martin/stone
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

changed the url to /feed/ and reject everything else

Browse Source
This commit is contained in:
Martin Donnelly 2018-06-13 22:43:09 +01:00
parent 708034e143
commit 22cee0b4fa
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
server.js
View File

@ -24,6 +24,10 @@ const cache = apicache.middleware;
app.use(cache('15 minutes')); app.use(cache('15 minutes'));
const ips = [
];
const bouncer = ['phpmyadmin', const bouncer = ['phpmyadmin',
'phpMyadmin', 'phpMyadmin',
'phpMyAdmin', 'phpMyAdmin',
@ -84,6 +88,7 @@ const bouncer = ['phpmyadmin',
function getUrl (req, res) { function getUrl (req, res) {
const theUrl = req.params.encoded_id; const theUrl = req.params.encoded_id;
logger.info(`IP:${req.ip}`);
logger.debug('Want', theUrl); logger.debug('Want', theUrl);
if (theUrl === undefined || bouncer.indexOf(theUrl) !== -1 || theUrl === '') { if (theUrl === undefined || bouncer.indexOf(theUrl) !== -1 || theUrl === '') {
logger.warn(`You're not getting in ${theUrl}`); logger.warn(`You're not getting in ${theUrl}`);
@ -180,7 +185,9 @@ app.get('/feed/:encoded_id', getUrl);
// Final middleware is our catch-all error handler // Final middleware is our catch-all error handler
app.get('*', function(req, res, next) { app.get('*', function(req, res, next) {
const err = new Error(`${req.ip} tried to access /Forbidden`); // Sets error message, includes the requester's ip address! log
const err = new Error(`${req.ip} tried to access /Forbidden`);
// Sets error message, includes the requester's ip address!
err.statusCode = 403; err.statusCode = 403;
next(err); next(err);
}); });