-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathproxy.ts
More file actions
37 lines (32 loc) · 1.07 KB
/
proxy.ts
File metadata and controls
37 lines (32 loc) · 1.07 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
import { NextResponse } from "next/server";
import type { NextRequest } from "next/server";
/**
* Automatically redirects requests from localhost to 127.0.0.1
* to ensure RFC 8252 compliance for OAuth loopback clients.
*
* RFC 8252 Section 7.3 requires loopback OAuth clients to use
* IP addresses (127.0.0.1) instead of hostnames (localhost) to
* prevent DNS rebinding attacks and ensure proper OAuth flow.
*
* @see https://datatracker.ietf.org/doc/html/rfc8252#section-7.3
*/
export function proxy(request: NextRequest) {
const hostname = request.headers.get("host") || "";
if (hostname.startsWith("localhost:")) {
const newHost = hostname.replace("localhost", "127.0.0.1");
const redirectUrl = new URL(request.url);
redirectUrl.hostname = "127.0.0.1";
redirectUrl.port = newHost.split(":")[1] || "3000";
return NextResponse.redirect(redirectUrl, {
status: 307,
});
}
return NextResponse.next();
}
/**
* Proxy configuration
* Runs on all routes to ensure consistent redirect behavior
*/
export const config = {
matcher: "/:path*",
};