status-im
/
react-native
mirror of https://github.com/status-im/react-native.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
react-native/local-cli
History
Rafael Oleza 8a21abcd6b Prevent cross origin requests to development server 
Summary:
This diff adds a middleware to the RN development server to prevent processing requests coming from a third-party website.

The way we choose to do it is to block any request that has an origin header and it's different than localhost. This will still allow simulators to work properly while blocking potential external websites to do malign CORS requests.

This is just a first quick measure to block a potential attack vector while we implement full authentication in the RN development server

Reviewed By: mjesun

Differential Revision: D9238674

fbshipit-source-id: b7bdc40dabc2f4d92f5ac84515f93b89efa4e833
 		2018-08-22 12:31:19 -07:00
..
__mocks__ metro-memory-fs: enforce explicit cwd() 2018-05-25 08:04:34 -07:00
bundle Apply `--reset-cache` argument to `bundle` command (#20706) 2018-08-20 10:02:58 -07:00
core Do not override `metro.config.js` settings (#20705) 2018-08-18 05:31:41 -07:00
dependencies Use new config internally in Metro 2018-07-25 05:47:58 -07:00
eject Prettier RN local-cli 2018-05-11 13:00:50 -07:00
generator Ignore DevDependencies when generating template. (#20542) 2018-08-06 12:32:24 -07:00
info cli: upgrade envinfo for new features in `react-native info` 2018-05-29 17:30:16 -07:00
init Switch babel preset to metro-react-native-babel-preset (#20653) 2018-08-13 10:32:11 -07:00
install Prettier RN local-cli 2018-05-11 13:00:50 -07:00
library Prettier RN local-cli 2018-05-11 13:00:50 -07:00
link Bump Android Support Library to 27.1.1 (#20586) 2018-08-20 18:08:52 -07:00
logAndroid Prettier RN local-cli 2018-05-11 13:00:50 -07:00
logIOS Prettier RN local-cli 2018-05-11 13:00:50 -07:00
runAndroid Add missing "--terminal" argument to run-android (#20584) 2018-08-20 15:02:42 -07:00
runIOS Flow strictify possible files in RN core 2018-06-20 00:47:21 -07:00
server Prevent cross origin requests to development server 2018-08-22 12:31:19 -07:00
templates Bump Android Support Library to 27.1.1 (#20586) 2018-08-20 18:08:52 -07:00
upgrade Prettier RN local-cli 2018-05-11 13:00:50 -07:00
util Change react-native config loading to provide an override for the default config. 2018-08-02 05:31:48 -07:00
.npmignore npmignore: ignore tests and fixtures 2018-02-27 08:42:14 -08:00
cli.js Prettier RN local-cli 2018-05-11 13:00:50 -07:00
cliEntry.js Use new configuration in react-native public cli 2018-07-25 05:47:58 -07:00
commands.js BREAKING: metro: rename 'unbundle' to 'ram bundle' 2018-07-20 09:33:57 -07:00
setup_env.bat Update license headers for MIT license 2018-02-16 18:31:53 -08:00
setup_env.sh Update license headers for MIT license 2018-02-16 18:31:53 -08:00
wrong-react-native.js Prettier files with shebang 2018-05-11 13:52:30 -07:00