@aikidosec/firewall
Version:
Zen by Aikido is an embedded Web Application Firewall that autonomously protects Node.js apps against common and critical attacks
49 lines (48 loc) • 2.13 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.fetchBlockedLists = fetchBlockedLists;
/* eslint-disable max-lines-per-function */
const fetch_1 = require("../../helpers/fetch");
const getAPIURL_1 = require("../getAPIURL");
async function fetchBlockedLists(token) {
const baseUrl = (0, getAPIURL_1.getAPIURL)();
const { body, statusCode } = await (0, fetch_1.fetch)({
url: new URL(`${baseUrl.toString()}api/runtime/firewall/lists`),
method: "GET",
headers: {
// We need to set the Accept-Encoding header to "gzip" to receive the response in gzip format
"Accept-Encoding": "gzip",
Authorization: token.asString(),
},
timeoutInMS: 60 * 1000,
});
if (statusCode !== 200) {
if (statusCode === 401) {
throw new Error(`Unable to access the Aikido platform, please check your token.`);
}
throw new Error(`Failed to fetch blocked lists: ${statusCode}`);
}
const result = JSON.parse(body);
return {
blockedIPAddresses: result && Array.isArray(result.blockedIPAddresses)
? result.blockedIPAddresses
: [],
allowedIPAddresses: result && Array.isArray(result.allowedIPAddresses)
? result.allowedIPAddresses
: [],
monitoredIPAddresses: result && Array.isArray(result.monitoredIPAddresses)
? result.monitoredIPAddresses
: [],
// Blocked user agents are stored as a string pattern for usage in a regex (e.g. "Googlebot|Bingbot")
blockedUserAgents: result && typeof result.blockedUserAgents === "string"
? result.blockedUserAgents
: "",
// Monitored user agents are stored as a string pattern for usage in a regex (e.g. "ClaudeBot|ChatGPTBot")
monitoredUserAgents: result && typeof result.monitoredUserAgents === "string"
? result.monitoredUserAgents
: "",
userAgentDetails: result && Array.isArray(result.userAgentDetails)
? result.userAgentDetails
: [],
};
}