fix: parse port in x-forwarded-for (#827) #1205
Conversation
Codecov Report
@@ Coverage Diff @@
## master #1205 +/- ##
=========================================
Coverage 100.00% 100.00%
=========================================
Files 4 4
Lines 487 494 +7
Branches 136 135 -1
=========================================
+ Hits 487 494 +7
Continue to review full report at Codecov.
|
There was a problem hiding this comment.
@jasonmacgowan, thank you for your PR 🙏🏻.
Plz, can you resolve the conflicts then use parseurl module over the url module.
jasonmacgowan
force-pushed
the
x-forwarded-for-ip
branch
from
2b59260
to
f860ab0
Compare
| const hostname = new URL(`http://${normalizedHost}`).hostname; | ||
|
|
||
| return hostname.replace(/(^\[|\]$)/g, ''); |
There was a problem hiding this comment.
@3imed-jaberi I don't think I can use parseurl module here as it expects a http.IncomingMessage object and here we're working on a header. I see url.parse is now deprecated so I swapped to using the URL constructor.
Problem is this doesn't strip the [] chars from IPv6 hosts so now we gotta do it manually. Regex to the rescue
|
Looks like @3imed-jaberi is going to be unavailable for a while based on his profile. Anyone else around to take a look at this? |
| }); | ||
| }); | ||
|
|
||
| describe('and contains IPv6', () => { |
There was a problem hiding this comment.
I would recommend adding a test for a IPv6 address with a port (i.e [::1]:80) as well as a dns name with a port (i.e. localhost:80).
| let normalizedHost = host; | ||
|
|
||
| if (net.isIPv6(host)) { | ||
| normalizedHost = `[${host}]`; |
There was a problem hiding this comment.
Because since this already validates it is the IP only, I would suggest simply shortcutting the rest of the processing for this case:
| normalizedHost = `[${host}]`; | |
| return host; |
Parses out IPs even if a port is sent in x-forwarded-for for IPv4. Probably fails if port is sent with an IPv6 address, but works otherwise.
fixes #827