v3: fixed authorization bug with stale tokens, fixed private dump access bug, various small fixes across the app
Some checks failed
Build and Publish Docker Image / build-and-push (push) Failing after 20s
Some checks failed
Build and Publish Docker Image / build-and-push (push) Failing after 20s
This commit is contained in:
@@ -1,3 +1,28 @@
|
||||
import { API_URL } from "../config/api.ts";
|
||||
|
||||
/**
|
||||
* Direct URL to a dump's uploaded file. The viewer's token is passed as a query
|
||||
* param — media elements (`<audio>`, `<img>`, …) can't send an `Authorization`
|
||||
* header — so the server can authorize access to private dumps. Same approach as
|
||||
* the WebSocket connection (`?token=`).
|
||||
*/
|
||||
export function dumpFileUrl(
|
||||
dump: { id: string; fileSize?: number },
|
||||
token?: string | null,
|
||||
): string {
|
||||
const auth = token ? `&token=${encodeURIComponent(token)}` : "";
|
||||
return `${API_URL}/api/files/${dump.id}?v=${dump.fileSize ?? 0}${auth}`;
|
||||
}
|
||||
|
||||
/** Thumbnail URL for a dump, with the viewer's token (see {@link dumpFileUrl}). */
|
||||
export function dumpThumbnailUrl(
|
||||
dump: { id: string },
|
||||
token?: string | null,
|
||||
): string {
|
||||
const auth = token ? `?token=${encodeURIComponent(token)}` : "";
|
||||
return `${API_URL}/api/thumbnails/${dump.id}${auth}`;
|
||||
}
|
||||
|
||||
export function normalizeUrl(input: string): string {
|
||||
const s = input.trim();
|
||||
if (!s || /^https?:\/\//i.test(s)) return s;
|
||||
|
||||
Reference in New Issue
Block a user