safe redirect middleware for koa 2.x
npm install koa-safe-redirect --save
// ./config/default.js
module.exports = {
urlWhiteList: [
/**
* allow the hostname end with 'github.com'
* like 'https://github.com/**'
*/
/github\.com$/
]
}
const Koa = require('koa');
const safeRedirect = require('koa-safe-redirect')('urlWhiteList');
const app = new Koa();
app
.use(safeRedirect)
.use(async function (ctx, next) {
// will get 403
ctx.redirect('https://www.test.com');
return await next();
});
Safe redirect get white list from ./config/{NODE_ENV}.js,same strategy with node-config
If config whitelist is empty or not an array,safe redirect will do nothing
module.exports = {
urlWhiteList: [
/**
* allow the hostname end with 'github.com'
* like 'https://xxx.github.com/**'
*/
/github\.com$/
]
}
module.exports = {
urlWhiteList: [
/**
* only allow the hostname equal 'github.com'
* like 'https://github.com/**'
*/
'github.com'
]
}
Default config name is 'whiteList'
// 1. config
module.exports = {
'whiteList': [
...
]
}
// 2. init middleware
const safeRedirect = require('koa-safe-redirect')();
// 1. config
module.exports = {
'xxx': [
...
]
}
// 2. init middleware
const safeRedirect = require('koa-safe-redirect')('xxx');