fix: update CORS handling for public chatflow requests

[prd-hoang-doan]

Fix: Expand CORS validation for public chatflow APIs used for embedded chatbot

Summary

This PR extends CORS domain validation to cover all public chatflow endpoints, not just the /prediction/ endpoint. Previously, only prediction requests were validated against per-chatflow allowed origins, leaving other public APIs (/public-chatbotConfig/ and /chatflows-streaming/) without proper origin validation.

Issue: #5691

Problem:

The existing CORS validation only checked domain restrictions for /prediction/ endpoints. Other public chatflow APIs that should have the same security controls were not being validated, creating an inconsistent security posture.

Testing:

Current:

Screen.Recording.2026-02-04.at.22.25.21.mov

After fixing:

Screen.Recording.2026-02-04.at.22.27.21.mov

[gemini-code-assist]

Summary of Changes

Hello @prd-hoang-doan, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request addresses a security inconsistency by expanding Cross-Origin Resource Sharing (CORS) validation to encompass all public chatflow endpoints, not just the /prediction/ endpoint. This ensures that /public-chatbotConfig/ and /chatflows-streaming/ APIs, which are used for embedded chatbots, are now subject to the same origin restrictions, thereby improving the overall security posture and preventing unauthorized access from unlisted domains.

Highlights

• Expanded CORS Validation: CORS domain validation has been extended to cover all public chatflow endpoints, including /public-chatbotConfig/ and /chatflows-streaming/, in addition to the existing /prediction/ endpoint.
• Unified Public Chatflow Request Detection: The isPredictionRequest function has been replaced by a more generic isPublicChatflowRequest function, which now checks against a defined list of allowed public chatflow URL slugs.
• Dynamic Chatflow ID Extraction: The extractChatflowId utility has been updated to dynamically identify chatflow IDs from any of the newly defined public chatflow URL patterns, ensuring consistent ID retrieval across all relevant endpoints.

Changelog

• packages/server/src/utils/XSS.ts
  • Updated import statement to use isPublicChatflowRequest instead of isPredictionRequest.
  • Modified the getCorsOptions function to utilize the new isPublicChatflowRequest for broader CORS validation.
• packages/server/src/utils/domainValidation.ts
  • Introduced a new constant ALLOWED_SLUGS to centralize the list of public chatflow URL patterns.
  • Refactored extractChatflowId to use a new helper function extractSlugFromUrl for more flexible chatflow ID extraction.
  • Renamed isPredictionRequest to isPublicChatflowRequest and updated its logic to check if the URL includes any of the ALLOWED_SLUGS.
  • Added a new helper function extractSlugFromUrl to determine which public slug is present in a given URL.
  • Updated the module exports to include isPublicChatflowRequest.

Activity

• No specific activity (comments, reviews, or progress updates) has been recorded for this pull request yet.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

The pull request effectively addresses the issue of expanding CORS validation to include all public chatflow endpoints, not just the /prediction/ endpoint. The introduction of the ALLOWED_SLUGS constant centralizes the list of public endpoints, improving maintainability. The refactoring of extractChatflowId and the new isPublicChatflowRequest function correctly implement the broader validation logic. The existing comment regarding code simplification in isPublicChatflowRequest is valid and has been retained as it does not conflict with the provided rules. Overall, this is a good improvement for the security posture and consistency of the application.