Only serve HTML on specific index.html requests

Otherwise there is risk of an infinite loop through the iframe where the
fallback keeps loading the root HTML which itself has an iframe...
This commit is contained in:
Asher 2020-02-05 17:44:32 -06:00
parent 4cc181cedc
commit 205775ac97
No known key found for this signature in database
GPG key ID: D63C1EF81242354A
2 changed files with 8 additions and 0 deletions

View file

@ -3,6 +3,7 @@ import * as http from "http"
import * as React from "react"
import * as ReactDOMServer from "react-dom/server"
import App from "../../browser/app"
import { HttpCode, HttpError } from "../../common/http"
import { Options } from "../../common/util"
import { HttpProvider, HttpResponse, Route } from "../http"
@ -21,6 +22,9 @@ export class MainHttpProvider extends HttpProvider {
}
case "/": {
if (route.requestPath !== "/index.html") {
throw new HttpError("Not found", HttpCode.NotFound)
}
const options: Options = {
authed: !!this.authenticated(request),
basePath: this.base(route),

View file

@ -11,6 +11,7 @@ import {
VscodeOptions,
WorkbenchOptions,
} from "../../../lib/vscode/src/vs/server/ipc"
import { HttpCode, HttpError } from "../../common/http"
import { generateUuid } from "../../common/util"
import { HttpProvider, HttpProviderOptions, HttpResponse, Route } from "../http"
import { SettingsProvider } from "../settings"
@ -114,6 +115,9 @@ export class VscodeHttpProvider extends HttpProvider {
this.ensureAuthenticated(request)
switch (route.base) {
case "/":
if (route.requestPath !== "/index.html") {
throw new HttpError("Not found", HttpCode.NotFound)
}
try {
return await this.getRoot(request, route)
} catch (error) {