mikkel/nexus
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nexus/server/src/middleware
History
Matt Van Horn d0e01d2863
fix(server): include x-forwarded-host in board mutation origin check 
Behind a reverse proxy with a custom port (e.g. Caddy on :3443), the
browser sends an Origin header that includes the port, but the board
mutation guard only read the Host header which often omits the port.
This caused a 403 "Board mutation requires trusted browser origin"
for self-hosted deployments behind reverse proxies.

Read x-forwarded-host (first value, comma-split) with the same pattern
already used in private-hostname-guard.ts and routes/access.ts.

Fixes #1734
2026-03-25 00:06:43 -07:00
..
auth.ts Add browser-based board CLI auth flow 2026-03-23 08:46:05 -05:00
board-mutation-guard.ts fix(server): include x-forwarded-host in board mutation origin check 2026-03-25 00:06:43 -07:00
error-handler.ts fix(server): attach raw Error to res.err and avoid pino err key collision 2026-03-07 15:19:03 -06:00
index.ts Add API server with routes, services, and middleware 2026-02-16 13:31:58 -06:00
logger.ts fix(server): keep pretty logger metadata on one line 2026-03-10 16:42:36 -05:00
private-hostname-guard.ts refactor: rename packages to @paperclipai and CLI binary to paperclipai 2026-03-03 08:45:26 -06:00
validate.ts Add API server with routes, services, and middleware 2026-02-16 13:31:58 -06:00