UNPKG

@aikidosec/firewall

Version:

Zen by Aikido is an embedded Application Firewall that autonomously protects Node.js apps against common and critical attacks, provides rate limiting, detects malicious traffic (including bots), and more.

aikido.dev/zen

AikidoSec/firewall-node

41 lines (40 loc) 1.74 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.wrapOnHeaders = wrapOnHeaders; const parseHeaders_1 = require("./parseHeaders"); const isRedirectStatusCode_1 = require("../../helpers/isRedirectStatusCode"); const onRedirect_1 = require("./onRedirect"); /** * Wrap the onHeaders function and check if the response is a redirect. If yes, determine the destination URL and call onRedirect. */ function wrapOnHeaders(orig, requestContext, context) { // @ts-expect-error We return undefined if there is no original function, that's fine because the onHeaders function is optional return function onHeaders() { // eslint-disable-next-line prefer-rest-params const args = Array.from(arguments); if (args.length > 1) { const statusCode = args[0]; if ((0, isRedirectStatusCode_1.isRedirectStatusCode)(statusCode)) { try { // Get redirect location const headers = (0, parseHeaders_1.parseHeaders)(args[1]); if (typeof headers.location === "string") { const destinationUrl = new URL(headers.location); (0, onRedirect_1.onRedirect)(destinationUrl, requestContext, context); } } catch { // Ignore, log later if we have log levels } } } if (orig) { return orig.apply( // @ts-expect-error We don't know the type of this this, // @ts-expect-error Arguments are not typed // eslint-disable-next-line prefer-rest-params arguments); } }; }