NeoAnd/evolution-api
1
0
Fork 0
mirror of https://github.com/EvolutionAPI/evolution-api.git synced 2025-12-23 21:57:45 -06:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix(websocket): improve host validation logic in WebsocketController

Browse Source
This commit is contained in:
Davidson Gomes
2025-12-05 11:02:06 -03:00
parent 26e7eefe51
commit de11e6f9ca
2 changed files with 6 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/api/integrations/event/websocket/websocket.controller.ts
View File

@@ -34,10 +34,12 @@ export class WebsocketController extends EventController implements EventControl
const websocketConfig = configService.get<Websocket>('WEBSOCKET');
const allowedHosts = websocketConfig.ALLOWED_HOSTS || '127.0.0.1,::1,::ffff:127.0.0.1';
const allowAllHosts = allowedHosts.trim() === '*';
const isAllowedHost = allowAllHosts || allowedHosts
.split(',')
.map((h) => h.trim())
.includes(remoteAddress);
const isAllowedHost =
allowAllHosts ||
allowedHosts
.split(',')
.map((h) => h.trim())
.includes(remoteAddress);
if (params.has('EIO') && isAllowedHost) {
return callback(null, true);