* Gets the HTTP deny list. * When HTTP_SECURITY_CHECK=false, the default deny list is omitted and only * HTTP_DENY_LIST entries are used. Defaults to true (secure). * @returns Array of denied IP addresses, hostnames, or CIDR ranges
()
| 33 | * @returns Array of denied IP addresses, hostnames, or CIDR ranges |
| 34 | */ |
| 35 | function getHttpDenyList(): string[] { |
| 36 | const securityCheckEnabled = process.env.HTTP_SECURITY_CHECK !== 'false' |
| 37 | const httpDenyListString = process.env.HTTP_DENY_LIST |
| 38 | const customList = httpDenyListString |
| 39 | ? httpDenyListString |
| 40 | .split(',') |
| 41 | .map((s) => s.trim()) |
| 42 | .filter(Boolean) |
| 43 | : [] |
| 44 | |
| 45 | if (securityCheckEnabled) { |
| 46 | return [...new Set([...DEFAULT_DENY_LIST, ...customList])] |
| 47 | } |
| 48 | return customList |
| 49 | } |
| 50 | |
| 51 | /** |
| 52 | * Checks if an IP address is in the deny list |
no outgoing calls
no test coverage detected