fix: change matching pattern

app/api/upstash/[action]/[...key]/route.ts

@@ -12,7 +12,7 @@ async function handle(
   }
   const [action, ...key] = params.key;
   // only allow to request to *.upstash.io
-  if (!endpoint || !endpoint.endsWith("upstash.io")) {
+  if (!endpoint || !new URL(endpoint).hostname.endsWith(".upstash.io")) {
     return NextResponse.json(
       {
         error: true,

app/api/webdav/[...path]/route.ts

@@ -31,7 +31,10 @@ async function handle(
   }
 
   // for MKCOL request, only allow request ${folder}
-  if (req.method == "MKCOL" && !endpointPath.endsWith(folder)) {
+  if (
+    req.method == "MKCOL" &&
+    !new URL(endpointPath).pathname.endsWith(folder)
+  ) {
     return NextResponse.json(
       {
         error: true,
@@ -44,7 +47,10 @@ async function handle(
   }
 
   // for GET request, only allow request ending with fileName
-  if (req.method == "GET" && !endpointPath.endsWith(fileName)) {
+  if (
+    req.method == "GET" &&
+    !new URL(endpointPath).pathname.endsWith(fileName)
+  ) {
     return NextResponse.json(
       {
         error: true,
@@ -57,7 +63,10 @@ async function handle(
   }
 
   //   for PUT request, only allow request ending with fileName
-  if (req.method == "PUT" && !endpointPath.endsWith(fileName)) {
+  if (
+    req.method == "PUT" &&
+    !new URL(endpointPath).pathname.endsWith(fileName)
+  ) {
     return NextResponse.json(
       {
         error: true,

app/utils/cloud/webdav.ts

@@ -1,6 +1,5 @@
 import { STORAGE_KEY } from "@/app/constant";
 import { SyncStore } from "@/app/store/sync";
-import { corsFetch } from "../cors";
 
 export type WebDAVConfig = SyncStore["webdav"];
 export type WebDavClient = ReturnType<typeof createWebDavClient>;