Conversation
Prod release - Security issues - Community App PHASE 2
PROD RELEASE - Features in CA related to deprecating Submission Review UI app
PROD RELEASE - Topgear - Submission URL validation
PROD - Topgear challenges - Submissions Guidelines Text needs to be updated in submit page
PROD - Topgear challenges - Submissions urls
[PROD RELEASE] - Bug fixes
…ission-urls HOTFIX PM-967 tg submission urls
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
| INNOVATION_CHALLENGES_TAG: 'Innovation Challenge', | ||
| PLATFORM_SITE_URL: 'https://platform.topcoder-dev.com', | ||
| TOPGEAR_ALLOWED_SUBMISSIONS_DOMAINS: ['wipro365.sharepoint.com', 'wipro365-my.sharepoint.com', 'wipro365-my.sharepoint.com.mcas.ms'], | ||
| TOPGEAR_ALLOWED_SUBMISSIONS_DOMAINS: 'wipro365.sharepoint.com|wipro365-my.sharepoint.com|wipro365-my.sharepoint.com.mcas.ms', |
There was a problem hiding this comment.
The change from an array to a string for TOPGEAR_ALLOWED_SUBMISSIONS_DOMAINS may affect how this configuration is used in the application. If the application logic expects an array, this change could lead to errors. Consider verifying that the application can handle a string with domains separated by | or update the logic accordingly.
|
|
||
| isDomainAllowed(url) { | ||
| const domainReg = new RegExp(`^https?://(${config.TOPGEAR_ALLOWED_SUBMISSIONS_DOMAINS.join('|')})/.+`); | ||
| const domainReg = new RegExp(`^https?://(${config.TOPGEAR_ALLOWED_SUBMISSIONS_DOMAINS})/.+`); |
There was a problem hiding this comment.
The change from join('|') to directly using config.TOPGEAR_ALLOWED_SUBMISSIONS_DOMAINS might cause issues if TOPGEAR_ALLOWED_SUBMISSIONS_DOMAINS is an array. If it is intended to be a single string, ensure that it is formatted correctly as a regex pattern. Otherwise, if it is an array, the previous implementation using join('|') is necessary to construct a valid regex pattern that matches any of the allowed domains.
3 participants
No description provided.