SAAS;QACT,aAAa,EAAE,aAAa,CAAC,GAAG,EAAE,0BAA0B,EAAE,yCAAyC,CAAC;QACxG,YAAY,EAAE,iBAAiB,GAAG,IAAI;QACtC,YAAY,EAAE,GAAG,CAAC,uBAAuB,KAAK,MAAM,IAAI,CAAC,YAAY,IAAI,GAAG,CAAC,uBAAuB,KAAK,OAAO,CAAC;QACjH,cAAc,EAAE,YAAY,CAAC,GAAG,CAAC,yBAAyB,EAAE,IAAI,EAAE,IAAI,CAAC;QACvE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,qBAAqB,EAAE,IAAI,EAAE,IAAI,aAAa,CAAC;QAC5E,YAAY;QACZ,UAAU;QACV,UAAU;QACV,cAAc;QACd,kBAAkB;QAClB,mBAAmB;QACnB,kBAAkB;QAClB,gBAAgB;QAChB,mBAAmB;KACpB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,MAAyC,EAAE,MAA0B;IACnG,OAAO,OAAO,CAAC,MAAM,IAAI,MAAM,CAAC,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;AACnE,CAAC;AAED,SAAS,cAAc,CAAC,KAAa;IACnC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;QACrG,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IAC5B,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,cAAc,CAAC,KAAa;IACnC,IAAI,KAAK,KAAK,GAAG,EAAE,CAAC;QAClB,OAAO,EAAE,CAAC,OAAO,EAAE,CAAC;IACtB,CAAC;IACD,IAAI,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QAC3B,OAAO,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IACjD,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC"}
|
package/dist/server/http.js
CHANGED
|
@@ -18,6 +18,7 @@ import { registerAgentManagementRoutes } from './routes/agentManagementRoutes.js
|
|
|
18
18
|
import { registerNotificationAssetRoutes } from './routes/notificationAssetRoutes.js';
|
|
19
19
|
export async function buildApp(config, services) {
|
|
20
20
|
const app = Fastify({ logger: true, trustProxy: config.trustProxy });
|
|
21
|
+
const contentSecurityPolicy = buildContentSecurityPolicy(config);
|
|
21
22
|
await app.register(fastifyCookie, {
|
|
22
23
|
secret: config.sessionSecret
|
|
23
24
|
});
|
|
@@ -31,6 +32,9 @@ export async function buildApp(config, services) {
|
|
|
31
32
|
fields: 1
|
|
32
33
|
}
|
|
33
34
|
});
|
|
35
|
+
app.addHook('onRequest', async (_request, reply) => {
|
|
36
|
+
setSecurityHeaders(reply, contentSecurityPolicy);
|
|
37
|
+
});
|
|
34
38
|
await registerAuthRoutes(app, config, services);
|
|
35
39
|
await registerTotpRoutes(app, config, services);
|
|
36
40
|
await registerSecurityRoutes(app, config, services);
|
|
@@ -66,4 +70,46 @@ export async function buildApp(config, services) {
|
|
|
66
70
|
});
|
|
67
71
|
return app;
|
|
68
72
|
}
|
|
73
|
+
function setSecurityHeaders(reply, contentSecurityPolicy) {
|
|
74
|
+
reply.header('Content-Security-Policy', contentSecurityPolicy);
|
|
75
|
+
reply.header('X-Content-Type-Options', 'nosniff');
|
|
76
|
+
reply.header('X-Frame-Options', 'DENY');
|
|
77
|
+
reply.header('Referrer-Policy', 'no-referrer');
|
|
78
|
+
}
|
|
79
|
+
function buildContentSecurityPolicy(config) {
|
|
80
|
+
const websocketSources = websocketSourcesForOrigins(config.allowedOrigins);
|
|
81
|
+
return [
|
|
82
|
+
"default-src 'self'",
|
|
83
|
+
"base-uri 'self'",
|
|
84
|
+
"object-src 'none'",
|
|
85
|
+
"frame-ancestors 'none'",
|
|
86
|
+
"form-action 'self'",
|
|
87
|
+
"script-src 'self'",
|
|
88
|
+
"style-src 'self' 'unsafe-inline'",
|
|
89
|
+
"img-src 'self' data: blob:",
|
|
90
|
+
"media-src 'self' blob:",
|
|
91
|
+
"font-src 'self' data:",
|
|
92
|
+
`connect-src 'self'${websocketSources.length ? ` ${websocketSources.join(' ')}` : ''}`,
|
|
93
|
+
"frame-src 'self' blob:",
|
|
94
|
+
"worker-src 'self' blob:"
|
|
95
|
+
].join('; ');
|
|
96
|
+
}
|
|
97
|
+
function websocketSourcesForOrigins(origins) {
|
|
98
|
+
const sources = new Set();
|
|
99
|
+
for (const origin of origins) {
|
|
100
|
+
try {
|
|
101
|
+
const parsed = new URL(origin);
|
|
102
|
+
if (parsed.protocol === 'http:') {
|
|
103
|
+
sources.add(`ws://${parsed.host}`);
|
|
104
|
+
}
|
|
105
|
+
else if (parsed.protocol === 'https:') {
|
|
106
|
+
sources.add(`wss://${parsed.host}`);
|
|
107
|
+
}
|
|
108
|
+
}
|
|
109
|
+
catch {
|
|
110
|
+
// Ignore malformed values here; origin validation still rejects them at request time.
|
|
111
|
+
}
|
|
112
|
+
}
|
|
113
|
+
return [...sources];
|
|
114
|
+
}
|
|
69
115
|
//# sourceMappingURL=http.js.map
|
package/dist/server/http.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"http.js","sourceRoot":"","sources":["../../src/server/http.ts"],"names":[],"mappings":"AAAA,OAAO,aAAa,MAAM,iBAAiB,CAAC;AAC5C,OAAO,gBAAgB,MAAM,oBAAoB,CAAC;AAClD,OAAO,aAAa,MAAM,iBAAiB,CAAC;AAC5C,OAAO,gBAAgB,MAAM,oBAAoB,CAAC;AAClD,OAAO,
|
|
1
|
+
{"version":3,"file":"http.js","sourceRoot":"","sources":["../../src/server/http.ts"],"names":[],"mappings":"AAAA,OAAO,aAAa,MAAM,iBAAiB,CAAC;AAC5C,OAAO,gBAAgB,MAAM,oBAAoB,CAAC;AAClD,OAAO,aAAa,MAAM,iBAAiB,CAAC;AAC5C,OAAO,gBAAgB,MAAM,oBAAoB,CAAC;AAClD,OAAO,OAAoD,MAAM,SAAS,CAAC;AAC3E,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EAAE,kBAAkB,EAA0B,MAAM,wBAAwB,CAAC;AACpF,OAAO,EAAE,kBAAkB,EAA0B,MAAM,wBAAwB,CAAC;AACpF,OAAO,EAAE,4BAA4B,EAAoC,MAAM,kCAAkC,CAAC;AAClH,OAAO,EAAE,sBAAsB,EAA8B,MAAM,4BAA4B,CAAC;AAChG,OAAO,EAAE,yBAAyB,EAAE,MAAM,+BAA+B,CAAC;AAC1E,OAAO,EAAE,oBAAoB,EAA4B,MAAM,0BAA0B,CAAC;AAC1F,OAAO,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAC;AAC5D,OAAO,EAAE,sBAAsB,EAAE,MAAM,4BAA4B,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAChE,OAAO,EAAE,mBAAmB,EAA2B,MAAM,wBAAwB,CAAC;AACtF,OAAO,EAAE,6BAA6B,EAAqC,MAAM,mCAAmC,CAAC;AACrH,OAAO,EAAE,+BAA+B,EAAuC,MAAM,qCAAqC,CAAC;AAI3H,MAAM,CAAC,KAAK,UAAU,QAAQ,CAAC,MAAiB,EAAE,QAA0B;IAC1E,MAAM,GAAG,GAAG,OAAO,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC;IACrE,MAAM,qBAAqB,GAAG,0BAA0B,CAAC,MAAM,CAAC,CAAC;IACjE,MAAM,GAAG,CAAC,QAAQ,CAAC,aAAa,EAAE;QAChC,MAAM,EAAE,MAAM,CAAC,aAAa;KAC7B,CAAC,CAAC;IACH,MAAM,GAAG,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC;IACrC,MAAM,GAAG,CAAC,QAAQ,CAAC,gBAAgB,EAAE;QACnC,kBAAkB,EAAE,KAAK;QACzB,MAAM,EAAE;YACN,KAAK,EAAE,MAAM,CAAC,cAAc;YAC5B,QAAQ,EAAE,MAAM,CAAC,kBAAkB,GAAG,CAAC;YACvC,KAAK,EAAE,MAAM,CAAC,cAAc,GAAG,CAAC;YAChC,MAAM,EAAE,CAAC;SACV;KACF,CAAC,CAAC;IAEH,GAAG,CAAC,OAAO,CAAC,WAAW,EAAE,KAAK,EAAE,QAAQ,EAAE,KAAK,EAAE,EAAE;QACjD,kBAAkB,CAAC,KAAK,EAAE,qBAAqB,CAAC,CAAC;IACnD,CAAC,CAAC,CAAC;IAEH,MAAM,kBAAkB,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;IAChD,MAAM,kBAAkB,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;IAChD,MAAM,sBAAsB,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;IACpD,MAAM,oBAAoB,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;IAClD,MAAM,sBAAsB,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;IACpD,MAAM,4BAA4B,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;IAC1D,MAAM,oBAAoB,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;IAClD,MAAM,kBAAkB,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;IAChD,MAAM,+BAA+B,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;IAC7D,MAAM,yBAAyB,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;IACvD,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;QACtB,MAAM,mBAAmB,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;IACnD,CAAC;IACD,MAAM,6BAA6B,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;IAE3D,GAAG,CAAC,OAAO,CAAC,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;QACvD,MAAM,WAAW,GAAG,KAAK,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC;QACpD,IAAI,OAAO,WAAW,KAAK,QAAQ,IAAI,WAAW,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;YACzE,KAAK,CAAC,MAAM,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;QAC5C,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC,CAAC,CAAC;IAEH,MAAM,GAAG,CAAC,QAAQ,CAAC,aAAa,EAAE;QAChC,IAAI,EAAE,MAAM,CAAC,UAAU;QACvB,MAAM,EAAE,GAAG;KACZ,CAAC,CAAC;IAEH,GAAG,CAAC,kBAAkB,CAAC,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;QAC9C,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC;QAChE,IAAI,WAAW,KAAK,MAAM,IAAI,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YAC9D,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,CAAC;QACtD,CAAC;QACD,KAAK,CAAC,MAAM,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;QAC1C,OAAO,KAAK,CAAC,QAAQ,CAAC,YAAY,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC;IACvE,CAAC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,kBAAkB,CAAC,KAAmB,EAAE,qBAA6B;IAC5E,KAAK,CAAC,MAAM,CAAC,yBAAyB,EAAE,qBAAqB,CAAC,CAAC;IAC/D,KAAK,CAAC,MAAM,CAAC,wBAAwB,EAAE,SAAS,CAAC,CAAC;IAClD,KAAK,CAAC,MAAM,CAAC,iBAAiB,EAAE,MAAM,CAAC,CAAC;IACxC,KAAK,CAAC,MAAM,CAAC,iBAAiB,EAAE,aAAa,CAAC,CAAC;AACjD,CAAC;AAED,SAAS,0BAA0B,CAAC,MAAyC;IAC3E,MAAM,gBAAgB,GAAG,0BAA0B,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;IAC3E,OAAO;QACL,oBAAoB;QACpB,iBAAiB;QACjB,mBAAmB;QACnB,wBAAwB;QACxB,oBAAoB;QACpB,mBAAmB;QACnB,kCAAkC;QAClC,4BAA4B;QAC5B,wBAAwB;QACxB,uBAAuB;QACvB,qBAAqB,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE;QACtF,wBAAwB;QACxB,yBAAyB;KAC1B,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC;AAED,SAAS,0BAA0B,CAAC,OAAiB;IACnD,MAAM,OAAO,GAAG,IAAI,GAAG,EAAU,CAAC;IAClC,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC;YAC/B,IAAI,MAAM,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;gBAChC,OAAO,CAAC,GAAG,CAAC,QAAQ,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;YACrC,CAAC;iBAAM,IAAI,MAAM,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBACxC,OAAO,CAAC,GAAG,CAAC,SAAS,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;YACtC,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,sFAAsF;QACxF,CAAC;IACH,CAAC;IACD,OAAO,CAAC,GAAG,OAAO,CAAC,CAAC;AACtB,CAAC"}
|