in shared/AppInsightsCommon/src/Util.ts [337:389]
canIncludeCorrelationHeader(config: ICorrelationConfig, requestUrl: string, currentHost?: string) {
if (!requestUrl || (config && config.disableCorrelationHeaders)) {
return false;
}
if (config && config.correlationHeaderExcludePatterns) {
for (let i = 0; i < config.correlationHeaderExcludePatterns.length; i++) {
if (config.correlationHeaderExcludePatterns[i].test(requestUrl)) {
return false;
}
}
}
let requestHost = urlParseUrl(requestUrl).host.toLowerCase();
if (requestHost && (requestHost.indexOf(":443") !== -1 || requestHost.indexOf(":80") !== -1)) {
// [Bug #1260] IE can include the port even for http and https URLs so if present
// try and parse it to remove if it matches the default protocol port
requestHost = (urlParseFullHost(requestUrl, true) || "").toLowerCase();
}
if ((!config || !config.enableCorsCorrelation) && (requestHost && requestHost !== currentHost)) {
return false;
}
const includedDomains = config && config.correlationHeaderDomains;
if (includedDomains) {
let matchExists: boolean;
arrForEach(includedDomains, (domain) => {
const regex = new RegExp(domain.toLowerCase().replace(/\\/g, "\\\\").replace(/\./g, "\\.").replace(/\*/g, ".*"));
matchExists = matchExists || regex.test(requestHost);
});
if (!matchExists) {
return false;
}
}
const excludedDomains = config && config.correlationHeaderExcludedDomains;
if (!excludedDomains || excludedDomains.length === 0) {
return true;
}
for (let i = 0; i < excludedDomains.length; i++) {
const regex = new RegExp(excludedDomains[i].toLowerCase().replace(/\\/g, "\\\\").replace(/\./g, "\\.").replace(/\*/g, ".*"));
if (regex.test(requestHost)) {
return false;
}
}
// if we don't know anything about the requestHost, require the user to use included/excludedDomains.
// Previously we always returned false for a falsy requestHost
return requestHost && requestHost.length > 0;
},