Skip to content

Commit

Permalink
Fix /register issue with ALLOWED_DOMAIN_URL env variable (#1694)
Browse files Browse the repository at this point in the history
  • Loading branch information
@krzysztofzuraw
krzysztofzuraw authored Jan 16, 2025
1 parent ba5a133 commit 0db174a
Show file tree
Hide file tree
Showing 16 changed files with 54 additions and 66 deletions.
11 changes: 11 additions & 0 deletions .changeset/angry-zebras-collect.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
---
"products-feed": patch
"klaviyo": patch
"segment": patch
"app-avatax": patch
"cms-v2": patch
"search": patch
"smtp": patch
---

Removed regex escape for `ALLOWED_DOMAINS_URL` env variable from register handler. It isn't user input and escaping regex was causing problem with apps installation.
1 change: 0 additions & 1 deletion apps/avatax/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,6 @@
"decimal.js-light": "2.5.1",
"dotenv": "16.3.1",
"dynamodb-toolbox": "1.8.2",
"escape-string-regexp": "5.0.0",
"graphql": "16.7.1",
"graphql-tag": "2.12.6",
"jotai": "^2.4.2",
Expand Down
4 changes: 2 additions & 2 deletions apps/avatax/src/pages/api/register.ts
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
import { createAppRegisterHandler } from "@saleor/app-sdk/handlers/next";
import { wrapWithLoggerContext } from "@saleor/apps-logger/node";
import { withOtel } from "@saleor/apps-otel";
import escapeStringRegexp from "escape-string-regexp";

import { env } from "@/env";
import { createLogger } from "@/logger";
Expand All @@ -28,7 +27,8 @@ export default wrapWithLoggerContext(
allowedSaleorUrls: [
(url) => {
if (allowedUrlsPattern) {
const regex = new RegExp(escapeStringRegexp(allowedUrlsPattern));
// we don't escape the pattern because it's not user input - it's an ENV variable controlled by us
const regex = new RegExp(allowedUrlsPattern);

return regex.test(url);
}
Expand Down
1 change: 0 additions & 1 deletion apps/cms-v2/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,6 @@
"@vitejs/plugin-react": "4.3.1",
"contentful-management": "10.46.4",
"dotenv": "16.3.1",
"escape-string-regexp": "5.0.0",
"graphql": "16.7.1",
"graphql-tag": "2.12.6",
"jsdom": "^20.0.3",
Expand Down
4 changes: 2 additions & 2 deletions apps/cms-v2/src/pages/api/register.ts
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
import { createAppRegisterHandler } from "@saleor/app-sdk/handlers/next";
import { wrapWithLoggerContext } from "@saleor/apps-logger/node";
import { withOtel } from "@saleor/apps-otel";
import escapeStringRegexp from "escape-string-regexp";

import { saleorApp } from "@/saleor-app";

Expand All @@ -18,7 +17,8 @@ const handler = createAppRegisterHandler({
allowedSaleorUrls: [
(url) => {
if (allowedUrlsPattern) {
const regex = new RegExp(escapeStringRegexp(allowedUrlsPattern));
// we don't escape the pattern because it's not user input - it's an ENV variable controlled by us
const regex = new RegExp(allowedUrlsPattern);

return regex.test(url);
}
Expand Down
1 change: 0 additions & 1 deletion apps/klaviyo/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,6 @@
"@sentry/nextjs": "../../node_modules/@sentry/nextjs",
"@urql/exchange-auth": "2.1.4",
"dotenv": "16.3.1",
"escape-string-regexp": "5.0.0",
"graphql": "16.7.1",
"graphql-tag": "2.12.6",
"next": "14.2.3",
Expand Down
4 changes: 2 additions & 2 deletions apps/klaviyo/src/pages/api/register.ts
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
import { createAppRegisterHandler } from "@saleor/app-sdk/handlers/next";
import { wrapWithLoggerContext } from "@saleor/apps-logger/node";
import { withOtel } from "@saleor/apps-otel";
import escapeStringRegexp from "escape-string-regexp";

import { saleorApp } from "../../../saleor-app";
import { loggerContext } from "../../logger-context";
Expand All @@ -17,7 +16,8 @@ const handler = createAppRegisterHandler({
allowedSaleorUrls: [
(url) => {
if (allowedUrlsPattern) {
const regex = new RegExp(escapeStringRegexp(allowedUrlsPattern));
// we don't escape the pattern because it's not user input - it's an ENV variable controlled by us
const regex = new RegExp(allowedUrlsPattern);

return regex.test(url);
}
Expand Down
1 change: 0 additions & 1 deletion apps/products-feed/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,6 @@
"@urql/exchange-auth": "2.1.4",
"@vitejs/plugin-react": "4.3.1",
"dotenv": "16.3.1",
"escape-string-regexp": "5.0.0",
"fast-xml-parser": "^4.0.15",
"graphql": "16.7.1",
"graphql-tag": "2.12.6",
Expand Down
4 changes: 2 additions & 2 deletions apps/products-feed/src/pages/api/register.ts
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
import { createAppRegisterHandler } from "@saleor/app-sdk/handlers/next";
import { wrapWithLoggerContext } from "@saleor/apps-logger/node";
import { withOtel } from "@saleor/apps-otel";
import escapeStringRegexp from "escape-string-regexp";

import { loggerContext } from "../../logger-context";
import { saleorApp } from "../../saleor-app";
Expand All @@ -19,7 +18,8 @@ export default wrapWithLoggerContext(
allowedSaleorUrls: [
(url) => {
if (allowedUrlsPattern) {
const regex = new RegExp(escapeStringRegexp(allowedUrlsPattern));
// we don't escape the pattern because it's not user input - it's an ENV variable controlled by us
const regex = new RegExp(allowedUrlsPattern);

return regex.test(url);
}
Expand Down
1 change: 0 additions & 1 deletion apps/search/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,6 @@
"clsx": "^1.2.1",
"debug": "^4.3.4",
"dotenv": "16.3.1",
"escape-string-regexp": "5.0.0",
"graphql": "16.7.1",
"graphql-tag": "2.12.6",
"next": "14.2.3",
Expand Down
4 changes: 2 additions & 2 deletions apps/search/src/pages/api/register.ts
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
import { createAppRegisterHandler } from "@saleor/app-sdk/handlers/next";
import { wrapWithLoggerContext } from "@saleor/apps-logger/node";
import { withOtel } from "@saleor/apps-otel";
import escapeStringRegexp from "escape-string-regexp";

import { saleorApp } from "../../../saleor-app";
import { loggerContext } from "../../lib/logger-context";
Expand All @@ -15,7 +14,8 @@ export default wrapWithLoggerContext(
allowedSaleorUrls: [
(url) => {
if (allowedUrlsPattern) {
const regex = new RegExp(escapeStringRegexp(allowedUrlsPattern));
// we don't escape the pattern because it's not user input - it's an ENV variable controlled by us
const regex = new RegExp(allowedUrlsPattern);

return regex.test(url);
}
Expand Down
1 change: 0 additions & 1 deletion apps/segment/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,6 @@
"@urql/exchange-auth": "2.1.4",
"@vitejs/plugin-react": "4.3.1",
"dotenv": "16.3.1",
"escape-string-regexp": "5.0.0",
"graphql": "16.7.1",
"graphql-tag": "2.12.6",
"modern-errors": "7.0.1",
Expand Down
4 changes: 2 additions & 2 deletions apps/segment/src/pages/api/register.ts
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
import { createAppRegisterHandler } from "@saleor/app-sdk/handlers/next";
import { wrapWithLoggerContext } from "@saleor/apps-logger/node";
import escapeStringRegexp from "escape-string-regexp";

import { env } from "@/env";
import { loggerContext } from "@/logger-context";
Expand All @@ -18,7 +17,8 @@ export default wrapWithLoggerContext(
allowedSaleorUrls: [
(url) => {
if (allowedUrlsPattern) {
const regex = new RegExp(escapeStringRegexp(allowedUrlsPattern));
// we don't escape the pattern because it's not user input - it's an ENV variable controlled by us
const regex = new RegExp(allowedUrlsPattern);

return regex.test(url);
}
Expand Down
1 change: 0 additions & 1 deletion apps/smtp/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,6 @@
"@urql/exchange-auth": "2.1.4",
"@vitejs/plugin-react": "4.3.1",
"dotenv": "16.3.1",
"escape-string-regexp": "5.0.0",
"graphql": "16.7.1",
"graphql-tag": "2.12.6",
"handlebars": "^4.7.7",
Expand Down
4 changes: 2 additions & 2 deletions apps/smtp/src/pages/api/register.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@ import { createAppRegisterHandler } from "@saleor/app-sdk/handlers/next";
import { wrapWithLoggerContext } from "@saleor/apps-logger/node";
import { withOtel } from "@saleor/apps-otel";
import { SaleorVersionCompatibilityValidator } from "@saleor/apps-shared";
import escapeStringRegexp from "escape-string-regexp";

import { createInstrumentedGraphqlClient } from "../../lib/create-instrumented-graphql-client";
import { createLogger } from "../../logger";
Expand All @@ -23,7 +22,8 @@ export default wrapWithLoggerContext(
allowedSaleorUrls: [
(url) => {
if (allowedUrlsPattern) {
const regex = new RegExp(escapeStringRegexp(allowedUrlsPattern));
// we don't escape the pattern because it's not user input - it's an ENV variable controlled by us
const regex = new RegExp(allowedUrlsPattern);

return regex.test(url);
}
Expand Down
Loading

0 comments on commit 0db174a

Please sign in to comment.