UNPKG

@aikidosec/firewall

Version:

Zen by Aikido is an embedded Web Application Firewall that autonomously protects Node.js apps against common and critical attacks

aikido.dev/zen

AikidoSec/firewall-node

29 lines (28 loc) 1.05 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.findHostnameInUserInput = findHostnameInUserInput; const getPortFromURL_1 = require("../../helpers/getPortFromURL"); const tryParseURL_1 = require("../../helpers/tryParseURL"); function findHostnameInUserInput(userInput, hostname, port) { if (userInput.length <= 1) { return false; } const hostnameURL = (0, tryParseURL_1.tryParseURL)(`http://${hostname}`); if (!hostnameURL) { return false; } const variants = [userInput, `http://${userInput}`, `https://${userInput}`]; for (const variant of variants) { const userInputURL = (0, tryParseURL_1.tryParseURL)(variant); if (userInputURL && userInputURL.hostname === hostnameURL.hostname) { const userPort = (0, getPortFromURL_1.getPortFromURL)(userInputURL); if (!port) { return true; } if (port && userPort === port) { return true; } } } return false; }