FIX - Add check to public address of the application when checking if…

… the client is GitHub
Juansecu · Feb 25, 2024 · 1243425 · 1243425
1 parent ed25533
commit 1243425
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/src/middlewares/check-whether-client-is-github.middleware.ts b/src/middlewares/check-whether-client-is-github.middleware.ts
@@ -17,7 +17,10 @@ export function checkIfClientIsGitHub(
   if (process.env.NODE_ENV === 'production') {
     consoleLogger.info(`Client host: ${request.get('host')}`);
 
-    if (request.get('host') !== 'api.github.com') {
+    if (
+      request.get('host') !== 'api.github.com' &&
+      request.get(process.env.PUBLIC_HOST_ADDRESS!)
+    ) {
       consoleLogger.error('Client is not GitHub');
       response.status(403).send('Forbidden');
       return;