add trusted-origins cli argument (#6319)

Author: alexthillen

src/node/cli.ts

@@ -79,6 +79,7 @@ export interface UserProvidedArgs extends UserProvidedCodeArgs {
   "bind-addr"?: string
   socket?: string
   "socket-mode"?: string
+  "trusted-origins"?: string[]
   version?: boolean
   "proxy-domain"?: string[]
   "reuse-window"?: boolean
@@ -208,6 +209,11 @@ export const options: Options<Required<UserProvidedArgs>> = {
 
   socket: { type: "string", path: true, description: "Path to a socket (bind-addr will be ignored)." },
   "socket-mode": { type: "string", description: "File mode of the socket." },
+  "trusted-origins": {
+    type: "string[]",
+    description:
+      "Disables authenticate origin check for trusted origin. Useful if not able to access reverse proxy configuration.",
+  },
   version: { type: "boolean", short: "v", description: "Display version information." },
   _: { type: "string[]" },
 

src/node/http.ts

@@ -355,6 +355,11 @@ export function authenticateOrigin(req: express.Request): void {
     throw new Error(`unable to parse malformed origin "${originRaw}"`)
   }
 
+  const trustedOrigins = req.args["trusted-origins"] || []
+  if (trustedOrigins.includes(origin) || trustedOrigins.includes("*")) {
+    return
+  }
+
   const host = getHost(req)
   if (typeof host === "undefined") {
     // A missing host likely means the reverse proxy has not been configured to

test/unit/node/http.test.ts

@@ -70,6 +70,7 @@ describe("http", () => {
               origin: test.origin,
               [key]: value,
             },
+            args: {},
           })
           if (typeof test.expected === "string") {
             expect(() => http.authenticateOrigin(req)).toThrow(test.expected)