Fix restrict url proxying to a fixed upstream host

[kochrac]

fixing this requires ensuring that the URL used in fetch is derived only from validated components, not directly from raw user input. That means: parse the user-provided URL, verify its scheme, hostname, (optionally) port and path against strict rules and an allow‑list, then either (a) reject the request if any constraint fails, or (b) build a canonical upstream URL string from the validated URL object instead of the original string.

For this specific code, the best fix without changing desired functionality is:

1. Parse the URL once (const parsed = new URL(url);).
2. Enforce:
   • parsed.protocol is http: or https: (reject others).
   • parsed.hostname matches the allow‑list (vidgen.x.ai).
   • Optionally, restrict ports to standard HTTP(S) ports or no port.
3. Use parsed.toString() (or parsed.href) as the argument to fetch, not the original url string, so that the sink depends on the validated object.
4. Slightly refactor so the parsed URL is available to both the validation block and the fetch call.

All required changes are confined to app/api/video-proxy/route.ts, around the existing validation at lines 13–22 and the fetch(url) at line 25.

[vercel]

@kochrac is attempting to deploy a commit to the Esteban Team on Vercel.

A member of the Team first needs to authorize it.