This repository has been archived on 2022-08-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
outline/shared/utils/domains.js
Tom Moor 092d9dce18 fix: Don't set cookie domain when not using multiple subdomains ()
* fix: Don't set cookie domain when not using multiple subdomains

* wip logging domain

* wip logging domain

* wip logging domain

* wip logging domain

* Revert "wip logging domain"

This reverts commit 325907e74962179e02cee0b1df364a3aedbe62e3.

* Revert "wip logging domain"

This reverts commit 6ee095a49e9c18999a20d5379234323d49d5e6c8.

* Revert "wip logging domain"

This reverts commit 813d8eb960cdf4dd6db4795739df3adf895600e2.

* Revert "wip logging domain"

This reverts commit f1ca81927626bbd0d46c1963510d115a003176d8.

* Remove SUBDOMAINS_ENABLED from documented env variables, no-one self hosting should need this – it just adds confusion to those looking to host on a single subdomain
fix: Account for server/client process.env parsing

Co-authored-by: Nan Yu <nanyu@Nans-MBP-2.lan>
Co-authored-by: Nan Yu <nan@getoutline.com>
2020-05-19 21:05:57 -07:00

126 lines
2.5 KiB
JavaScript

// @flow
import { trim } from 'lodash';
type Domain = {
tld: string,
subdomain: string,
domain: string,
};
// we originally used the parse-domain npm module however this includes
// a large list of possible TLD's which increase the size of the bundle
// unneccessarily for our usecase of trusted input.
export function parseDomain(url: string): ?Domain {
if (typeof url !== 'string') return null;
// strip extermeties and whitespace from input
const normalizedDomain = trim(url.replace(/(https?:)?\/\//, ''));
const parts = normalizedDomain.split('.');
// ensure the last part only includes something that looks like a TLD
function cleanTLD(tld = '') {
return tld.split(/[/:?]/)[0];
}
// simplistic subdomain parse, we don't need to take into account subdomains
// with "." characters as these are not valid in Outline
if (parts.length >= 3) {
return {
subdomain: parts[0],
domain: parts[1],
tld: cleanTLD(parts.slice(2).join('.')),
};
}
if (parts.length === 2) {
return {
subdomain: '',
domain: parts[0],
tld: cleanTLD(parts.slice(1).join('.')),
};
}
return null;
}
export function getCookieDomain(domain: string) {
// TODO: All the process.env parsing needs centralizing
return process.env.SUBDOMAINS_ENABLED === 'true' ||
process.env.SUBDOMAINS_ENABLED === true
? stripSubdomain(domain)
: domain;
}
export function stripSubdomain(hostname: string) {
const parsed = parseDomain(hostname);
if (!parsed) return hostname;
if (parsed.tld) return `${parsed.domain}.${parsed.tld}`;
return parsed.domain;
}
export function isCustomSubdomain(hostname: string) {
const parsed = parseDomain(hostname);
if (!parsed) return false;
if (!parsed.subdomain || parsed.subdomain === 'www') return false;
return true;
}
export const RESERVED_SUBDOMAINS = [
'about',
'account',
'admin',
'advertising',
'api',
'assets',
'archive',
'beta',
'billing',
'blog',
'cache',
'cdn',
'code',
'community',
'dashboard',
'developer',
'developers',
'forum',
'help',
'home',
'http',
'https',
'imap',
'localhost',
'mail',
'mobile',
'news',
'newsletter',
'ns1',
'ns2',
'ns3',
'ns4',
'password',
'profile',
'sandbox',
'script',
'scripts',
'setup',
'signin',
'signup',
'smtp',
'support',
'status',
'static',
'stats',
'test',
'update',
'updates',
'ws',
'wss',
'websockets',
'www',
'www1',
'www2',
'www3',
'www4',
];