39 lines
894 B
TypeScript
39 lines
894 B
TypeScript
export function isLocalhost(
|
|
req: Request,
|
|
connInfo?: Deno.ServeHandlerInfo,
|
|
): boolean {
|
|
if (connInfo?.remoteAddr) {
|
|
const remoteAddr = connInfo.remoteAddr;
|
|
if (remoteAddr.transport === 'tcp') {
|
|
const hostname = remoteAddr.hostname;
|
|
return hostname === '127.0.0.1' || hostname === '::1';
|
|
}
|
|
if (remoteAddr.transport === 'unix') {
|
|
return true;
|
|
}
|
|
}
|
|
const url = new URL(req.url);
|
|
const hostname = url.hostname;
|
|
if (hostname === '127.0.0.1' || hostname === '::1') {
|
|
return true;
|
|
}
|
|
if (hostname === 'localhost') {
|
|
const suspiciousHeaders = [
|
|
'x-forwarded-for',
|
|
'x-forwarded-host',
|
|
'x-real-ip',
|
|
'cf-connecting-ip',
|
|
'x-cluster-client-ip',
|
|
];
|
|
|
|
for (const header of suspiciousHeaders) {
|
|
if (req.headers.get(header)) {
|
|
return false;
|
|
}
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|