MCPcopy Index your code
hub / github.com/coder/code-server / isTrustedOrigin

Function isTrustedOrigin

src/node/http.ts:359–371  ·  view source on GitHub ↗
(origin: string, trustedOrigins: string[])

Source from the content-addressed store, hash-verified

357 * domain wildcards (same as --proxy-domain).
358 */
359export function isTrustedOrigin(origin: string, trustedOrigins: string[]): boolean {
360 return trustedOrigins.some((trusted) => {
361 if (trusted === "*" || trusted === origin) {
362 return true
363 }
364 // *.example.com style: match origin if it is the domain or a subdomain
365 if (trusted.startsWith("*.")) {
366 const domain = trusted.slice(2).toLowerCase()
367 return origin === domain || origin.endsWith("." + domain)
368 }
369 return false
370 })
371}
372
373/**
374 * Authenticate the request origin against the host. Throw if invalid.

Callers 1

authenticateOriginFunction · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected