(requestsConfig)
| 477 | } |
| 478 | |
| 479 | function requestsConfigAssert(requestsConfig) { |
| 480 | if (requestsConfig.viaProxy !== undefined) { |
| 481 | assert(typeof requestsConfig.viaProxy === 'boolean', |
| 482 | 'config: invalid requests configuration. viaProxy must be a ' + |
| 483 | 'boolean'); |
| 484 | |
| 485 | if (requestsConfig.viaProxy) { |
| 486 | assert(Array.isArray(requestsConfig.trustedProxyCIDRs) && |
| 487 | requestsConfig.trustedProxyCIDRs.length > 0 && |
| 488 | requestsConfig.trustedProxyCIDRs |
| 489 | .every(ip => typeof ip === 'string'), |
| 490 | 'config: invalid requests configuration. ' + |
| 491 | 'trustedProxyCIDRs must be set if viaProxy is set to true ' + |
| 492 | 'and must be an array'); |
| 493 | |
| 494 | assert(typeof requestsConfig.extractClientIPFromHeader === 'string' |
| 495 | && requestsConfig.extractClientIPFromHeader.length > 0, |
| 496 | 'config: invalid requests configuration. ' + |
| 497 | 'extractClientIPFromHeader must be set if viaProxy is ' + |
| 498 | 'set to true and must be a string'); |
| 499 | |
| 500 | assert(typeof requestsConfig.extractProtocolFromHeader === 'string' |
| 501 | && requestsConfig.extractProtocolFromHeader.length > 0, |
| 502 | 'config: invalid requests configuration. ' + |
| 503 | 'extractProtocolFromHeader must be set if viaProxy is ' + |
| 504 | 'set to true and must be a string'); |
| 505 | } |
| 506 | |
| 507 | // All headers in NodeJS are lowercase: to be exploitable |
| 508 | // we need to lowercase the value. |
| 509 | // eslint-disable-next-line no-param-reassign |
| 510 | requestsConfig.extractClientIPFromHeader = |
| 511 | requestsConfig.extractClientIPFromHeader?.toLowerCase(); |
| 512 | // eslint-disable-next-line no-param-reassign |
| 513 | requestsConfig.extractProtocolFromHeader = |
| 514 | requestsConfig.extractProtocolFromHeader?.toLowerCase(); |
| 515 | } |
| 516 | } |
| 517 | |
| 518 | function bucketNotifAssert(bucketNotifConfig) { |
| 519 | assert(Array.isArray(bucketNotifConfig), |
no outgoing calls
no test coverage detected