Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
function ipMatch(ip1: string, ip2: string): boolean {
// check ip1
if (!(ip.isV4Format(ip1) || ip.isV6Format(ip1))) {
throw new Error('invalid argument: ip1 in ipMatch() function is not an IP address.');
}
// check ip2
const cidrParts: string[] = ip2.split('/');
if (cidrParts.length === 2) {
return ip.cidrSubnet(ip2).contains(ip1);
} else {
if (!(ip.isV4Format(ip2) || ip.isV6Format(ip2))) {
console.log(ip2);
throw new Error('invalid argument: ip2 in ipMatch() function is not an IP address.');
}
return ip.isEqual(ip1, ip2);
}
}
var root = process.cwd();
if (dir) {
// use the provided directory
root = dir;
} else if (file.match(/^\//)) {
// .proto file is absolute path, use it
root = file.substr(0, file.lastIndexOf('/'));
}
if (!fs.existsSync(root + '/' + file)) {
fatal('Error: '.red + 'Could not find .proto file at ' + root + '/' + file);
}
var host = program.ip || config.ip;
if (!ip.isV4Format(host) && !ip.isV6Format(host)) {
fatal('Error: '.red + 'Invalid IP address: ' + host);
}
var port = program.port || config.port;
if (!port.match(/^[0-9]{1,5}$/)) {
fatal('Error: '.red + 'Invalid port: ' + port);
}
try {
grpcli.init({
proto_file: {
root: root,
file: file
},
host: host,
port: port,
// if hostHeader doesn't have scheme, add // for parsing.
/^(.+:)?\/\//.test(hostHeader) ? hostHeader : `//${hostHeader}`,
false,
true
).hostname;
// always allow requests with explicit IPv4 or IPv6-address.
// A note on IPv6 addresses:
// hostHeader will always contain the brackets denoting
// an IPv6-address in URLs,
// these are removed from the hostname in url.parse(),
// so we have the pure IPv6-address in hostname.
// always allow localhost host, for convenience (hostname === 'localhost')
// allow hostname of listening address (hostname === this.hostname)
const isValidHostname =
ip.isV4Format(hostname) ||
ip.isV6Format(hostname) ||
hostname === 'localhost' ||
hostname === this.hostname;
if (isValidHostname) {
return true;
}
// always allow localhost host, for convenience
// allow if hostname is in allowedHosts
if (this.allowedHosts && this.allowedHosts.length) {
for (let hostIdx = 0; hostIdx < this.allowedHosts.length; hostIdx++) {
const allowedHost = this.allowedHosts[hostIdx];
if (allowedHost === hostname) {
return true;
}
// allow user to opt-out this security check, at own risk
if (this.disableHostCheck) return true;
// get the Host header and extract hostname
// we don't care about port not matching
const hostHeader = headers.host;
if (!hostHeader) return false;
// use the node url-parser to retrieve the hostname from the host-header.
const hostname = url.parse(`//${hostHeader}`, false, true).hostname;
// always allow requests with explicit IPv4 or IPv6-address.
// A note on IPv6 addresses: hostHeader will always contain the brackets denoting
// an IPv6-address in URLs, these are removed from the hostname in url.parse(),
// so we have the pure IPv6-address in hostname.
if (ip.isV4Format(hostname) || ip.isV6Format(hostname)) return true;
// always allow localhost host, for convience
if (hostname === 'localhost') return true;
// allow if hostname is in allowedHosts
if (this.allowedHosts && this.allowedHosts.length) {
for (let hostIdx = 0; hostIdx < this.allowedHosts.length; hostIdx++) {
const allowedHost = this.allowedHosts[hostIdx];
if (allowedHost === hostname) return true;
// support "." as a subdomain wildcard
// e.g. ".example.com" will allow "example.com", "www.example.com", "subdomain.example.com", etc
if (allowedHost[0] === '.') {
// "example.com"
if (hostname === allowedHost.substring(1)) return true;
// "*.example.com"
validate: value => ipAddress.isV4Format(value) || ipAddress.isV6Format(value),
});
function arpOne (address) {
if (!ip.isV4Format(address) && !ip.isV6Format(address)) {
return Promise.reject(new Error('Invalid IP address provided.'))
}
return cp.exec('arp -n ' + address, options).then(parseOne)
}
public static addUser(socket: ExtendedSocket, userId: number, userName: string): UserData {
const newData: UserData = new UserData(socket.uuid, userId, userName)
let ipAddress: string = socket.remoteAddress
if (ip.isV6Format(ipAddress)) {
if (ipAddress.substr(0, 7) === '::ffff:') {
ipAddress = ipAddress.substr(7, ipAddress.length - 7)
}
}
newData.externalIpAddress = ipAddress
this.data.set(userId, newData)
this.dataCount++
return newData
}
validate: value => ip.isV4Format(value) || ip.isV6Format(value),
});
function is_ip(address) {
return ip_module.isV4Format(address) || ip_module.isV6Format(address);
}
export const getPublicIP = memoizee((identity) => {
if (!identity) return
for (const maddr of identity.addresses) {
try {
const addr = Multiaddr(maddr).nodeAddress()
if ((ip.isV4Format(addr.address) || ip.isV6Format(addr.address)) && !ip.isPrivate(addr.address)) {
return addr.address
}
} catch (_) {}
}
})