mirror of
https://github.com/DumbWareio/DumbPad.git
synced 2026-02-20 00:26:48 +08:00
0213fd811a
* fix: validate client IP for rate-limiting & PIN auth (TRUST_PROXY config) BREAKING CHANGE: TRUST_PROXY now defaults to false. Set TRUST_PROXY=true and configure TRUSTED_PROXY_IPS if deploying behind a reverse proxy. - Add secure IP extraction utility that ignores X-Forwarded-For by default - Implement TRUST_PROXY and TRUSTED_PROXY_IPS configuration - Update brute-force protection to use validated client IPs - Prevent IP spoofing attacks on authentication endpoints * Enhance proxy trust and IP extraction security Improves handling of TRUST_PROXY and TRUSTED_PROXY_IPS in server.js to prevent misconfiguration and potential security issues. Refactors ipExtractor.js for better input validation, normalization of IP addresses, and more robust extraction of client IPs, including additional guards and debug logging. * Add client IP validation for rate-limiting endpoints Enhances security by ensuring a valid client IP is present for rate-limiting in /api/verify-pin and /api/pin-required endpoints. Requests with null IPs are rejected for /api/verify-pin and logged for /api/pin-required, preventing potential exploitation of shared rate-limit counters. * Enhance TRUSTED_PROXY_IPS parsing and validation Added support for shell-style inline comments in TRUSTED_PROXY_IPS and improved validation for IP/CIDR formats and special keywords. Invalid entries are now ignored with a warning, increasing robustness and clarity in proxy configuration. * Add CIDR and comment support to trusted proxy parsing Enhanced the parseTrustedProxies function to support inline shell-style comments and improved isTrustedProxy to handle CIDR ranges using ipaddr.js. Updated dependencies to include ipaddr.js. This allows more flexible and robust configuration of trusted proxies. * Fail-secure on missing client IP in /api/pin-required Change the /api/pin-required endpoint to treat requests with undetectable client IPs as locked out, improving security by defaulting to a fail-secure posture. Also update logging to reflect the security concern. * Bump version to 1.0.5 * Improve proxy IP validation using ipaddr.js Replaces regex-based IP/CIDR validation with ipaddr.js for more accurate and robust checking of trusted proxy IPs. This change prevents malformed IP addresses from being accepted and ensures proper handling of both IPv4 and IPv6 addresses, including CIDR notation and Express keywords.