fix: sanitize checkout site URL for Stripe redirects

[GsCommand]

Motivation

• Prevent malformed Stripe success_url/cancel_url when COMMANDLAYER_SITE_URL is misconfigured (e.g. values containing commas or wrong protocol/host) that produced broken redirects.
• Ensure checkout redirect targets are stable, use HTTPS, and are restricted to the official hostnames to avoid accidental or hostile redirects.
• Provide a single well-defined failure mode (SITE_URL_INVALID) when the site URL is invalid so the caller receives a consistent error.

Description

• Added getSanitizedSiteUrl() to api/admin/create-checkout-session.js that trims whitespace, removes a trailing slash, rejects values containing a comma, requires https: protocol, and enforces hostnames commandlayer.org or www.commandlayer.org, defaulting to https://www.commandlayer.org when missing.
• Replaced direct usage of process.env.COMMANDLAYER_SITE_URL with the sanitized siteUrl when building Stripe success_url and cancel_url in api/admin/create-checkout-session.js and return a 503 with status SITE_URL_INVALID and an explanatory error message when validation fails.
• Extended tests/api-payments.test.js to record the Stripe payload and to cover the sanitizer behavior with tests for defaulting, trimming, comma rejection, http rejection, unrelated domain rejection, and exact success_url/cancel_url construction.

Testing

• Ran unit tests with npm test and all tests passed (122 tests, 0 failures).
• Ran example checks with cd examples/webhook-auto-verify && npm run check and the checks succeeded.
• New and existing payment-related tests in tests/api-payments.test.js passed and validate the constructed Stripe URLs and rejection behavior.

---

Codex Task

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
commandlayer-commandlayer-org	Ready	Preview, Comment	May 24, 2026 3:31am
commandlayer-org	Ready	Preview, Comment	May 24, 2026 3:31am
commandlayer-org111	Ready	Preview, Comment	May 24, 2026 3:31am