@aikidosec/firewall
Version:
Zen by Aikido is an embedded Application Firewall that autonomously protects Node.js apps against common and critical attacks, provides rate limiting, detects malicious traffic (including bots), and more.
45 lines (44 loc) • 2.08 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.findHostnameInContext = findHostnameInContext;
const attackPath_1 = require("../../helpers/attackPath");
const extractStringsFromUserInputCached_1 = require("../../helpers/extractStringsFromUserInputCached");
const getSourceForUserString_1 = require("../../helpers/getSourceForUserString");
const findHostnameInUserInput_1 = require("./findHostnameInUserInput");
const isRequestToItself_1 = require("./isRequestToItself");
const isRequestToServiceHostname_1 = require("./isRequestToServiceHostname");
function findHostnameInContext(hostname, context, port) {
if ((0, isRequestToServiceHostname_1.isRequestToServiceHostname)(hostname)) {
// We don't want to block outgoing requests to service hostnames
// e.g. "discord-bot" or "my_service" or "BACKEND"
// These might occur ^ easily in the user input
return undefined;
}
if (context.url &&
(0, isRequestToItself_1.isRequestToItself)({
serverUrl: context.url,
outboundHostname: hostname,
outboundPort: port,
})) {
// We don't want to block outgoing requests to the same host as the server
// (often happens that we have a match on headers like `Host`, `Origin`, `Referer`, etc.)
return undefined;
}
for (const str of (0, extractStringsFromUserInputCached_1.extractStringsFromUserInputCached)(context)) {
const found = (0, findHostnameInUserInput_1.findHostnameInUserInput)(str, hostname, port);
if (found) {
const source = (0, getSourceForUserString_1.getSourceForUserString)(context, str);
if (source) {
const paths = (0, attackPath_1.getPathsToPayload)(str, context[source]);
return {
source: source,
pathsToPayload: paths,
payload: str,
port: port,
hostname: hostname,
};
}
}
}
return undefined;
}