diff --git a/globals/variables.go b/globals/variables.go index 8639a5ef..e9c909f4 100644 --- a/globals/variables.go +++ b/globals/variables.go @@ -1,10 +1,9 @@ package globals import ( + "github.com/gin-gonic/gin" "net/url" "strings" - - "github.com/gin-gonic/gin" ) const ChatMaxThread = 5 @@ -23,47 +22,30 @@ var AcceptImageStore bool var CloseRegistration bool var CloseRelay bool -var EpayBusinessId string -var EpayBusinessKey string -var EpayEndpoint string -var EpayEnabled bool -var EpayMethods []string - -var SoftAuthPass byte -var SoftDomain []byte -var SoftName []byte - func OriginIsAllowed(uri string) bool { - instance, err := url.Parse(uri) - if err != nil { - return false + if len(AllowedOrigins) == 0 { + // if allowed origins is empty, allow all origins + return true } - if instance.Scheme == "file" { - return true + instance, _ := url.Parse(uri) + if instance == nil { + return false } - if instance.Hostname() == "localhost" || strings.HasPrefix(instance.Hostname(), "localhost") || - instance.Hostname() == "127.0.0.1" || strings.HasPrefix(instance.Hostname(), "127.0.0.1") || - strings.HasPrefix(instance.Hostname(), "192.168.") || strings.HasPrefix(instance.Hostname(), "10.") { + if instance.Hostname() == "localhost" || instance.Scheme == "file" { return true } - // get top level domain (example: sub.chatnio.net -> chatnio.net, chatnio.net -> chatnio.net) - // if the domain is in the allowed origins, return true - - allow := string(SoftDomain) - - domain := instance.Hostname() - if strings.HasSuffix(domain, allow) { - return true + if strings.HasPrefix(instance.Host, "www.") { + instance.Host = instance.Host[4:] } - return false + return in(instance.Host, AllowedOrigins) } func OriginIsOpen(c *gin.Context) bool { - return strings.HasPrefix(c.Request.URL.Path, "/v1") || strings.HasPrefix(c.Request.URL.Path, "/dashboard") || strings.HasPrefix(c.Request.URL.Path, "/mj") + return strings.HasPrefix(c.Request.URL.Path, "/v1") || strings.HasPrefix(c.Request.URL.Path, "/dashboard") } const (