Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: validate bridge_url #232

Merged
merged 5 commits into from
Jan 19, 2024
Merged

feat: validate bridge_url #232

merged 5 commits into from
Jan 19, 2024

Conversation

0xPenryn
Copy link
Collaborator

Validates bridge_url in idkit-core, fails verification and throws error if:

  • not https
  • non-default port defined
  • has a path
  • has query parameters
  • has a fragment

Logs a non-blocking console warning if the bridge_url hostname does not end with worldcoin.org or toolsforhumanity.com -- to be removed once the restriction is lifted in World App.

Additionally, idkit-core now properly handles trailing slash. A bridge_url input as ...coin.org/ or ...coin.org will both function properly.

@0xPenryn
fix: normalize trailing slash
ecbd3af 
bridge_url param will now behave properly with or without trailing slash
@0xPenryn
feat: validate bridge_url
6fb08dd 
performs validation of bridge_url in idkit-core
@vercel Vercel
Copy link

vercel bot commented Jan 16, 2024
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
idkit-js-example ✅ Ready (Inspect) Visit Preview 💬 Add feedback Jan 19, 2024 0:01am

@0xPenryn 0xPenryn requested a review from pdtfh January 16, 2024 20:18
github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 16, 2024
View reviewed changes
packages/core/src/lib/validation.ts Fixed Show resolved Hide resolved
packages/core/src/lib/validation.ts Fixed Show fixed Hide fixed
m1guelpf
m1guelpf previously requested changes Jan 17, 2024
View reviewed changes
Copy link
Member

@m1guelpf m1guelpf left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we allow http://localhost:port? Maybe switch to a warning in this case

@0xPenryn
Copy link
Collaborator Author

@m1guelpf as localhost bridge would only work when running IDKit, Bridge, and Simulator all locally, I've add a validation bypass when using a staging app_id and localhost bridge_url

@0xPenryn @pdtfh
Update packages/core/src/lib/validation.ts
75fdacd 
Co-authored-by: pdtfh <149602456+pdtfh@users.noreply.github.com>
@pdtfh
Copy link
Contributor

pdtfh commented Jan 19, 2024

ok to merge from my side

@0xPenryn 0xPenryn dismissed m1guelpf’s stale review January 19, 2024 14:55

changes addressed, paolo approved

@0xPenryn 0xPenryn merged commit 24686c7 into main Jan 19, 2024
7 checks passed
@0xPenryn 0xPenryn deleted the bridge-validation branch January 19, 2024 14:55
@github-actions github-actions bot mentioned this pull request Jan 19, 2024
Merged
@github-actions github-actions bot mentioned this pull request Jan 26, 2024
Merged
@github-actions github-actions bot mentioned this pull request Mar 30, 2024
Closed
This was referenced Jul 9, 2024
Merged
Closed
Closed
Merged
Merged
Merged
@github-actions github-actions bot mentioned this pull request Jul 19, 2024
Merged
@github-actions github-actions bot mentioned this pull request Aug 9, 2024
Closed
@github-actions github-actions bot mentioned this pull request Aug 22, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pdtfh pdtfh pdtfh approved these changes

@m1guelpf m1guelpf m1guelpf left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@0xPenryn @pdtfh @m1guelpf