Move list of valid origin prefixes for incoming WebSocket requests to a constant

Summary: Create a constant to hold all valid origin prefixes, for incoming WebSocket requests. This is to make it easier to add additional origins.

Reviewed By: mweststrate

Differential Revision: D26778708

fbshipit-source-id: b89bd8c8d8925b2863f12c319c6ecbeeb265fc42

desktop/app/src/fb-stubs/constants.tsx

@@ -42,4 +42,12 @@ export default Object.freeze({
   },
 
   SUPPORT_GROUPS: [],
+
+  // Only WebSocket requests from the following origin prefixes will be accepted
+  VALID_WEB_SOCKET_REQUEST_ORIGIN_PREFIXES: [
+    'chrome-extension://',
+    'localhost:',
+    'http://localhost:',
+    'app://',
+  ],
 });

desktop/app/src/server.tsx

@@ -26,6 +26,7 @@ import invariant from 'invariant';
 import tls from 'tls';
 import net, {Socket} from 'net';
 import {Responder, Payload, ReactiveSocket} from 'rsocket-types';
+import constants from './fb-stubs/constants';
 import GK from './fb-stubs/GK';
 import {initJsEmulatorIPC} from './utils/js-client-server-utils/serverUtils';
 import {buildClientId} from './utils/clientUtils';
@@ -184,11 +185,8 @@ class Server extends EventEmitter {
         req: IncomingMessage;
         secure: boolean;
       }) => {
-        return (
-          info.origin.startsWith('chrome-extension://') ||
-          info.origin.startsWith('localhost:') ||
-          info.origin.startsWith('http://localhost:') ||
-          info.origin.startsWith('app://')
+        return constants.VALID_WEB_SOCKET_REQUEST_ORIGIN_PREFIXES.some(
+          (validPrefix) => info.origin.startsWith(validPrefix),
         );
       },
     });