admin/n8n-enterprise-unlocked
1
0
Fork 0
mirror of https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git synced 2025-12-19 11:01:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
f3ef0a713c1f63015b8aee55b1b9dd7bcea21f54
n8n-enterprise-unlocked/packages/cli/src/webhooks/webhook-request-sanitizer.ts
Iván Ovejero f3ef0a713c refactor(core): Lintfix cli package (#17125)
2025-07-08 19:32:02 +02:00

44 lines
1.2 KiB
TypeScript
Raw Blame History

import type { Request } from 'express';
import { AUTH_COOKIE_NAME } from '@/constants';
const BROWSER_ID_COOKIE_NAME = 'n8n-browserId';
const DISALLOWED_COOKIES = new Set([AUTH_COOKIE_NAME, BROWSER_ID_COOKIE_NAME]);
/**
* Removes a cookie with the given name from the request header
*/
const removeCookiesFromHeader = (req: Request) => {
const cookiesHeader = req.headers.cookie;
if (typeof cookiesHeader !== 'string') {
return;
}
const cookies = cookiesHeader.split(';').map((cookie) => cookie.trim());
const filteredCookies = cookies.filter((cookie) => {
const cookieName = cookie.split('=')[0];
return !DISALLOWED_COOKIES.has(cookieName);
});
if (filteredCookies.length !== cookies.length) {
req.headers.cookie = filteredCookies.join('; ');
}
};
/**
* Removes a cookie with the given name from the parsed cookies object
*/
const removeCookiesFromParsedCookies = (req: Request) => {
if (req.cookies !== null && typeof req.cookies === 'object') {
for (const cookieName of DISALLOWED_COOKIES) {
delete req.cookies[cookieName];
}
}
};
export const sanitizeWebhookRequest = (req: Request) => {
removeCookiesFromHeader(req);
removeCookiesFromParsedCookies(req);
};
Reference in New Issue View Git Blame Copy Permalink