Baptiste Arnaud
@@ -11,6 +11,7 @@ import {
|
||||
StartPreviewChatInput,
|
||||
} from '@typebot.io/schemas'
|
||||
import ky from 'ky'
|
||||
import { CorsError } from '@/utils/CorsError'
|
||||
|
||||
type Props = {
|
||||
// eslint-disable-next-line @typescript-eslint/no-explicit-any
|
||||
@@ -102,27 +103,40 @@ export async function startChatQuery({
|
||||
}
|
||||
|
||||
try {
|
||||
const data = await ky
|
||||
.post(
|
||||
`${
|
||||
isNotEmpty(apiHost) ? apiHost : guessApiHost()
|
||||
}/api/v1/typebots/${typebotId}/startChat`,
|
||||
{
|
||||
json: {
|
||||
isStreamEnabled: true,
|
||||
prefilledVariables,
|
||||
resultId,
|
||||
isOnlyRegistering: false,
|
||||
} satisfies Omit<
|
||||
StartChatInput,
|
||||
'publicId' | 'textBubbleContentFormat'
|
||||
>,
|
||||
timeout: false,
|
||||
}
|
||||
)
|
||||
.json<InitialChatReply>()
|
||||
const iframeReferrerOrigin =
|
||||
parent !== window ? new URL(document.referrer).origin : undefined
|
||||
const response = await ky.post(
|
||||
`${
|
||||
isNotEmpty(apiHost) ? apiHost : guessApiHost()
|
||||
}/api/v1/typebots/${typebotId}/startChat`,
|
||||
{
|
||||
headers: {
|
||||
'x-typebot-iframe-referrer-origin': iframeReferrerOrigin,
|
||||
},
|
||||
json: {
|
||||
isStreamEnabled: true,
|
||||
prefilledVariables,
|
||||
resultId,
|
||||
isOnlyRegistering: false,
|
||||
} satisfies Omit<
|
||||
StartChatInput,
|
||||
'publicId' | 'textBubbleContentFormat'
|
||||
>,
|
||||
timeout: false,
|
||||
}
|
||||
)
|
||||
|
||||
return { data }
|
||||
const corsAllowOrigin = response.headers.get('access-control-allow-origin')
|
||||
|
||||
if (
|
||||
iframeReferrerOrigin &&
|
||||
corsAllowOrigin &&
|
||||
corsAllowOrigin !== '*' &&
|
||||
!iframeReferrerOrigin.includes(corsAllowOrigin)
|
||||
)
|
||||
throw new CorsError(corsAllowOrigin)
|
||||
|
||||
return { data: await response.json<InitialChatReply>() }
|
||||
} catch (error) {
|
||||
return { error }
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user