PS-1230 PS-1152 Fix/improve null origin message (#3280)

* Improve message if Origin header value is empty

* PS-1230 Remove serve feature flag

apps/cli/config/development.json

@@ -1,5 +1,3 @@
 {
-  "flags": {
+  "flags": {}
-    "serve": true
-  }
 }

apps/cli/config/production.json

@@ -1,5 +1,3 @@
 {
-  "flags": {
+  "flags": {}
-    "serve": true
-  }
 }

apps/cli/src/commands/serve.command.ts

@@ -6,6 +6,7 @@ import * as koaBodyParser from "koa-bodyparser";
 import * as koaJson from "koa-json";
 
 import { KeySuffixOptions } from "@bitwarden/common/enums/keySuffixOptions";
+import { Utils } from "@bitwarden/common/misc/utils";
 import { Response } from "@bitwarden/node/cli/models/response";
 import { FileResponse } from "@bitwarden/node/cli/models/response/fileResponse";
 
@@ -167,7 +168,13 @@ export class ServeCommand {
       .use(async (ctx, next) => {
         if (protectOrigin && ctx.headers.origin != undefined) {
           ctx.status = 403;
-          this.main.logService.warning(`Blocking request from ${ctx.headers.origin}`);
+          this.main.logService.warning(
+            `Blocking request from "${
+              Utils.isNullOrEmpty(ctx.headers.origin)
+                ? "(Origin header value missing)"
+                : ctx.headers.origin
+            }"`
+          );
           return;
         }
         await next();

apps/cli/src/flags.ts

@@ -1,5 +1,5 @@
-export type Flags = {
+// Remove this linter hint if any flags exist
-  serve?: boolean;
+// eslint-disable-next-line @typescript-eslint/ban-types
-};
+export type Flags = {};
 
 export type FlagName = keyof Flags;

apps/cli/src/program.ts

@@ -470,36 +470,34 @@ export class Program extends BaseProgram {
         this.processResponse(response);
       });
 
-    if (CliUtils.flagEnabled("serve")) {
+    program
-      program
+      .command("serve")
-        .command("serve")
+      .description("Start a RESTful API webserver.")
-        .description("Start a RESTful API webserver.")
+      .option("--hostname <hostname>", "The hostname to bind your API webserver to.")
-        .option("--hostname <hostname>", "The hostname to bind your API webserver to.")
+      .option("--port <port>", "The port to run your API webserver on.")
-        .option("--port <port>", "The port to run your API webserver on.")
+      .option(
-        .option(
+        "--disable-origin-protection",
-          "--disable-origin-protection",
+        "If set, allows requests with origin header. Not recommended!"
-          "If set, allows requests with origin header. Not recommended!"
+      )
-        )
+      .on("--help", () => {
-        .on("--help", () => {
+        writeLn("\n  Notes:");
-          writeLn("\n  Notes:");
+        writeLn("");
-          writeLn("");
+        writeLn("    Default hostname is `localhost`.");
-          writeLn("    Default hostname is `localhost`.");
+        writeLn("    Use hostname `all` for no hostname binding.");
-          writeLn("    Use hostname `all` for no hostname binding.");
+        writeLn("    Default port is `8087`.");
-          writeLn("    Default port is `8087`.");
+        writeLn("");
-          writeLn("");
+        writeLn("  Examples:");
-          writeLn("  Examples:");
+        writeLn("");
-          writeLn("");
+        writeLn("    bw serve");
-          writeLn("    bw serve");
+        writeLn("    bw serve --port 8080");
-          writeLn("    bw serve --port 8080");
+        writeLn("    bw serve --hostname bwapi.mydomain.com --port 80");
-          writeLn("    bw serve --hostname bwapi.mydomain.com --port 80");
+        writeLn("", true);
-          writeLn("", true);
+      })
-        })
+      .action(async (cmd) => {
-        .action(async (cmd) => {
+        await this.exitIfNotAuthed();
-          await this.exitIfNotAuthed();
+        const command = new ServeCommand(this.main);
-          const command = new ServeCommand(this.main);
+        await command.run(cmd);
-          await command.run(cmd);
+      });
-        });
-    }
   }
 
   protected processResponse(response: Response, exitImmediately = false) {