From 1a2069a6d92f5bb5a03008966893ef3d4405c4b7 Mon Sep 17 00:00:00 2001
From: Fizza-Mukhtar <fizzamukhtar01@gmail.com>
Date: Thu, 5 Mar 2026 00:39:03 -0800
Subject: [PATCH] fix: prevent resource creation with dashboard domain to avoid
 redirect loop

---
 server/routers/resource/createResource.ts          | 14 ++++++++++++++
 server/routers/resource/updateResource.ts          | 14 ++++++++++++++
 .../settings/resources/proxy/create/page.tsx       |  2 +-
 3 files changed, 29 insertions(+), 1 deletion(-)

diff --git a/server/routers/resource/createResource.ts b/server/routers/resource/createResource.ts
index 6c88c5797..384bb8b53 100644
--- a/server/routers/resource/createResource.ts
+++ b/server/routers/resource/createResource.ts
@@ -223,6 +223,20 @@ async function createHttpResource(
         );
     }
 
+    // Prevent creating resource with same domain as dashboard
+    const dashboardUrl = process.env.DASHBOARD_URL;
+    if (dashboardUrl) {
+        const dashboardHost = new URL(dashboardUrl).hostname;
+        if (fullDomain === dashboardHost) {
+            return next(
+                createHttpError(
+                    HttpCode.CONFLICT,
+                    "Resource domain cannot be the same as the dashboard domain"
+                )
+            );
+        }
+    }
+
     if (build != "oss") {
         const existingLoginPages = await db
             .select()
diff --git a/server/routers/resource/updateResource.ts b/server/routers/resource/updateResource.ts
index 42e2849f6..becad5d2c 100644
--- a/server/routers/resource/updateResource.ts
+++ b/server/routers/resource/updateResource.ts
@@ -353,6 +353,20 @@ async function updateHttpResource(
                 );
             }
 
+            // Prevent updating resource with same domain as dashboard
+            const dashboardUrl = process.env.DASHBOARD_URL;
+            if (dashboardUrl) {
+                const dashboardHost = new URL(dashboardUrl).hostname;
+                if (fullDomain === dashboardHost) {
+                    return next(
+                        createHttpError(
+                            HttpCode.CONFLICT,
+                            "Resource domain cannot be the same as the dashboard domain"
+                        )
+                    );
+                }
+            }
+        
             if (build != "oss") {
                 const existingLoginPages = await db
                     .select()
diff --git a/src/app/[orgId]/settings/resources/proxy/create/page.tsx b/src/app/[orgId]/settings/resources/proxy/create/page.tsx
index ff51a311b..127917555 100644
--- a/src/app/[orgId]/settings/resources/proxy/create/page.tsx
+++ b/src/app/[orgId]/settings/resources/proxy/create/page.tsx
@@ -559,7 +559,7 @@ export default function Page() {
             toast({
                 variant: "destructive",
                 title: t("resourceErrorCreate"),
-                description: t("resourceErrorCreateMessageDescription")
+                description: formatAxiosError(e, t("resourceErrorCreateMessageDescription"))
             });
         }