From 17ea97db786660adecc501d49efbfe21ca17ee38 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jordi=20Guti=C3=A9rrez=20Hermoso?= <jordigh@octave.org>
Date: Wed, 10 Apr 2024 14:23:43 -0400
Subject: [PATCH] requestUtils: add some logging to allowHost

I found it useful during my work to figure out what was going on in
this function and why some requests were being denied.
---
 app/server/lib/requestUtils.ts | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/app/server/lib/requestUtils.ts b/app/server/lib/requestUtils.ts
index 0b928f93..a20923f5 100644
--- a/app/server/lib/requestUtils.ts
+++ b/app/server/lib/requestUtils.ts
@@ -103,6 +103,12 @@ export function allowHost(req: IncomingMessage, allowedHost: string|URL) {
   const proto = getEndUserProtocol(req);
   const actualUrl = new URL(getOriginUrl(req));
   const allowedUrl = (typeof allowedHost === 'string') ? new URL(`${proto}://${allowedHost}`) : allowedHost;
+  log.rawDebug('allowHost: ', {
+    req: (new URL(req.url!, `http://${req.headers.host}`).href),
+    origin: req.headers.origin,
+    actualUrl: actualUrl.hostname,
+    allowedUrl: allowedUrl.hostname,
+  });
   if ((req as RequestWithOrg).isCustomHost) {
     // For a request to a custom domain, the full hostname must match.
     return actualUrl.hostname === allowedUrl.hostname;