Comments (14)
maximium
commented on May 28, 2024
2
then we return null when it's a internal ip such as
192.168.0.1
Probably a better way is to return the first not private ip from x-forwarded-for header instead of null
eg. 195.189.143.147 for X-Forwarded-For: 127.0.0.1, 192.168.0.100, 195.189.143.147, 130.236.236.80
from request-ip.
pbojinov
commented on May 28, 2024
1
@Redmega yes it's in progress. I'll have something out soon.
from request-ip.
evdama
commented on May 28, 2024
1
what's the status on this?
from request-ip.
pbojinov
commented on May 28, 2024
What if we exposed a flag that you can set, lets say ignoreInteral or ignoreLocal and if its true, then we return null when it's a internal ip such as 192.168.0.1.
Also thoughts on getting a cohesive list of internal ips?
from request-ip.
floatdrop
commented on May 28, 2024
@pbojinov yeah, sounds nice. We used netmask for a while, until IPv6 came into play. I think ip is good candidate for this task.
from request-ip.
pbojinov
commented on May 28, 2024
@floatdrop in this case, will using ip.isPrivate('127.0.0.1') // true from ip work out ok?
Do you have any example headers we can use for the tests? Want to make sure we're using real live data to cover these test cases.
from request-ip.
pbojinov
commented on May 28, 2024
What about thoughts on naming for the flag: ignorePrivate, ignoreLocal, ignoreInternal?
from request-ip.
floatdrop
commented on May 28, 2024
@pbojinov we have only tests for filtering ipv4 adresses (all of them from private networks), but no actual headers.
What about thoughts on naming for the flag: ignorePrivate, ignoreLocal, ignoreInternal?
I think ignorePrivate is good choice, because of ip.isPrivate method.
from request-ip.
pbojinov
commented on May 28, 2024
Sounds good, I'll add this in. Thanks!
from request-ip.
fluxsauce
commented on May 28, 2024
There's an existing dependency on is.js, maybe add it upstream?
from request-ip.
pbojinov
commented on May 28, 2024
@fluxsauce the dependency is in the package.json. Am I missing something else?
"dependencies": {
"is_js": "^0.9.0"
}
It should install from npm. I'm seeing this when I run a fresh install:
> npm install request-ip
[email protected] /Users/petar/test
└─┬ [email protected]
└── [email protected]
from request-ip.
fluxsauce
commented on May 28, 2024
@pbojinov I meant add is.ipPrivate to is.js first, as it could be useful in some other places.
from request-ip.
Redmega
commented on May 28, 2024
Any update on this?
from request-ip.
Redmega
commented on May 28, 2024
Awesome to hear. I'm doing a geoip check on an aws box and its grabbing the IP of the box itself. It's hard to tell without intense console logging if its due to incorrectly set headers or the request-ip package itself. It isn't a high priority issue for us so I've left it alone for now, looking forward to the release 👍
from request-ip.
Related Issues (20)
- Mac address instead of IP HOT 1
- Not working correctly on deployed App HOT 1
- Add support for Cloudflare's "Cf-Pseudo-IPv4" header (as a last resort) HOT 1
- Wrong IP if proxied via CloudFlare HOT 9
- IP is null, request to firebase emulator from within website iframe
- Switch to Typescript from ES6 HOT 1
- Look into migrating tests from Tape to Jest
- ::ffff:127.0.0.1 Address from client on same VPN as application HOT 1
- Wrong Client Ip address been picked in your recent version HOT 3
- Does it support AdonisJS? HOT 2
- Bad extract ip from x-forwarded-for HOT 8
- Incompatible with Next.js middleware/Vercel edge functions HOT 2
- Error: Cannot find module './is' HOT 12
- RFC-7239 "Forwarded" header not properly supported HOT 2
- How to get IPv4 address only? HOT 4
- Add prioritize option for header check order HOT 1
- is.js ReDoS Vulnerability HOT 2
- (node:71664) [FSTDEP005] FastifyDeprecation "request.connection" HOT 3
- Is v3.3.0 released? HOT 1
- lib/index.js is not up to date in master branch
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from request-ip.