dearsky/wifi-densepose
1
0
Fork 0
Code Issues 20 Pull Requests 5 Actions Packages Projects Releases 1 Wiki Activity

Security: Fix critical vulnerabilities (includes fr4iser90 PR #38 + fix) #42

Merged
ruvnet merged 7 commits from security/fix-critical-vulnerabilities into main 2026-03-01 10:44:00 +08:00
Conversation 0 Commits 7 Files Changed 10 +4 -4
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit e320bc95f0 - Show all commits

6
ui/config/api.config.js
View File

@@ -107,11 +107,11 @@ export function buildApiUrl(endpoint, params = {}) {
// Helper function to build WebSocket URLs // Helper function to build WebSocket URLs
export function buildWsUrl(endpoint, params = {}) { export function buildWsUrl(endpoint, params = {}) {
// Always use secure WebSocket (wss://) in production or when using HTTPS // Use secure WebSocket (wss://) when serving over HTTPS or on non-localhost
// Use ws:// only for localhost development // Use ws:// only for localhost development
const isLocalhost = window.location.hostname === 'localhost' || window.location.hostname === '127.0.0.1'; const isLocalhost = window.location.hostname === 'localhost' || window.location.hostname === '127.0.0.1';
const isProduction = window.location.protocol === 'https:' || process.env.NODE_ENV === 'production'; const isSecure = window.location.protocol === 'https:';
const protocol = (isProduction || !isLocalhost) const protocol = (isSecure || !isLocalhost)
? API_CONFIG.WSS_PREFIX ? API_CONFIG.WSS_PREFIX
: API_CONFIG.WS_PREFIX; : API_CONFIG.WS_PREFIX;