From 2c8c56dc1a34ad91ead9dd1fd0f6363af35ed6b6 Mon Sep 17 00:00:00 2001
From: Kieran <39117916+RemiixInc@users.noreply.github.com>
Date: Sun, 14 Aug 2022 10:11:27 +1000
Subject: [PATCH] Update index.ts

---
 api/index.ts | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/api/index.ts b/api/index.ts
index 40b4047..57ac173 100644
--- a/api/index.ts
+++ b/api/index.ts
@@ -2,6 +2,7 @@ import { getScreenshot } from "./_lib/puppeteer";
 
 module.exports = async (req, res) => {
   if (!req.query.url) return res.status(400).send("No url query specified.");
+  if (!checkUrl(req.query.url, req.hostname)) return res.status(400).send("Invalid url query specified.");
   try {
     const file = await getScreenshot(req.query.url, req.query.width, req.query.height);
     res.setHeader("Content-Type", "image/png");
@@ -12,3 +13,14 @@ module.exports = async (req, res) => {
     res.status(500).send("The server encountered an error. You may have inputted an invalid query.");
   }
 }
+
+function checkUrl(string, hostname) {
+  var url = "";
+  try {
+    url = new URL(string);
+  } catch (error) {
+    return false;
+  }
+  if (url.hostname == hostname) return false;
+  return true;
+}