@aikidosec/firewall
Version:
Zen by Aikido is an embedded Web Application Firewall that autonomously protects Node.js apps against common and critical attacks
27 lines (26 loc) • 898 B
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.ipAllowedToAccessRoute = ipAllowedToAccessRoute;
const isLocalhostIP_1 = require("../../helpers/isLocalhostIP");
function ipAllowedToAccessRoute(context, agent) {
if (context.remoteAddress && (0, isLocalhostIP_1.isLocalhostIP)(context.remoteAddress)) {
return true;
}
const matches = agent.getConfig().getEndpoints(context);
for (const endpoint of matches) {
if (!Array.isArray(endpoint.allowedIPAddresses)) {
continue;
}
if (endpoint.allowedIPAddresses.length === 0) {
continue;
}
if (!context.remoteAddress) {
return false;
}
const { allowedIPAddresses } = endpoint;
if (!allowedIPAddresses.includes(context.remoteAddress)) {
return false;
}
}
return true;
}