MCPcopy
hub / github.com/PatchMon/PatchMon / buildAllowedHosts

Function buildAllowedHosts

server-source-code/internal/middleware/cors.go:170–190  ·  view source on GitHub ↗

buildAllowedHosts extracts host[:port] from each origin URL. E.g. "http://patchmon-local:3000" -> "patchmon-local:3000". Also adds hostname without port when using default ports (80, 443) so nginx $host works. Nginx $host omits the port for default ports (e.g. "patchmon-local.local" for HTTPS).

(origins []string)

Source from the content-addressed store, hash-verified

168// Also adds hostname without port when using default ports (80, 443) so nginx $host works.
169// Nginx $host omits the port for default ports (e.g. "patchmon-local.local" for HTTPS).
170func buildAllowedHosts(origins []string) map[string]bool {
171 m := make(map[string]bool)
172 for _, o := range origins {
173 if o == "*" {
174 continue
175 }
176 u, err := url.Parse(o)
177 if err != nil || u.Host == "" {
178 continue
179 }
180 host := strings.ToLower(u.Host)
181 m[host] = true
182 hostname := strings.ToLower(u.Hostname())
183 port := u.Port()
184 // Nginx $host omits port for default ports. Add hostname for http:80 and https:443.
185 if port == "" || port == "80" || port == "443" {
186 m[hostname] = true
187 }
188 }
189 return m
190}
191
192// isLoopback returns true if the host (with or without port) is a loopback address.
193// This allows internal health checks and agent connections that bypass the proxy.

Callers 1

CORSFunction · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected