KevinMidboe/zoff
1
0
Fork 0
mirror of https://github.com/KevinMidboe/zoff.git synced 2025-10-29 18:00:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Better colorthief handling

Browse Source 
- Moved colorthief handling to api, making it easier to controll where the requests comes from
This commit is contained in:
Kasper Rynning-Tønnesen
2018-04-03 16:40:34 +02:00
parent 02667f4348
commit 72f204825e
6 changed files with 46 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
server/routing/client/api.js
View File

@@ -1093,6 +1093,20 @@ function incrementToken(token) {
});
}
router.route('/api/color').post(function(req, res) {
var origin = req.get("origin").replace("https://", "").replace("http://", "");
var allowed = ["client.localhost", "localhost", "zoff.me", "client.zoff.me", "zoff.no", "client.zoff.no"];
if(allowed.indexOf(origin) < 0) {
res.sendStatus(403);
return;
}
if(!req.body.hasOwnProperty("id") || typeof(req.body.id) != "string") {
res.sendStatus(400);
return;
}
List.sendColor(false, undefined, req.body.id, true, res);
});
router.route('/api/imageblob').post(function(req, res) {
var Jimp = require("jimp");
var origin = req.get("origin").replace("https://", "").replace("http://", "");