status-im
/
react-native
mirror of https://github.com/status-im/react-native.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
react-native/local-cli/server/middleware
History
Rafael Oleza 8a21abcd6b Prevent cross origin requests to development server 
Summary:
This diff adds a middleware to the RN development server to prevent processing requests coming from a third-party website.

The way we choose to do it is to block any request that has an origin header and it's different than localhost. This will still allow simulators to work properly while blocking potential external websites to do malign CORS requests.

This is just a first quick measure to block a potential attack vector while we implement full authentication in the RN development server

Reviewed By: mjesun

Differential Revision: D9238674

fbshipit-source-id: b7bdc40dabc2f4d92f5ac84515f93b89efa4e833
 		2018-08-22 12:31:19 -07:00
..
MiddlewareManager.js Prevent cross origin requests to development server 2018-08-22 12:31:19 -07:00
copyToClipBoardMiddleware.js Prettier RN local-cli 2018-05-11 13:00:50 -07:00
getDevToolsMiddleware.js Code clean-ups and createServer migration 2018-07-02 09:47:39 -07:00
getSecurityHeadersMiddleware.js Prevent cross origin requests to development server 2018-08-22 12:31:19 -07:00
index.html Add index page for packager 2016-05-24 11:58:23 -07:00
indexPage.js Prettier RN local-cli 2018-05-11 13:00:50 -07:00
loadRawBodyMiddleware.js Prettier RN local-cli 2018-05-11 13:00:50 -07:00
openStackFrameInEditorMiddleware.js Replace projectRoots with projectRoot + watchRoots 2018-06-19 13:47:32 -07:00
statusPageMiddleware.js Prettier RN local-cli 2018-05-11 13:00:50 -07:00
systraceProfileMiddleware.js Prettier RN local-cli 2018-05-11 13:00:50 -07:00
unless.js Prettier RN local-cli 2018-05-11 13:00:50 -07:00