LogalDeveloper/owncast
0
Fork 0
Code Activity

Only allow SSLed urls for external actions. Closes https://github.com/owncast/owncast/issues/833

Browse Source
This commit is contained in:
Gabe Kangas
2021-03-17 21:26:27 -07:00
parent e1e388bb70
commit 2f27f516dc
1 changed files with 26 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
web/pages/actions.tsx
View File

@@ -43,8 +43,21 @@ function NewActionModal(props: Props) {
onOk(actionUrl, actionTitle, actionDescription, actionIcon, actionColor, openExternally); onOk(actionUrl, actionTitle, actionDescription, actionIcon, actionColor, openExternally);
} }
function canSave(): Boolean {
try {
const validationObject = new URL(actionUrl);
if (validationObject.protocol !== 'https:') {
return false;
}
} catch {
return false;
}
return isValidUrl(actionUrl) && actionTitle !== '';
}
const okButtonProps = { const okButtonProps = {
disabled: !isValidUrl(actionUrl) || actionTitle === '', disabled: !canSave(),
}; };
const onOpenExternallyChanged = checkbox => { const onOpenExternallyChanged = checkbox => {
@@ -60,6 +73,8 @@ function NewActionModal(props: Props) {
okButtonProps={okButtonProps} okButtonProps={okButtonProps}
> >
<div> <div>
Add the URL for the external action you want to present. <strong>Only HTTPS urls are supported.</strong>
<p><a href="https://owncast.online/docs">Read more about external actions.</a></p>
<p> <p>
<Input <Input
value={actionUrl} value={actionUrl}
@@ -99,6 +114,7 @@ function NewActionModal(props: Props) {
value={actionColor} value={actionColor}
onChange={input => setActionColor(input.currentTarget.value)} onChange={input => setActionColor(input.currentTarget.value)}
/> />
Optional background color of the action button.
</p> </p>
<Checkbox <Checkbox
@@ -169,7 +185,7 @@ export default function Actions() {
dataIndex: 'color', dataIndex: 'color',
key: 'color', key: 'color',
render: (color: string) => { render: (color: string) => {
return color ? (<div style={{backgroundColor: color, height: '30px'}}>{color}</div>) : null; return color ? <div style={{ backgroundColor: color, height: '30px' }}>{color}</div> : null;
}, },
}, },
{ {
@@ -205,7 +221,14 @@ export default function Actions() {
) { ) {
try { try {
let actionsData = [...actions]; let actionsData = [...actions];
const updatedActions = actionsData.concat({ url, title, description, icon, color, openExternally }); const updatedActions = actionsData.concat({
url,
title,
description,
icon,
color,
openExternally,
});
setActions(updatedActions); setActions(updatedActions);
await save(updatedActions); await save(updatedActions);
} catch (error) { } catch (error) {