@@ -213,7 +213,7 @@ func Initialize(
213213 }
214214
215215 // Read allowed origins from environment variable
216- envOrigins := os .Getenv ("ALLOWED_ORIGINS " )
216+ envOrigins := os .Getenv ("PROXYSCOTCH_ALLOWED_ORIGINS " )
217217
218218 // If environment variable is set, use it; otherwise use the parameter or default
219219 if envOrigins != "" {
@@ -520,6 +520,17 @@ func proxyHandler(response http.ResponseWriter, request *http.Request) {
520520 return
521521 }
522522
523+ // Validate URL is not empty
524+ if len (strings .TrimSpace (requestData .Url )) == 0 {
525+ atomic .AddUint64 (& totalErrors , 1 )
526+ ErrorLogger .Printf ("Empty URL from %s" , clientIP )
527+ _ , writeErr := fmt .Fprintln (response , "{\" success\" : false, \" data\" :{\" message\" :\" (Proxy Error) URL cannot be empty\" }}" )
528+ if writeErr != nil {
529+ ErrorLogger .Printf ("Failed to write error response: %v" , writeErr )
530+ }
531+ return
532+ }
533+
523534 var proxyRequest http.Request
524535 proxyRequest .Header = make (http.Header )
525536 proxyRequest .Method = requestData .Method
@@ -534,6 +545,18 @@ func proxyHandler(response http.ResponseWriter, request *http.Request) {
534545 }
535546 return
536547 }
548+
549+ // Additional safety check for nil URL
550+ if parsedURL == nil {
551+ atomic .AddUint64 (& totalErrors , 1 )
552+ ErrorLogger .Printf ("Parsed URL is nil from %s" , clientIP )
553+ _ , writeErr := fmt .Fprintln (response , "{\" success\" : false, \" data\" :{\" message\" :\" (Proxy Error) Invalid URL: URL is nil\" }}" )
554+ if writeErr != nil {
555+ ErrorLogger .Printf ("Failed to write error response: %v" , writeErr )
556+ }
557+ return
558+ }
559+
537560 proxyRequest .URL = parsedURL
538561
539562 if ! isAllowedDest (proxyRequest .URL .Hostname ()) {
@@ -594,13 +617,13 @@ func proxyHandler(response http.ResponseWriter, request *http.Request) {
594617 for _ , val := range request .MultipartForm .File [fileKey ] {
595618 f , err := val .Open ()
596619 if err != nil {
597- ErrorLogger .Printf ("Failed to open file %s: %v" , sanitizeLogInput ( val .Filename ) , err )
620+ ErrorLogger .Printf ("Failed to open file %s: %v" , val .Filename , err )
598621 continue
599622 }
600623
601624 field , err := writer .CreatePart (val .Header )
602625 if err != nil {
603- ErrorLogger .Printf ("Failed to create part for file %s: %v" , sanitizeLogInput ( val .Filename ) , err )
626+ ErrorLogger .Printf ("Failed to create part for file %s: %v" , val .Filename , err )
604627 err = f .Close ()
605628 if err != nil {
606629 ErrorLogger .Printf ("Failed to close file: %v" , err )
@@ -610,12 +633,12 @@ func proxyHandler(response http.ResponseWriter, request *http.Request) {
610633
611634 _ , err = io .Copy (field , f )
612635 if err != nil {
613- ErrorLogger .Printf ("Failed to copy file %s: %v" , sanitizeLogInput ( val .Filename ) , err )
636+ ErrorLogger .Printf ("Failed to copy file %s: %v" , val .Filename , err )
614637 }
615638
616639 err = f .Close ()
617640 if err != nil {
618- ErrorLogger .Printf ("Failed to close file %s: %v" , sanitizeLogInput ( val .Filename ) , err )
641+ ErrorLogger .Printf ("Failed to close file %s: %v" , val .Filename , err )
619642 }
620643 }
621644 }
0 commit comments