forwarded-for
Advanced tools
Comparing version 1.0.0 to 1.0.1
13
index.js
@@ -53,2 +53,9 @@ 'use strict'; | ||
/** | ||
* Regex to split a string into an array of its words. | ||
* | ||
* @type {RegExp} | ||
*/ | ||
var pattern = /[^\s,]+/g; | ||
/** | ||
* Search the headers for a possible match against a known proxy header. | ||
@@ -68,3 +75,3 @@ * | ||
ports = (headers[proxies[i].port] || '').split(','); | ||
ips = (headers[proxies[i].ip] || '').split(','); | ||
ips = (headers[proxies[i].ip] || '').match(pattern); | ||
proto = (headers[proxies[i].proto] || 'http'); | ||
@@ -78,3 +85,3 @@ | ||
// | ||
if (!ips.length || !ips.every(net.isIP)) return; | ||
if (!ips || !ips.every(net.isIP)) return; | ||
@@ -89,3 +96,3 @@ port = ports.shift(); // Extract the first port as it's the "source" port. | ||
if (whitelist && whitelist.length && !ips.every(function every(ip) { | ||
return ~whitelist.indexOf(ip.trim()); | ||
return ~whitelist.indexOf(ip); | ||
})) return; | ||
@@ -92,0 +99,0 @@ |
{ | ||
"name": "forwarded-for", | ||
"version": "1.0.0", | ||
"version": "1.0.1", | ||
"description": "Abstraction for retrieving ip address information from a Node.js connection. Searches for proxy headers before degrading req.address", | ||
"main": "index.js", | ||
"scripts": { | ||
"coverage": "istanbul cover node_modules/.bin/_mocha -- --reporter spec --ui bdd test.js", | ||
"test": "mocha --reporter spec test.js", | ||
"test-travis": "istanbul cover node_modules/.bin/_mocha --report lcovonly -- --reporter spec --ui bdd test.js" | ||
"coverage": "istanbul cover _mocha", | ||
"test": "mocha", | ||
"test-travis": "istanbul cover _mocha --report lcovonly" | ||
}, | ||
@@ -40,7 +40,7 @@ "repository": { | ||
"devDependencies": { | ||
"assume": "1.1.x", | ||
"istanbul": "0.3.x", | ||
"mocha": "2.1.x", | ||
"pre-commit": "0.0.x" | ||
"assume": "1.4.x", | ||
"istanbul": "0.4.x", | ||
"mocha": "2.4.x", | ||
"pre-commit": "1.1.x" | ||
} | ||
} |
Sorry, the diff of this file is not supported yet
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
9793
5
182
2