17928243696
69%

Ran 22 Sep 2025 09:03PM UTC

Jobs 1

Files 164

Run time 1min

Badge

Embed ▾

Committed 22 Sep 2025 08:55PM UTC coverage: 67.886% (+0.06%) from 67.83%

Build # 17928243696

Build Type

push

github

Committed by

web-flow

Commit Message

fix(oauth2): switch to Origin header for request validation (#2174)

## Summary
Replace `Referer` header validation with `Origin` header in
`validateRequestOrigin` function. Referer was unintended at the
beginning. Using `Origin` header as it's automatically set by browsers
for cross-origin requests. This is a very basic attempt to prevent cross
domain malicious calls.

Key changes:
- Check `Origin` header instead of `Referer` header
- Allow empty `Origin` header (for backend/mobile app initiated
requests)
- Add comprehensive test coverage for new validation behavior

Run Details

7 of 7 new or added lines in 1 file covered. (100.0%)

12954 of 19082 relevant lines covered (67.89%)

65.59 hits per line

Jobs

ID	Job ID	Ran	Files	Coverage
1	17928243696.1	22 Sep 2025 09:03PM UTC	164	67.89	GitHub Action Run

supabase / auth / 17928243696
69%

README BADGES
x

Markdown

Textile

RDoc

HTML

Rst

Jobs

Source Files on build 17928243696

supabase / auth / 17928243696 69%

README BADGES x

Markdown

Textile

RDoc

HTML

Rst

Jobs

Source Files on build 17928243696

supabase / auth / 17928243696
69%

README BADGES
x