From 4b491f950cd239e3e54f62339c130957d2b2900d Mon Sep 17 00:00:00 2001
From: Samuel Weibel <samuel.weibel@gmail.com>
Date: Fri, 17 Jan 2025 10:08:21 +0000
Subject: [PATCH] Improve suggested blacklist tests

---
 express/backend/src/api/weblate-proxy.ts | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/express/backend/src/api/weblate-proxy.ts b/express/backend/src/api/weblate-proxy.ts
index 10cd67a..1b861a4 100644
--- a/express/backend/src/api/weblate-proxy.ts
+++ b/express/backend/src/api/weblate-proxy.ts
@@ -3,17 +3,17 @@ import { Router } from "express";
 import { env } from "../common";
 
 const WEBLATE_API = "https://weblate.iobroker.net/api/";
-const ALLOWED_PATHS = ["/projects/", "/components/", "/languages/"];
+const ALLOWED_PATHS = ["projects/adapters/components/"] as const;
 
 const router = Router();
 
 router.get<any>("/api/weblate/*", async function (req, res) {
 	try {
-		const userPath = `/${req.params["0"]}`;
-		if (!ALLOWED_PATHS.some(path => userPath.startsWith(path))) {
+		const userPath = req.params["0"];
+		if (!ALLOWED_PATHS.some((path) => userPath.startsWith(path))) {
 			return res.status(400).send("Invalid path");
 		}
-		const url = new URL(`${WEBLATE_API}${req.params["0"]}`);
+		const url = new URL(`${WEBLATE_API}${userPath}`);
 		const q = req.query;
 		if (q.page) {
 			url.searchParams.set("page", q.page as string);