From 2a264caac3e4716bb44a77de19a1b0b76fe29cd8 Mon Sep 17 00:00:00 2001
From: Steven Kitterman <steven.kitterman@gmail.com>
Date: Thu, 16 Nov 2023 10:45:28 -0800
Subject: [PATCH] User only has to specify host, not entire origin

---
 src/resource-archive/index.test.ts | 6 +++---
 src/resource-archive/index.ts      | 7 ++++---
 src/types.ts                       | 4 ++--
 3 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/src/resource-archive/index.test.ts b/src/resource-archive/index.test.ts
index bebe8f4b..8a4213c6 100644
--- a/src/resource-archive/index.test.ts
+++ b/src/resource-archive/index.test.ts
@@ -174,9 +174,9 @@ describe('new', () => {
     const complete = await createResourceArchive({
       page,
       allowedArchiveDomains: [
-        // external origins we allow-list
-        'https://i-ama.fake',
-        'https://another-domain.com',
+        // external domains we allow-list
+        'i-ama.fake',
+        'another-domain.com',
       ],
     });
 
diff --git a/src/resource-archive/index.ts b/src/resource-archive/index.ts
index 3b936c49..d03ff3cd 100644
--- a/src/resource-archive/index.ts
+++ b/src/resource-archive/index.ts
@@ -30,7 +30,7 @@ class Watcher {
    Specifies which domains (origins) we should archive resources for (by default we only archive same-origin resources).
    Useful in situations where the environment running the archived storybook (e.g. in CI) may be restricted to an intranet or other domain restrictions
   */
-  private allowedArchiveDomains: string[];
+  private allowedArchiveOrigins: string[];
 
   /**
    * We assume the first URL loaded after @watch is called is the base URL of the
@@ -51,7 +51,8 @@ class Watcher {
     allowedDomains?: string[]
   ) {
     this.globalNetworkTimeoutMs = networkTimeoutMs;
-    this.allowedArchiveDomains = allowedDomains || [];
+    // tack on the protocol so we can properly check if requests are cross-origin
+    this.allowedArchiveOrigins = (allowedDomains || []).map((domain) => `https://${domain}`);
   }
 
   async watch() {
@@ -141,7 +142,7 @@ class Watcher {
 
     const isRequestFromAllowedDomain =
       requestUrl.origin === this.firstUrl.origin ||
-      this.allowedArchiveDomains.includes(requestUrl.origin);
+      this.allowedArchiveOrigins.includes(requestUrl.origin);
 
     logger.log(
       'requestPaused',
diff --git a/src/types.ts b/src/types.ts
index 68c36984..f079c6d0 100644
--- a/src/types.ts
+++ b/src/types.ts
@@ -24,9 +24,9 @@ export interface ChromaticConfig {
   // each test will wait for the network to be idle while archiving resources.
   resourceArchiveTimeout?: number;
 
-  // domains (besides localhost) that assets should be archived from
+  // domains (besides where the test is being run from) that assets should be archived from
   // (needed when, for example, CI environment can't access the archives later on)
-  // ex: https://www.some-domain.com
+  // ex: www.some-domain.com
   allowedArchiveDomains?: string[];
 }