Add detect_base_url config

This diff adds the detect_base_url config, controlled by the
DETECT_BASE_URL env variable. When set to true, the BASE_URL setting is
ignored, and the base_url is derived from the request protocol and host
header.

Test Plan: Started up a local instance in my homelab, running docker
node:15 image with a nginx reverse proxy. Configured nginx to use the
same backend with multiple hostnames on https. Opened in browser and
confirmed og:url meta tag uses correct url.
This commit is contained in:
Cullen Walsh 2021-05-05 21:15:02 -07:00
parent 385ac595b9
commit 02e8cb264f
3 changed files with 29 additions and 8 deletions

View file

@ -130,6 +130,11 @@ const conf = convict({
default: 'https://send.firefox.com', default: 'https://send.firefox.com',
env: 'BASE_URL' env: 'BASE_URL'
}, },
detect_base_url: {
format: Boolean,
default: false,
env: 'DETECT_BASE_URL'
},
file_dir: { file_dir: {
format: 'String', format: 'String',
default: `${tmpdir()}${path.sep}send-${randomBytes(4).toString('hex')}`, default: `${tmpdir()}${path.sep}send-${randomBytes(4).toString('hex')}`,
@ -206,4 +211,18 @@ const conf = convict({
conf.validate({ allowed: 'strict' }); conf.validate({ allowed: 'strict' });
const props = conf.getProperties(); const props = conf.getProperties();
module.exports = props;
const deriveBaseUrl = (req) => {
if (props.detect_base_url) {
const protocol = req.secure ? 'https://' : 'http://';
return `${protocol}${req.headers.host}`;
} else {
return props.base_url;
}
};
module.exports = {
...props,
deriveBaseUrl,
};

View file

@ -36,9 +36,14 @@ module.exports = function(app) {
defaultSrc: ["'self'"], defaultSrc: ["'self'"],
connectSrc: [ connectSrc: [
"'self'", "'self'",
config.base_url.replace(/^https:\/\//, 'wss://') function(req) {
const baseUrl = config.deriveBaseUrl(req);
const r = baseUrl.replace(/^http(s?):\/\//, 'ws$1://');
console.log([baseUrl, r]);
return r;
}
], ],
imgSrc: ["'self'", "data:"], imgSrc: ["'self'", 'data:'],
scriptSrc: [ scriptSrc: [
"'self'", "'self'",
function(req) { function(req) {
@ -52,10 +57,6 @@ module.exports = function(app) {
} }
}; };
csp.directives.connectSrc.push(
config.base_url.replace(/^https:\/\//, 'wss://')
);
app.use(helmet.contentSecurityPolicy(csp)); app.use(helmet.contentSecurityPolicy(csp));
} }

View file

@ -23,6 +23,7 @@ module.exports = async function(req) {
if (config.survey_url) { if (config.survey_url) {
prefs.surveyUrl = config.survey_url; prefs.surveyUrl = config.survey_url;
} }
const baseUrl = config.deriveBaseUrl(req);
return { return {
archive: { archive: {
numFiles: 0 numFiles: 0
@ -33,7 +34,7 @@ module.exports = async function(req) {
title: 'Send', title: 'Send',
description: description:
'Encrypt and send files with a link that automatically expires to ensure your important documents dont stay online forever.', 'Encrypt and send files with a link that automatically expires to ensure your important documents dont stay online forever.',
baseUrl: config.base_url, baseUrl,
ui: {}, ui: {},
storage: { storage: {
files: [] files: []