c30d11d60b
* fix(security): harden BYO API header against SSRF and input abuse - Add lib/validateUrl.ts with HTTPS-only + public-IP enforcement, provider allowlist, IPv6 rejection, and userinfo-in-URL blocking. - Add lib/byoHeaders.ts — single source of truth for client-side BYO header construction (deduplicates app/page.tsx & app/play/page.tsx). - config.ts: validate BYO endpoints via isPublicUrl(), cap header at 2 KB, truncate apiKey/model strings, sanitize log output. - fetchWithRetry: default redirect to "manual" to block 302-to-intranet. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix(security): address Copilot review — trim endpoint, strip control chars, drop unused import - safeEndpoint: trim whitespace before URL validation - safeString: strip ASCII control characters to prevent header injection - play/page.tsx: remove unused BYO_STORAGE_KEY import Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
24 lines
590 B
TypeScript
24 lines
590 B
TypeScript
export const BYO_STORAGE_KEY = "infiplot:byoApi";
|
|
|
|
const MAX_HEADER_SIZE = 2048;
|
|
|
|
export function getByoHeaders(): Record<string, string> {
|
|
if (typeof window === "undefined") return {};
|
|
try {
|
|
const raw = localStorage.getItem(BYO_STORAGE_KEY);
|
|
if (raw && raw.length <= MAX_HEADER_SIZE) {
|
|
const parsed = JSON.parse(raw);
|
|
if (parsed.llm?.enabled || parsed.painter?.enabled) {
|
|
return { "x-byo-api": raw };
|
|
}
|
|
}
|
|
} catch {
|
|
/* ignore */
|
|
}
|
|
return {};
|
|
}
|
|
|
|
export function isByoActive(): boolean {
|
|
return Object.keys(getByoHeaders()).length > 0;
|
|
}
|