Mirroristas/pockethost
2
0
Fork 0
mirror of https://github.com/pockethost/pockethost.git synced 2025-11-24 14:35:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

enh: CIDR secret override

Browse Source
This commit is contained in:
Ben Allfree 2025-01-09 03:40:51 +00:00
parent be795e4e46
commit 673f897723
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
packages/pockethost/src/cli/commands/FirewallCommand/ServeCommand/firewall/cidr.ts
View File

@ -13,11 +13,12 @@ export const createIpWhitelistMiddleware = (blockedCIDRs: string[]) => {
const ip = req.ip // or req.headers['x-forwarded-for'] || req.connection.remoteAddress; const ip = req.ip // or req.headers['x-forwarded-for'] || req.connection.remoteAddress;
if ( if (
blockedCIDRs.length === 0 || blockedCIDRs.length === 0 ||
(ip && blockedCIDRObjects.some((cidr) => cidr.contains(ip))) (ip && blockedCIDRObjects.some((cidr) => cidr.contains(ip))) ||
req.header('x-pockethost-secret') === process.env.PH_SECRET
) { ) {
next() next()
} else { } else {
res.status(403).send('Nope') res.status(403).send(`Nope: ${ip}`)
} }
} }
} }