diff --git a/packages/@uppy/companion/src/config/companion.js b/packages/@uppy/companion/src/config/companion.js index 7ceb01e935..ec8ac9e79e 100644 --- a/packages/@uppy/companion/src/config/companion.js +++ b/packages/@uppy/companion/src/config/companion.js @@ -99,7 +99,8 @@ const validateConfig = (companionOptions) => { } if (companionOptions.uploadUrls == null || companionOptions.uploadUrls.length === 0) { - logger.warn('Running without uploadUrls specified is a security risk if running in production', 'startup.uploadUrls') + if (process.env.NODE_ENV === 'production') throw new Error('uploadUrls is required') + logger.error('Running without uploadUrls is a security risk and Companion will refuse to start up when running in production (NODE_ENV=production)', 'startup.uploadUrls') } if (periodicPingUrls != null && ( diff --git a/website/src/docs/companion.md b/website/src/docs/companion.md index 9a28fee239..b0b8f878c1 100644 --- a/website/src/docs/companion.md +++ b/website/src/docs/companion.md @@ -357,9 +357,9 @@ const options = { 1. **filePath(required)** - Full path to the directory to which provider files will be downloaded temporarily. -2. **secret(recommended)** - A secret string which Companion uses to generate authorization tokens. You should generate a long random string for this. +2. **uploadUrls(required)** - An allowlist (array) of strings (exact URLs) or regular expressions. Companion will only accept uploads to these URLs. This ensures that your Companion instance is only allowed to upload to your trusted servers and prevents [SSRF](https://en.wikipedia.org/wiki/Server-side_request_forgery) attacks. -3. **uploadUrls(recommended)** - An allowlist (array) of strings (exact URLs) or regular expressions. If specified, Companion will only accept uploads to these URLs. This is needed to make sure a Companion instance is only allowed to upload to your servers. **Omitting this leaves your system open to potential [SSRF](https://en.wikipedia.org/wiki/Server-side_request_forgery) attacks, and may throw an error in future `@uppy/companion` releases.** +3. **secret(recommended)** - A secret string which Companion uses to generate authorization tokens. You should generate a long random string for this. 4. **redisUrl(optional)** - URL to running Redis server. If this is set, the state of uploads would be stored temporarily. This helps for resumed uploads after a browser crash from the client. The stored upload would be sent back to the client on reconnection.