admin/shop-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: normalize IPv6-mapped IPv4 addresses in IP gate

Browse Source
This commit is contained in:
Kirill
2026-05-23 11:04:32 +05:00
parent 8ed2f0e9ba
commit 51cc5832c3
1 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/src/plugins/ip-gate.js
+9 -2
View File
@@ -5,6 +5,13 @@ const EXCLUDED_PATHS = [
'/api/admin/notifications/telegram/webhook', '/api/admin/notifications/telegram/webhook',
] ]
function normalizeIp(ip) {
if (ip && ip.startsWith('::ffff:')) {
return ip.slice(7)
}
return ip
}
function build403Html(ip) { function build403Html(ip) {
const safeIp = ip || 'не определён' const safeIp = ip || 'не определён'
return `<!DOCTYPE html> return `<!DOCTYPE html>
@@ -79,7 +86,7 @@ export async function registerIpGate(fastify) {
const allowedIps = allowed const allowedIps = allowed
.split(',') .split(',')
.map((s) => s.trim()) .map((s) => normalizeIp(s.trim()))
.filter(Boolean) .filter(Boolean)
if (allowedIps.length === 0) return if (allowedIps.length === 0) return
@@ -88,7 +95,7 @@ export async function registerIpGate(fastify) {
if (EXCLUDED_PATHS.includes(urlPath)) return if (EXCLUDED_PATHS.includes(urlPath)) return
if (allowedIps.includes(request.ip)) return if (allowedIps.includes(normalizeIp(request.ip))) return
return reply.code(403).type('text/html').send(build403Html(request.ip)) return reply.code(403).type('text/html').send(build403Html(request.ip))
}) })