File tree Expand file tree Collapse file tree 1 file changed +26
-0
lines changed
Expand file tree Collapse file tree 1 file changed +26
-0
lines changed Original file line number Diff line number Diff line change @@ -31,6 +31,7 @@ async function fetchClientMetadata(url: string): Promise<ClientMetadataDocument>
3131 const res = await secureFetchWithValidation ( url , {
3232 headers : { Accept : 'application/json' } ,
3333 timeout : 5000 ,
34+ maxResponseBytes : 256 * 1024 ,
3435 } )
3536
3637 if ( ! res . ok ) {
@@ -47,6 +48,31 @@ async function fetchClientMetadata(url: string): Promise<ClientMetadataDocument>
4748 throw new Error ( 'CIMD document must contain at least one redirect_uri' )
4849 }
4950
51+ for ( const uri of doc . redirect_uris ) {
52+ try {
53+ const parsed = new URL ( uri )
54+ if ( parsed . protocol !== 'https:' && parsed . protocol !== 'http:' ) {
55+ throw new Error ( `Invalid redirect_uri scheme: ${ parsed . protocol } ` )
56+ }
57+ } catch {
58+ throw new Error ( `Invalid redirect_uri: ${ uri } ` )
59+ }
60+ if ( uri . includes ( ',' ) ) {
61+ throw new Error ( `redirect_uri must not contain commas: ${ uri } ` )
62+ }
63+ }
64+
65+ if ( doc . logo_uri ) {
66+ try {
67+ const logoParsed = new URL ( doc . logo_uri )
68+ if ( logoParsed . protocol !== 'https:' ) {
69+ doc . logo_uri = undefined
70+ }
71+ } catch {
72+ doc . logo_uri = undefined
73+ }
74+ }
75+
5076 if ( ! doc . client_name || typeof doc . client_name !== 'string' ) {
5177 throw new Error ( 'CIMD document must contain a client_name' )
5278 }
You can’t perform that action at this time.
0 commit comments