Skip to content

Commit 804152e

Browse files
committed
chore: copilot nits
1 parent 6249228 commit 804152e

4 files changed

Lines changed: 18 additions & 4 deletions

File tree

frontend/src/components/layout/layout.tsx

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@ import { Outlet } from "react-router";
33
import { useCallback, useEffect, useState } from "react";
44
import { DomainWarning } from "../domain-warning/domain-warning";
55
import { QuickActions } from "../quick-actions/quick-actions";
6+
import { isTrustedDomain } from "@/lib/hooks/redirect-uri";
67

78
const BaseLayout = ({ children }: { children: React.ReactNode }) => {
89
const { ui } = useAppContext();
@@ -40,7 +41,18 @@ export const Layout = () => {
4041
setIgnoreDomainWarning(true);
4142
}, [setIgnoreDomainWarning]);
4243

43-
if (!ignoreDomainWarning && ui.warningsEnabled && currentUrl !== app.appUrl) {
44+
const isTrusted = (() => {
45+
try {
46+
const appUrlObj = new URL(app.appUrl);
47+
const currentUrlObj = new URL(currentUrl);
48+
49+
return isTrustedDomain(currentUrlObj, appUrlObj, "", false);
50+
} catch {
51+
return false;
52+
}
53+
})();
54+
55+
if (!ignoreDomainWarning && ui.warningsEnabled && !isTrusted) {
4456
return (
4557
<BaseLayout>
4658
<DomainWarning

frontend/src/lib/hooks/redirect-uri.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -88,7 +88,7 @@ const getEffectivePort = (url: URL): string => {
8888
return "80";
8989
};
9090

91-
const isTrustedDomain = (
91+
export const isTrustedDomain = (
9292
url: URL,
9393
appUrl: URL,
9494
cookieDomain: string,

internal/utils/app_utils.go

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,9 @@ import (
99
"github.com/weppos/publicsuffix-go/publicsuffix"
1010
)
1111

12-
// Get cookie domain parses a hostname and returns the upper domain (e.g. sub1.sub2.domain.com -> sub2.domain.com)
12+
// GetCookieDomain parses the app url and returns the domain value to use for cookies.
13+
// When auth for subdomains is enabled, it strips the leftmost label
14+
// (e.g. sub1.sub2.domain.com -> sub2.domain.com), otherwise it returns the full hostname.
1315
func GetCookieDomain(appUrl string, subdomainsEnabled bool) (string, error) {
1416
u, err := url.Parse(appUrl)
1517

internal/utils/app_utils_test.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -54,7 +54,7 @@ func TestGetRootDomain(t *testing.T) {
5454
// Domain managed by ICANN
5555
domain = "http://example.co.uk"
5656
_, err = utils.GetCookieDomain(domain, true)
57-
assert.Error(t, err, "domain in public suffix list, cannot set cookies")
57+
assert.ErrorContains(t, err, "domain in public suffix list, cannot set cookies")
5858

5959
// Domain without subdomain
6060
domain = "http://tinyauth.app"

0 commit comments

Comments
 (0)