add simple refer check

2025-10-29 12:07:45 +08:00
parent f8ae43b926
commit eb2764e8e5
2 changed files with 21 additions and 1 deletions
--- a/src/app.ts
+++ b/src/app.ts
@@ -6,6 +6,23 @@ const app = express();
 // 中间件
 app.use(express.json());

+app.use((req, res, next) => {
+  const origin = req.headers.origin || '';
+  const referer = req.headers.referer || '';
+
+  // 判断是否来自 kintone 页面
+  const isFromKintone =
+    origin.includes('.kintone.com') ||
+    origin.includes('.cybozu.com') ||
+    referer.includes('.kintone.com') ||
+    referer.includes('.cybozu.com');
+
+  if (!isFromKintone) {
+    return res.status(403).json({ error: 'Forbidden: only allow kintone.proxy access' });
+  }
+  next();
+});
+
 // 设置路由
 setupLicenseRoutes(app);

--- a/src/routes/licenseRoutes.ts
+++ b/src/routes/licenseRoutes.ts
@@ -23,5 +23,8 @@ async function handleLicenseCheck(req: Request, res: Response): Promise<void> {
 }

 function handleHealthCheck(req: Request, res: Response): void {
-  res.json({ status: 'OK' });
+  res.json({
+    status: 'OK',
+    timestamp: new Date().toISOString(),
+  });
 }