pangolin_mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-03-09 04:06:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2603 from Fizza-Mukhtar/fix/prevent-dashboard-domain-conflict-2595

Browse Source 
fix: prevent resource from being created with dashboard's domain to avoid redirect loop
This commit is contained in:
Owen Schwartz
2026-03-07 21:15:53 -08:00
committed by GitHub
parent d4b830b9bb 4cfcc64481
commit 91b7ceb2cf
3 changed files with 29 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
server/routers/resource/createResource.ts
View File

@@ -223,6 +223,20 @@ async function createHttpResource(
); );
} }
// Prevent creating resource with same domain as dashboard
const dashboardUrl = config.getRawConfig().app.dashboard_url;
if (dashboardUrl) {
const dashboardHost = new URL(dashboardUrl).hostname;
if (fullDomain === dashboardHost) {
return next(
createHttpError(
HttpCode.CONFLICT,
"Resource domain cannot be the same as the dashboard domain"
)
);
}
}
if (build != "oss") { if (build != "oss") {
const existingLoginPages = await db const existingLoginPages = await db
.select() .select()

14
server/routers/resource/updateResource.ts
View File

@@ -353,6 +353,20 @@ async function updateHttpResource(
); );
} }
// Prevent updating resource with same domain as dashboard
const dashboardUrl = config.getRawConfig().app.dashboard_url;
if (dashboardUrl) {
const dashboardHost = new URL(dashboardUrl).hostname;
if (fullDomain === dashboardHost) {
return next(
createHttpError(
HttpCode.CONFLICT,
"Resource domain cannot be the same as the dashboard domain"
)
);
}
}
if (build != "oss") { if (build != "oss") {
const existingLoginPages = await db const existingLoginPages = await db
.select() .select()

2
src/app/[orgId]/settings/resources/proxy/create/page.tsx
View File

@@ -559,7 +559,7 @@ export default function Page() {
toast({ toast({
variant: "destructive", variant: "destructive",
title: t("resourceErrorCreate"), title: t("resourceErrorCreate"),
description: t("resourceErrorCreateMessageDescription") description: formatAxiosError(e, t("resourceErrorCreateMessageDescription"))
}); });
} }