fix: match origin pattern for non static hosts

src/plugins/Dropbox/index.js

@@ -35,6 +35,7 @@ module.exports = class Dropbox extends Plugin {
 
     // merge default options with the ones set by user
     this.opts = Object.assign({}, defaultOptions, opts)
+    this.opts.hostPattern = opts.hostPattern || opts.host
   }
 
   install () {

src/plugins/GoogleDrive/index.js

@@ -30,6 +30,7 @@ module.exports = class GoogleDrive extends Plugin {
 
     // merge default options with the ones set by user
     this.opts = Object.assign({}, defaultOptions, opts)
+    this.opts.hostPattern = opts.hostPattern || opts.host
   }
 
   install () {

src/plugins/Instagram/index.js

@@ -33,6 +33,7 @@ module.exports = class Instagram extends Plugin {
 
     // merge default options with the ones set by user
     this.opts = Object.assign({}, defaultOptions, opts)
+    this.opts.hostPattern = opts.hostPattern || opts.host
   }
 
   install () {

src/views/ProviderView/index.js

@@ -453,7 +453,9 @@ module.exports = class ProviderView {
     const authWindow = window.open(link, '_blank')
     const noProtocol = (url) => url.replace(/^(https?:|)\/\//, '')
     const handleToken = (e) => {
-      if (noProtocol(e.origin) !== noProtocol(this.plugin.opts.host) || e.source !== authWindow) {
+      const allowedOrigin = new RegExp(noProtocol(this.plugin.opts.hostPattern))
+      if (!allowedOrigin.test(noProtocol(e.origin)) || e.source !== authWindow) {
+        console.log(`rejecting event from ${e.origin} vs allowed pattern ${this.plugin.opts.hostPattern}`)
         return
       }
       authWindow.close()