diff --git a/package.json b/package.json index ad05d17a64..6c93576122 100644 --- a/package.json +++ b/package.json @@ -39,6 +39,7 @@ "@types/gulp-util": "3.0.30", "@types/inquirer": "0.0.32", "@types/is-root": "1.0.0", + "@types/is-url": "1.2.28", "@types/js-yaml": "3.5.29", "@types/mongodb": "2.1.36", "@types/ms": "0.7.29", @@ -95,6 +96,7 @@ "gulp-util": "3.0.8", "inquirer": "2.0.0", "is-root": "1.0.0", + "is-url": "1.2.2", "js-yaml": "3.7.0", "livescript": "1.5.0", "mime-types": "2.1.13", diff --git a/src/web/service/proxy/proxy.ts b/src/web/service/proxy/proxy.ts index 8a45f08530..48c9fa4a53 100644 --- a/src/web/service/proxy/proxy.ts +++ b/src/web/service/proxy/proxy.ts @@ -1,11 +1,12 @@ import * as URL from 'url'; import * as express from 'express'; import * as request from 'request'; +import * as isUrl from 'is-url'; module.exports = (req: express.Request, res: express.Response) => { const url = req.params.url; - if (!url) { + if (!url || !isUrl(url)) { return; }