forwarded-for
Advanced tools
Comparing version 0.0.0 to 0.0.1
114
index.js
@@ -6,2 +6,16 @@ 'use strict'; | ||
| /** | ||
| * Forwarded instance. | ||
| * | ||
| * @param {String} ip The IP address. | ||
| * @param {Number} port The port number. | ||
| * @param {Boolean} secured The connection was secured. | ||
| * @api private | ||
| */ | ||
| function Forwarded(ip, port, secured) { | ||
| this.ip = ip || '127.0.0.1'; | ||
| this.secure = !!secured; | ||
| this.port = +port || 0; | ||
| } | ||
| /** | ||
| * List of possible proxy headers that should be checked for the original client | ||
@@ -28,3 +42,4 @@ * IP address and forwarded port. | ||
| ip: 'x-real-ip', | ||
| port: 'x-real-port' // Estimated guess, no standard header available. | ||
| port: 'x-real-port', // Estimated guess, no standard header available. | ||
| proto: 'x-real-proto' // Estimated guess, no standard header available. | ||
| } | ||
@@ -34,14 +49,2 @@ ]; | ||
| /** | ||
| * Default IP address and port that should be returned when don't find any | ||
| * (valid) matches. | ||
| * | ||
| * @type {Object} | ||
| * @private | ||
| */ | ||
| var defaults = { | ||
| ip: '127.0.0.1', | ||
| port: 0 | ||
| }; | ||
| /** | ||
| * Search the headers for a possible match against a known proxy header. | ||
@@ -54,8 +57,10 @@ * | ||
| */ | ||
| function forwarded(headers) { | ||
| for (var i = 0, length = proxies.length; i < length; i++) { | ||
| function forwarded(headers, whitelist) { | ||
| var ports, port, ips, ip, length = proxies.length, i = 0; | ||
| for (; i < length; i++) { | ||
| if (!(proxies[i].ip in headers)) continue; | ||
| var ports = (headers[proxies[i].port] || '').split(',') | ||
| , ips = (headers[proxies[i].ip] || '').split(','); | ||
| ports = (headers[proxies[i].port] || '').split(','); | ||
| ips = (headers[proxies[i].ip] || '').split(','); | ||
@@ -70,3 +75,14 @@ // | ||
| port = ports.shift(); // Extract the first port as it's the "source" port. | ||
| ip = ips.shift(); // Extract the first IP as it's the "source" IP. | ||
| // | ||
| // If we were given a white list, we need to ensure that the proxies that | ||
| // we're given are known and allowed. | ||
| // | ||
| if (whitelist && whitelist.length && !ips.every(function every(ip) { | ||
| return ~whitelist.indexOf(ip.trim()); | ||
| })) return; | ||
| // | ||
| // We've gotten a match on a HTTP header, we need to parse it further as it | ||
@@ -79,6 +95,3 @@ // could consist of multiple hops. The pattern for multiple hops is: | ||
| // | ||
| return { | ||
| port: +ports.shift() || defaults.port, | ||
| ip: ips.shift() || defaults.ip | ||
| }; | ||
| return new Forwarded(ip, port); | ||
| } | ||
@@ -96,3 +109,3 @@ } | ||
| */ | ||
| function parse(obj, headers, whitelist) { | ||
| module.exports = function parse(obj, headers, whitelist) { | ||
| var proxied = forwarded(headers, whitelist) | ||
@@ -108,32 +121,39 @@ , connection = obj.connection | ||
| // | ||
| if (proxied) return proxied; | ||
| if (proxied) { | ||
| return proxied; | ||
| } | ||
| // Check for the property on our given object. | ||
| if ('remoteAddress' in obj) return { | ||
| port: +obj.remotePort || defaults.port, | ||
| ip: obj.remoteAddress || defaults.ip | ||
| }; | ||
| if ('object' === typeof obj) { | ||
| if ('remoteAddress' in obj) { | ||
| return new Forwarded( | ||
| obj.remoteAddress, | ||
| obj.remotePort | ||
| ); | ||
| } | ||
| // Edge case for Socket.IO and SockJS. | ||
| if ('address' in obj && 'port' in obj) return { | ||
| port: +obj.port || defaults.port, | ||
| ip: obj.address || defaults.ip | ||
| }; | ||
| // Edge case for Socket.IO and SockJS. | ||
| if ('address' in obj && 'port' in obj) { | ||
| return new Forwarded( | ||
| obj.address, | ||
| obj.port | ||
| ); | ||
| } | ||
| } | ||
| if (connection && 'remoteAddress' in connection) return { | ||
| port: +connection.remotePort || defaults.port, | ||
| ip: connection.remoteAddress || defaults.ip | ||
| }; | ||
| if ('object' === typeof connection && 'remoteAddress' in connection) { | ||
| return new Forwarded( | ||
| connection.remoteAddress, | ||
| connection.remotePort | ||
| ); | ||
| } | ||
| if (socket && 'remoteAddress' in socket) return { | ||
| port: +socket.remotePort || defaults.port, | ||
| ip: socket.remoteAddress || defaults.ip | ||
| }; | ||
| if ('object' === typeof socket && 'remoteAddress' in socket) { | ||
| return new Forwarded( | ||
| socket.remoteAddress, | ||
| socket.remoteAddress | ||
| ); | ||
| } | ||
| return defaults; | ||
| } | ||
| // | ||
| // Expose the module. | ||
| // | ||
| module.exports = parse; | ||
| return new Forwarded(); | ||
| }; |
| { | ||
| "name": "forwarded-for", | ||
| "version": "0.0.0", | ||
| "version": "0.0.1", | ||
| "description": "Abstraction for retrieving ip address information from a Node.js connection. Searches for proxy headers before degrading req.address", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
No alert changes
Improved metrics
- Total package byte prevSize
- increased by9.78%
7095
- Lines of code
- increased by15.52%
134
No dependency changes