add port check

1 month ago · a999109a5c
parent bdd33c7d6b
commit a999109a5c
3 changed files with 3 additions and 3 deletions
--- a/app/jobs/send_test_webhook_request_job.rb
+++ b/app/jobs/send_test_webhook_request_job.rb
@ -26,7 +26,7 @@ class SendTestWebhookRequestJob
        Addressable::URI.parse(webhook_url.url).normalize
      end
-      raise HttpsError, 'Only HTTPS is allowed.' if uri.scheme != 'https'
+      raise HttpsError, 'Only HTTPS is allowed.' if uri.scheme != 'https' || uri.port != 443
      raise LocalhostError, "Can't send to localhost." if uri.host.in?(SendWebhookRequest::LOCALHOSTS)
    end
--- a/lib/download_utils.rb
+++ b/lib/download_utils.rb
@ -52,7 +52,7 @@ module DownloadUtils
  end
  def validate_uri!(uri)
-    raise UnableToDownload, "Error loading: #{uri}. Only HTTPS is allowed." if uri.scheme != 'https'
+    raise UnableToDownload, "Error loading: #{uri}. Only HTTPS is allowed." if uri.scheme != 'https' || uri.port != 443
    raise UnableToDownload, "Error loading: #{uri}. Can't download from localhost." if uri.host.in?(LOCALHOSTS)
  end
--- a/lib/send_webhook_request.rb
+++ b/lib/send_webhook_request.rb
@ -22,7 +22,7 @@ module SendWebhookRequest
    end
    if Docuseal.multitenant?
-      raise HttpsError, 'Only HTTPS is allowed.' if uri.scheme != 'https' &&
+      raise HttpsError, 'Only HTTPS is allowed.' if (uri.scheme != 'https' || uri.port != 443) &&
                                                    !AccountConfig.exists?(key: :allow_http,
                                                                           account_id: webhook_url.account_id)
      raise LocalhostError, "Can't send to localhost." if uri.host.in?(LOCALHOSTS)