Skip to content
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Add url validation
  • Loading branch information
Emyrk committed Mar 31, 2023
commit f1da2f14adc6d38b67f2d3e3fc03a9c510c508c3
1 change: 1 addition & 0 deletions coderd/database/dump.sql

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions coderd/database/migrations/000111_workspace_proxy.up.sql
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ CREATE TABLE workspace_proxies (
id uuid NOT NULL,
organization_id uuid NOT NULL,
name text NOT NULL,
display_name text NOT NULL,
icon text NOT NULL,
url text NOT NULL,
wildcard_url text NOT NULL,
Expand Down
1 change: 1 addition & 0 deletions coderd/database/models.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

29 changes: 20 additions & 9 deletions coderd/database/queries.sql.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

7 changes: 5 additions & 2 deletions coderd/database/queries/proxies.sql
Original file line number Diff line number Diff line change
Expand Up @@ -4,20 +4,23 @@ INSERT INTO
id,
organization_id,
name,
display_name,
icon,
url,
wildcard_url,
created_at,
updated_at
updated_at,
deleted
)
VALUES
($1, $2, $3, $4, $5, $6, $7, $8) RETURNING *;
($1, $2, $3, $4, $5, $6, $7, $8, $9, false) RETURNING *;

-- name: UpdateWorkspaceProxy :one
UPDATE
workspace_proxies
SET
name = @name,
display_name = @display_name,
url = @url,
wildcard_url = @wildcard_url,
icon = @icon,
Expand Down
1 change: 1 addition & 0 deletions codersdk/workspaceproxy.go
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ import (

type CreateWorkspaceProxyRequest struct {
Name string `json:"name"`
DisplayName string `json:"display_name"`
Icon string `json:"icon"`
URL string `json:"url"`
WildcardURL string `json:"wildcard_url"`
Expand Down
38 changes: 38 additions & 0 deletions enterprise/coderd/workspaceproxy.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@ import (
"database/sql"
"fmt"
"net/http"
"net/url"
"strings"

"golang.org/x/xerrors"

Expand Down Expand Up @@ -44,10 +46,27 @@ func (api *API) postWorkspaceProxyByOrganization(rw http.ResponseWriter, r *http
return
}

if err := validateProxyURL(req.URL, false); err != nil {
httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
Message: "URL is invalid.",
Detail: err.Error(),
})
return
}

if err := validateProxyURL(req.WildcardURL, true); err != nil {
httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
Message: "Wildcard URL is invalid.",
Detail: err.Error(),
})
return
}

proxy, err := api.Database.InsertWorkspaceProxy(ctx, database.InsertWorkspaceProxyParams{
ID: uuid.New(),
OrganizationID: org.ID,
Name: req.Name,
DisplayName: req.DisplayName,
Icon: req.Icon,
// TODO: validate URLs
Url: req.URL,
Expand All @@ -70,6 +89,25 @@ func (api *API) postWorkspaceProxyByOrganization(rw http.ResponseWriter, r *http
httpapi.Write(ctx, rw, http.StatusCreated, convertProxy(proxy))
}

func validateProxyURL(u string, wildcard bool) error {
p, err := url.Parse(u)
if err != nil {
return err
}
if p.Scheme != "http" && p.Scheme != "https" {
return xerrors.New("scheme must be http or https")
}
if !(p.Path == "/" || p.Path == "") {
return xerrors.New("path must be empty or /")
}
if wildcard {
if !strings.HasPrefix(p.Host, "*.") {
return xerrors.Errorf("wildcard URL must have a wildcard subdomain (e.g. *.example.com)")
}
}
return nil
}

// @Summary Get workspace proxies
// @ID get-workspace-proxies
// @Security CoderSessionToken
Expand Down