mirror of
https://github.com/openai/codex.git
synced 2026-05-19 02:33:10 +00:00
c5e9c6f71f
## Summary - Adds a process-local, in-memory cookie store for ChatGPT HTTP clients. - Limits cookie storage and replay to a shared ChatGPT host allowlist. - Wires the shared store into the default Codex reqwest client and backend client. - Shares the ChatGPT host allowlist with remote-control URL validation to avoid drift. - Enables reqwest cookie support and updates lockfiles.
40 lines
1.1 KiB
Rust
40 lines
1.1 KiB
Rust
/// Returns whether `host` is one of the ChatGPT hosts Codex is allowed to treat
|
|
/// as first-party ChatGPT traffic.
|
|
pub fn is_allowed_chatgpt_host(host: &str) -> bool {
|
|
const EXACT_HOSTS: &[&str] = &["chatgpt.com", "chat.openai.com", "chatgpt-staging.com"];
|
|
const SUBDOMAIN_SUFFIXES: &[&str] = &[".chatgpt.com", ".chatgpt-staging.com"];
|
|
|
|
EXACT_HOSTS.contains(&host)
|
|
|| SUBDOMAIN_SUFFIXES
|
|
.iter()
|
|
.any(|suffix| host.ends_with(suffix))
|
|
}
|
|
|
|
#[cfg(test)]
|
|
mod tests {
|
|
use super::*;
|
|
|
|
#[test]
|
|
fn recognizes_chatgpt_hosts_without_suffix_tricks() {
|
|
for host in [
|
|
"chatgpt.com",
|
|
"foo.chatgpt.com",
|
|
"staging.chatgpt.com",
|
|
"chat.openai.com",
|
|
"chatgpt-staging.com",
|
|
"api.chatgpt-staging.com",
|
|
] {
|
|
assert!(is_allowed_chatgpt_host(host));
|
|
}
|
|
|
|
for host in [
|
|
"evilchatgpt.com",
|
|
"chatgpt.com.evil.example",
|
|
"api.openai.com",
|
|
"foo.chat.openai.com",
|
|
] {
|
|
assert!(!is_allowed_chatgpt_host(host));
|
|
}
|
|
}
|
|
}
|