Files
gitmost/apps/server/src/integrations/environment/trust-proxy.util.ts
T
claude code agent 227 ec4622a1b8 test(security): export + unit-test resolveTrustProxy (#105)
Relocate resolveTrustProxy from main.ts (untestable — bootstraps on import) to
integrations/environment/trust-proxy.util.ts and import it back. Unit-test every
branch (empty/undefined -> safe loopback/private default; true/false; hop count;
trim; CIDR/negative passthrough) so a regression can't silently re-open the XFF
spoofing hole (#61).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-21 05:52:15 +03:00

15 lines
630 B
TypeScript

// Trust X-Forwarded-For ONLY from real proxies on private/loopback nets by
// default, so a public-IP client cannot spoof its IP via X-Forwarded-For.
// TRUST_PROXY env overrides: 'true'/'false', a hop count (integer), or a
// CIDR/IP list string passed through to Fastify/proxy-addr.
export function resolveTrustProxy(
rawInput?: string,
): boolean | number | string {
const raw = rawInput?.trim();
if (raw == null || raw === '') return 'loopback, linklocal, uniquelocal';
if (raw === 'true') return true;
if (raw === 'false') return false;
const n = Number(raw);
return Number.isInteger(n) && n >= 0 ? n : raw;
}