search

stackernews / stacker.news

Internet communities that pay you Bitcoin
https://stacker.news
MIT License
423 stars 106 forks source link

Allow HTTP and HTTPS over Tor for LNbits #1176

Closed ekzyis closed 4 months ago

ekzyis commented 4 months ago

Description

This allows using http:// or https:// if .onion is used for LNbits

Hopefully closes #1166

Checklist

Are your changes backwards compatible? Please answer below:

Yes

Did you QA this? Could we deploy this straight to production? Please answer below:

Yes, QA'ed that validation works as expected

For frontend changes: Tested on mobile? Please answer below:

Did you introduce any new environment variables? If so, call them out explicitly here:

coderabbitai[bot] commented 4 months ago
Walkthrough ## Walkthrough The changes introduce a new regular expression `TOR_REGEXP` to handle `.onion` URLs with optional port numbers, and update the validation logic to allow HTTP and HTTPS over Tor while enforcing HTTPS over clearnet. This adjustment ensures proper validation of URLs based on the environment, particularly for attaching LNbits wallets over Tor. ## Changes | Files | Change Summary | |-------------------------|--------------------------------------------------------------------------------| | `lib/cln.js` | Replaced a regular expression test with a reference to `TOR_REGEXP` from `lib/url`. | | `lib/url.js` | Added a new regular expression `TOR_REGEXP` to match `.onion` URLs with an optional port number. | | `lib/validate.js` | Modified the `lnbitsSchema` function to adjust validation logic for the `url` field based on the environment. | ## Assessment against linked issues | Objective | Addressed | Explanation | |----------------------------------------------------|-----------|-------------| | Allow attaching LNbits wallet over Tor (#1166) | ✅ | |
Recent Review Details **Configuration used: CodeRabbit UI** **Review profile: CHILL**
Commits Files that changed from the base of the PR and between c83ff02a858ce0848c5a3367db0492b6cb78cdd2 and 6091340d322d0d6586f079e9e280010c88fd36eb.
Files selected for processing (3) * lib/cln.js (1 hunks) * lib/url.js (1 hunks) * lib/validate.js (2 hunks)
Additional comments not posted (12)
lib/url.js (8)
Line range hint `1-6`: LGTM! The `ensureProtocol` function correctly ensures a protocol is present in the URL. --- Line range hint `8-10`: LGTM! The `isExternal` function correctly checks if a URL is external. --- Line range hint `12-20`: LGTM! The `removeTracking` function correctly removes tracking parameters from URLs. --- Line range hint `22-41`: LGTM! The `parseInternalLinks` function correctly parses internal links. --- Line range hint `43-45`: LGTM! The `stripTrailingSlash` function correctly strips trailing slashes from URLs. --- Line range hint `47-66`: LGTM! The `parseNwcUrl` function correctly parses NWC URLs. --- Line range hint `68-95`: LGTM! The regular expressions for URL validation are correct and follow best practices. --- `97-97`: LGTM! The `TOR_REGEXP` correctly matches `.onion` URLs with an optional port number.
lib/cln.js (2)
Line range hint `5-19`: LGTM! The `createInvoice` function correctly handles `.onion` addresses and uses the `TOR_REGEXP` to determine if the address is an `.onion` address. --- Line range hint `35-105`: LGTM! The `decodeRune` function correctly decodes a rune.
lib/validate.js (2)
`13-13`: LGTM! The imports of `TOR_REGEXP` and `parseNwcUrl` are correct and necessary for the new validation logic. --- `604-624`: LGTM! The `lnbitsSchema` function's validation logic correctly handles `.onion` addresses and enforces HTTPS over clearnet.
--- Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?
Share - [X](https://twitter.com/intent/tweet?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A&url=https%3A//coderabbit.ai) - [Mastodon](https://mastodon.social/share?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A%20https%3A%2F%2Fcoderabbit.ai) - [Reddit](https://www.reddit.com/submit?title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&text=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code.%20Check%20it%20out%3A%20https%3A//coderabbit.ai) - [LinkedIn](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fcoderabbit.ai&mini=true&title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&summary=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code)
Tips ### Chat There are 3 ways to chat with [CodeRabbit](https://coderabbit.ai): - Review comments: Directly reply to a review comment made by CodeRabbit. Example: - `I pushed a fix in commit .` - `Generate unit testing code for this file.` - `Open a follow-up GitHub issue for this discussion.` - Files and specific lines of code (under the "Files changed" tab): Tag `@coderabbitai` in a new review comment at the desired location with your query. Examples: - `@coderabbitai generate unit testing code for this file.` - `@coderabbitai modularize this function.` - PR comments: Tag `@coderabbitai` in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples: - `@coderabbitai generate interesting stats about this repository and render them as a table.` - `@coderabbitai show all the console.log statements in this repository.` - `@coderabbitai read src/utils.ts and generate unit testing code.` - `@coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.` Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. ### CodeRabbit Commands (invoked as PR comments) - `@coderabbitai pause` to pause the reviews on a PR. - `@coderabbitai resume` to resume the paused reviews. - `@coderabbitai review` to trigger a review. This is useful when automatic reviews are disabled for the repository. - `@coderabbitai resolve` resolve all the CodeRabbit review comments. - `@coderabbitai help` to get help. Additionally, you can add `@coderabbitai ignore` anywhere in the PR description to prevent this PR from being reviewed. ### CodeRabbit Configration File (`.coderabbit.yaml`) - You can programmatically configure CodeRabbit by adding a `.coderabbit.yaml` file to the root of your repository. - Please see the [configuration documentation](https://docs.coderabbit.ai/guides/configure-coderabbit) for more information. - If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: `# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json` ### Documentation and Community - Visit our [Documentation](https://coderabbit.ai/docs) for detailed information on how to use CodeRabbit. - Join our [Discord Community](https://discord.com/invite/GsXnASn26c) to get help, request features, and share feedback. - Follow us on [X/Twitter](https://twitter.com/coderabbitai) for updates and announcements.