From b2c5932cddf0f2bbef02dbd7e66b07ab116b86ad Mon Sep 17 00:00:00 2001 From: Rich Harris Date: Wed, 16 Mar 2022 13:28:09 -0400 Subject: [PATCH 1/3] use XFF_DEPTH_ENV --- packages/adapter-node/index.d.ts | 2 +- packages/adapter-node/index.js | 12 ++++-------- packages/adapter-node/src/handler.d.ts | 2 +- packages/adapter-node/src/handler.js | 13 +++++++------ 4 files changed, 13 insertions(+), 16 deletions(-) diff --git a/packages/adapter-node/index.d.ts b/packages/adapter-node/index.d.ts index fbc0aa744f39..b7785dfb63e7 100644 --- a/packages/adapter-node/index.d.ts +++ b/packages/adapter-node/index.d.ts @@ -14,13 +14,13 @@ interface AdapterOptions { host?: string; port?: string; origin?: string; + xffDepth?: string; headers?: { address?: string; protocol?: string; host?: string; }; }; - xForwardedForNumProxies?: number; } declare function plugin(options?: AdapterOptions): Adapter; diff --git a/packages/adapter-node/index.js b/packages/adapter-node/index.js index 4fbb53e57ac8..b84f6b4e8b76 100644 --- a/packages/adapter-node/index.js +++ b/packages/adapter-node/index.js @@ -18,22 +18,18 @@ export default function ({ host: host_env = 'HOST', port: port_env = 'PORT', origin: origin_env = 'ORIGIN', + xffDepth: xff_depth_env = 'XFF_DEPTH', headers: { address: address_header_env = 'ADDRESS_HEADER', protocol: protocol_header_env = 'PROTOCOL_HEADER', host: host_header_env = 'HOST_HEADER' } = {} - } = {}, - xForwardedForNumProxies = 1 + } = {} } = {}) { return { name: '@sveltejs/adapter-node', async adapt(builder) { - if (xForwardedForNumProxies < 1) { - throw new Error('xForwardedForNumProxies cannot be less than 1'); - } - builder.rimraf(out); builder.log.minor('Copying assets'); @@ -57,10 +53,10 @@ export default function ({ HOST_ENV: JSON.stringify(host_env), PORT_ENV: JSON.stringify(port_env), ORIGIN: origin_env ? `process.env[${JSON.stringify(origin_env)}]` : 'undefined', + XFF_DEPTH_ENV: xff_depth_env, PROTOCOL_HEADER: JSON.stringify(protocol_header_env), HOST_HEADER: JSON.stringify(host_header_env), - ADDRESS_HEADER: JSON.stringify(address_header_env), - X_FORWARDED_FOR_PROXIES: JSON.stringify(xForwardedForNumProxies) + ADDRESS_HEADER: JSON.stringify(address_header_env) } }); diff --git a/packages/adapter-node/src/handler.d.ts b/packages/adapter-node/src/handler.d.ts index af4fd5b9a594..2249bf2757c6 100644 --- a/packages/adapter-node/src/handler.d.ts +++ b/packages/adapter-node/src/handler.d.ts @@ -5,7 +5,7 @@ declare global { const ADDRESS_HEADER: string; const HOST_HEADER: string; const PROTOCOL_HEADER: string; - const X_FORWARDED_FOR_PROXIES: number; + const XFF_DEPTH_ENV: string; } export const handler: Handle; diff --git a/packages/adapter-node/src/handler.js b/packages/adapter-node/src/handler.js index 07e7e4d5d8c5..30b3778e8758 100644 --- a/packages/adapter-node/src/handler.js +++ b/packages/adapter-node/src/handler.js @@ -7,10 +7,11 @@ import { getRequest, setResponse } from '@sveltejs/kit/node'; import { Server } from 'SERVER'; import { manifest } from 'MANIFEST'; -/* global ORIGIN, ADDRESS_HEADER, PROTOCOL_HEADER, HOST_HEADER, X_FORWARDED_FOR_PROXIES */ +/* global ORIGIN, ADDRESS_HEADER, PROTOCOL_HEADER, HOST_HEADER, XFF_DEPTH */ const server = new Server(manifest); const origin = ORIGIN; +const xff_depth = XFF_DEPTH_ENV ? parseInt(process.env[XFF_DEPTH_ENV]) : 1; const address_header = ADDRESS_HEADER && (process.env[ADDRESS_HEADER] || '').toLowerCase(); const protocol_header = PROTOCOL_HEADER && process.env[PROTOCOL_HEADER]; @@ -62,12 +63,12 @@ const ssr = async (req, res) => { if (address_header === 'x-forwarded-for') { const addresses = value.split(','); - if (X_FORWARDED_FOR_PROXIES > addresses.length) { - throw new Error( - `Received xForwardedForNumProxies of ${X_FORWARDED_FOR_PROXIES}, but only found ${addresses.length} addresses` - ); + + if (xff_depth < 1) { + throw new Error(`${XFF_DEPTH_ENV} must be a positive integer`); } - return addresses[addresses.length - X_FORWARDED_FOR_PROXIES].trim(); + + return addresses[addresses.length - xff_depth].trim(); } return value; From 775d5891d0da61ffd32ae987a44cc1a5ed4d149e Mon Sep 17 00:00:00 2001 From: Rich Harris Date: Wed, 16 Mar 2022 13:30:55 -0400 Subject: [PATCH 2/3] get rid of get_xff_depth --- packages/adapter-node/src/handler.js | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/packages/adapter-node/src/handler.js b/packages/adapter-node/src/handler.js index 7ec7b1e84fe9..cc2eabf8c4c8 100644 --- a/packages/adapter-node/src/handler.js +++ b/packages/adapter-node/src/handler.js @@ -19,20 +19,6 @@ const host_header = (HOST_HEADER && process.env[HOST_HEADER]) || 'host'; const __dirname = path.dirname(fileURLToPath(import.meta.url)); -function get_xff_depth() { - const value = process.env['XFF_DEPTH']; - let xff_depth; - try { - xff_depth = value ? parseInt(value) : 1; - } catch (err) { - throw new Error('Expected XFF_DEPTH to be an integer. Received ${value}'); - } - if (xff_depth < 1) { - throw new Error('XFF_DEPTH cannot be less than 1'); - } - return xff_depth; -} - /** * @param {string} path * @param {number} max_age From cad6e94ea8fd0ba75e9d52d2fab7b2a49565e1eb Mon Sep 17 00:00:00 2001 From: Rich Harris Date: Wed, 16 Mar 2022 13:31:43 -0400 Subject: [PATCH 3/3] typo --- packages/adapter-node/src/handler.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/adapter-node/src/handler.js b/packages/adapter-node/src/handler.js index cc2eabf8c4c8..208d75d4dce4 100644 --- a/packages/adapter-node/src/handler.js +++ b/packages/adapter-node/src/handler.js @@ -7,7 +7,7 @@ import { getRequest, setResponse } from '@sveltejs/kit/node'; import { Server } from 'SERVER'; import { manifest } from 'MANIFEST'; -/* global ORIGIN, ADDRESS_HEADER, PROTOCOL_HEADER, HOST_HEADER, XFF_DEPTH */ +/* global ORIGIN, ADDRESS_HEADER, PROTOCOL_HEADER, HOST_HEADER, XFF_DEPTH_ENV */ const server = new Server(manifest); const origin = ORIGIN;