mirror of
https://github.com/Vendicated/Vencord.git
synced 2024-09-20 06:30:35 +00:00
added url validation
This commit is contained in:
parent
2ac335c3f4
commit
7c71d9f52d
2 changed files with 9 additions and 13 deletions
|
@ -12,6 +12,7 @@ import { RestAPI } from "@webpack/common";
|
|||
|
||||
const Native = VencordNative.pluginHelpers.WebhookManager as PluginNative<typeof import("./native")>;
|
||||
const WMLogger = new Logger("WebhookManager");
|
||||
|
||||
export default definePlugin({
|
||||
name: "WebhookManager",
|
||||
description: "Manage your webhooks easily; delete, send messages, get detailed info and more.",
|
||||
|
@ -163,12 +164,10 @@ export default definePlugin({
|
|||
avatar_url: webhookProfilePic,
|
||||
tts: findOption(option, "tts"),
|
||||
});
|
||||
|
||||
}
|
||||
sendBotMessage(ctx.channel.id, {
|
||||
content: "Message sent successfully."
|
||||
content: "Your message to the webhook has been executed."
|
||||
});
|
||||
|
||||
}
|
||||
}
|
||||
]
|
||||
|
|
|
@ -4,19 +4,16 @@
|
|||
* SPDX-License-Identifier: GPL-3.0-or-later
|
||||
*/
|
||||
|
||||
/*
|
||||
todo: also add web support (should be as easy as if navigator is on web or smthn like that, might even have a variable for that somewhere)
|
||||
(thank you official vendicated vending machine 2024 real)
|
||||
const iframe = document.createElement("iframe")
|
||||
iframe.sandbox = "allow-scripts"
|
||||
iframe.srcdoc = `<script nonce="NDEsMjksMTM0LDU4LDIzNyw4OSw0NiwyMTY="> fetch("http://localhost:8080") </script>`
|
||||
document.body.append(iframe);
|
||||
setTimeout(() => iframe.remove(), 1000);
|
||||
*/
|
||||
import https from "https";
|
||||
|
||||
|
||||
export function executeWebhook(_, url: string, body: object) {
|
||||
const { hostname, pathname } = new URL(url);
|
||||
|
||||
if (!["discord.com", "ptb.discord.com", "canary.discord.com"].includes(hostname) || !pathname.startsWith("/api/webhooks/")) {
|
||||
|
||||
throw new Error("This URL is not a valid webhook.");
|
||||
}
|
||||
|
||||
const req = https.request(url,
|
||||
{
|
||||
method: "POST",
|
||||
|
|
Loading…
Reference in a new issue