Fix invalid referrer

zarulizham · Feb 24, 2024 · 08634a6 · 08634a6
1 parent f74068f
commit 08634a6
Showing 1 changed file with 10 additions and 1 deletion.
diff --git a/src/Http/Requests/AuthorizationConfirmation.php b/src/Http/Requests/AuthorizationConfirmation.php
@@ -51,8 +51,17 @@ public function getHeader($key)
 
     protected function verifyReferrer()
     {
-        if (! in_array($this->headers->get('referer'), ["https://3dgatewaytest.ambankgroup.com/","https://3dgateway.ambankgroup.com/"])) {
+        $referrer = $this->headers->get('referer');
+
+        if (config('app.env') == 'production') {
+            $verified = str_starts_with($referrer, "https://3dgateway.ambankgroup.com/");
+        } else {
+            $verified = str_starts_with($referrer, "https://3dgatewaytest.ambankgroup.com/");
+        }
+
+        if (!$verified) {
             throw new InvalidReferrer();
         }
+        return true;
     }
 }