From 17a2083c05044886ebdd142d13f0641653d23ac8 Mon Sep 17 00:00:00 2001
From: Fabien O'Carroll <fabien@allou.is>
Date: Thu, 13 May 2021 11:06:54 +0100
Subject: [PATCH] Added precondition for Stripe Connect Admin API

refs https://github.com/TryGhost/Team/issues/598

Stripe Webhooks require SSL in production, and so we should not be
allowing connecting to Stripe in production mode unless the site is
running with SSL.
---
 core/server/api/canary/membersStripeConnect.js | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/core/server/api/canary/membersStripeConnect.js b/core/server/api/canary/membersStripeConnect.js
index f1baf3474e..67925e56f7 100644
--- a/core/server/api/canary/membersStripeConnect.js
+++ b/core/server/api/canary/membersStripeConnect.js
@@ -1,4 +1,7 @@
 const membersService = require('../../services/members');
+const config = require('../../../shared/config');
+const urlUtils = require('../../../shared/url-utils');
+const {BadRequestError} = require('@tryghost/errors');
 
 module.exports = {
     docName: 'members_stripe_connect',
@@ -15,6 +18,13 @@ module.exports = {
             }
         },
         query(frame) {
+            const siteUrl = urlUtils.getSiteUrl();
+            const productionMode = config.get('env') === 'production';
+            const siteUrlUsingSSL = /^https/.test(siteUrl);
+            const cannotConnectToStripe = productionMode && !siteUrlUsingSSL;
+            if (cannotConnectToStripe) {
+                throw new BadRequestError('Cannot connect to stripe unless site is using https://');
+            }
             // This is something you have to do if you want to use the "framework" with access to the raw req/res
             frame.response = async function (req, res) {
                 function setSessionProp(prop, val) {