Skip to content

Commit

Permalink
[feature] Remove unused allowPrivateIPAddressForSignedRequests; bug 6…
Browse files Browse the repository at this point in the history 
…3590
  • Loading branch information
@konovalovsergey
konovalovsergey committed Apr 22, 2024
1 parent e07e14f commit f33cc2f
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 5 deletions.
3 changes: 1 addition & 2 deletions Common/config/default.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -170,8 +170,7 @@
"assemblyFormatAsOrigin": true,
"newFileTemplate" : "../../document-templates/new",
"downloadFileAllowExt": ["pdf", "xlsx"],
"tokenRequiredParams": true,
"allowPrivateIPAddressForSignedRequests": true
"tokenRequiredParams": true
},
"requestDefaults": {
"headers": {
Expand Down
4 changes: 1 addition & 3 deletions Common/sources/utils.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,6 @@ const cfgPasswordEncrypt = config.get('openpgpjs.encrypt');
const cfgPasswordDecrypt = config.get('openpgpjs.decrypt');
const cfgPasswordConfig = config.get('openpgpjs.config');
const cfgRequesFilteringAgent = config.get('services.CoAuthoring.request-filtering-agent');
const cfgAllowPrivateIPAddressForSignedRequests = config.get('services.CoAuthoring.server.allowPrivateIPAddressForSignedRequests');
const cfgStorageExternalHost = config.get('storage.externalHost');
const cfgExternalRequestDirectIfIn = config.get('externalRequest.directIfIn');
const cfgExternalRequestAction = config.get('externalRequest.action');
Expand Down Expand Up @@ -272,15 +271,14 @@ function isRedirectResponse(response) {
function isAllowDirectRequest(ctx, uri, isInJwtToken) {
let res = false;
const tenExternalRequestDirectIfIn = ctx.getCfg('externalRequest.directIfIn', cfgExternalRequestDirectIfIn);
const tenAllowPrivateIPAddressForSignedRequests = ctx.getCfg('services.CoAuthoring.server.allowPrivateIPAddressForSignedRequests', cfgAllowPrivateIPAddressForSignedRequests);
let allowList = tenExternalRequestDirectIfIn.allowList;
if (allowList.length > 0) {
let allowIndex = allowList.findIndex((allowPrefix) => {
return uri.startsWith(allowPrefix);
}, uri);
res = -1 !== allowIndex;
ctx.logger.debug("isAllowDirectRequest check allow list res=%s", res);
} else if (tenExternalRequestDirectIfIn.jwtToken && tenAllowPrivateIPAddressForSignedRequests) {
} else if (tenExternalRequestDirectIfIn.jwtToken) {
res = isInJwtToken;
ctx.logger.debug("isAllowDirectRequest url in jwt token res=%s", res);
}
Expand Down

0 comments on commit f33cc2f

Please sign in to comment.