修改添加API认证时上传页无法上传的bug

README.md

@@ -52,6 +52,8 @@
 
 环境变量增加`AUTH_CODE`，使用如：https://cloudflare-imgbed.域名?authcode=`AUTH_CODE`
 
+同时，必须增加`DOMAIN`环境变量，否则上传页面也无法正常上传。内容填写上传页面的域名即可（如sanyue.site）
+
 #### 访问域名限制
 
 环境变量增加`ALLOWED_DOMAINS`，多个允许的域名用英文`,`分割，如：域名.xyz,域名.cloudns.be,域名.pp.ua

functions/upload.js

@@ -22,13 +22,24 @@ function isAuthCodeDefined(authCode) {
     return authCode !== undefined && authCode !== null && authCode.trim() !== '';
 }
 
+function isDomainDefined(domain) {
+    return domain !== undefined && domain !== null && domain.trim() !== '';
+}
+
+function isUploadPageRequest(referer) {
+    if (referer && isDomainDefined(env.DOMAIN)) {
+        let refererUrl = new URL(referer);
+        return refererUrl.hostname === env.DOMAIN;
+    }
+    return false;
+}
 export async function onRequestPost(context) {  // Contents of context object
     const { request, env, params, waitUntil, next, data } = context;
-    // const referer = request.headers.get('Referer');
+    const referer = request.headers.get('Referer');
     // const authCode = new URLSearchParams(new URL(referer).search).get('authcode');
     const authCode = new URL(request.url).searchParams.get('authcode');
     const clonedRequest = request.clone();
-    if (isAuthCodeDefined(env.AUTH_CODE) && !isValidAuthCode(env.AUTH_CODE, authCode)) {
+    if (isUploadPageRequest(referer) || (isAuthCodeDefined(env.AUTH_CODE) && !isValidAuthCode(env.AUTH_CODE, authCode))) {
         return new UnauthorizedException("error");
     }
     await errorHandling(context);