├── tea.yaml ├── .travis.yml ├── .gitignore ├── package.json ├── CHANGELOG.md ├── LICENSE ├── defaults.json ├── index.js ├── README.md └── test ├── ipv6_test.js └── ipv4_test.js /tea.yaml: -------------------------------------------------------------------------------- 1 | # https://tea.xyz/what-is-this-file 2 | --- 3 | version: 1.0.0 4 | codeOwners: 5 | - '0xaC8Bb28685BD43FD784DC902E132829c6C6DafA2' 6 | quorum: 1 7 | 8 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | language: node_js 2 | node_js: 3 | - "9" 4 | - "8" 5 | - "7" 6 | - "6" 7 | - "6.6" 8 | - "5" 9 | - "5.11" 10 | - "4" 11 | - "4.4" 12 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Logs 2 | logs 3 | *.log 4 | 5 | # Runtime data 6 | pids 7 | *.pid 8 | *.seed 9 | 10 | # Directory for instrumented libs generated by jscoverage/JSCover 11 | lib-cov 12 | 13 | # Coverage directory used by tools like istanbul 14 | coverage 15 | 16 | # Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files) 17 | .grunt 18 | 19 | # Compiled binary addons (http://nodejs.org/api/addons.html) 20 | build/Release 21 | 22 | # Dependency directory 23 | # Commenting this out is preferred by some people, see 24 | # https://www.npmjs.org/doc/misc/npm-faq.html#should-i-check-my-node_modules-folder-into-git- 25 | node_modules 26 | 27 | # Users Environment Variables 28 | .lock-wscript 29 | -------------------------------------------------------------------------------- /package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "ipware", 3 | "version": "2.0.0", 4 | "description": "Returns the real IP address of users in Node.js", 5 | "main": "index.js", 6 | "repository": { 7 | "type": "git", 8 | "url": "https://github.com/un33k/node-ipware.git" 9 | }, 10 | "keywords": [ 11 | "ip address", 12 | "client IP address", 13 | "user IP address" 14 | ], 15 | "author": "Val Neekman @ Neekware Inc.", 16 | "license": "MIT", 17 | "bugs": { 18 | "url": "https://github.com/un33k/node-ipware/issues" 19 | }, 20 | "homepage": "https://github.com/un33k/node-ipware", 21 | "dependencies": {}, 22 | "devDependencies": { 23 | "mocha": "^2.5.3" 24 | }, 25 | "scripts": { 26 | "test": "mocha --reporter spec test/*_test.js" 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | ## 1.0.0 2 | 3 | Enhancement: 4 | - Remove Leaks 5 | - Add trusted proxy support 6 | - Add node 6.x.x support 7 | - Change to MIT licensing 8 | 9 | ## 0.0.8 10 | 11 | Enhancement: 12 | 13 | - Added support for proxies with `underscores_in_headers off;` 14 | - Handling hyphen as delimiter - ex: `X-FORWARDED-FOR` instead of `X_FORWARDED_FOR` 15 | - Up version node.js in .travis.yml 16 | 17 | ## 0.0.7 18 | 19 | Enhancement: 20 | 21 | - Added support for x_forwarded_for 22 | 23 | ## 0.0.6 24 | 25 | Enhancement: 26 | 27 | - Added support for 1.0.0.0/8 and 2.0.0.0/8 blocks 28 | 29 | ## 0.0.5 30 | 31 | Enhancement: 32 | 33 | - Return the local loop address if no ip is found 34 | 35 | ## 0.0.4 36 | 37 | Enhancement: 38 | 39 | - Support for Left2Right or Right2Left Proxy IP Lookup 40 | 41 | ## 0.0.3 42 | 43 | Bugfix: 44 | 45 | - Proper check of initialization 46 | 47 | ## 0.0.2 48 | 49 | Updates: 50 | 51 | - Test Enhancement 52 | 53 | 54 | ## 0.0.1 55 | 56 | Features: 57 | 58 | - Initial Release 59 | 60 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License 2 | 3 | Copyright (c) Val Neekman @ Neekware Inc. http://neekware.com 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in 13 | all copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 21 | THE SOFTWARE. -------------------------------------------------------------------------------- /defaults.json: -------------------------------------------------------------------------------- 1 | { 2 | "IPWARE_HTTP_HEADER_PRECEDENCE_ORDER": [ 3 | "HTTP_X_FORWARDED_FOR", 4 | "HTTP_CLIENT_IP", 5 | "HTTP_X_REAL_IP", 6 | "HTTP_X_FORWARDED", 7 | "HTTP_X_CLUSTER_CLIENT_IP", 8 | "HTTP_FORWARDED_FOR", 9 | "HTTP_FORWARDED", 10 | "HTTP_VIA", 11 | "X_FORWARDED_FOR", 12 | "REMOTE_ADDR" 13 | ], 14 | 15 | "IPWARE_HTTP_HEADER_PROXY_PRECEDENCE_ORDER": [ 16 | "HTTP_X_FORWARDED_FOR", 17 | "X_FORWARDED_FOR" 18 | ], 19 | 20 | "IPWARE_TRUSTED_PROXY_LIST": [ 21 | ], 22 | 23 | "IPV4_EXTERNALLY_NON_ROUTABLE_IP_PREFIX": [ 24 | "0." 25 | ], 26 | 27 | "IPV4_CLASS_A_PRIVATE_BLOCK_IP_PREFIX": [ 28 | "10." 29 | ], 30 | 31 | "IPV4_CARRIER_GRADE_NAT_IP_PREFIX": [ 32 | "100.64.", 33 | "100.65.", 34 | "100.66.", 35 | "100.67.", 36 | "100.68.", 37 | "100.69.", 38 | "100.70.", 39 | "100.71.", 40 | "100.72.", 41 | "100.73.", 42 | "100.74.", 43 | "100.75.", 44 | "100.76.", 45 | "100.77.", 46 | "100.78.", 47 | "100.79.", 48 | "100.80.", 49 | "100.81.", 50 | "100.82.", 51 | "100.83.", 52 | "100.84.", 53 | "100.85.", 54 | "100.86.", 55 | "100.87.", 56 | "100.88.", 57 | "100.89.", 58 | "100.90.", 59 | "100.91.", 60 | "100.92.", 61 | "100.93.", 62 | "100.94.", 63 | "100.95.", 64 | "100.96.", 65 | "100.97.", 66 | "100.98.", 67 | "100.99.", 68 | "100.100.", 69 | "100.101.", 70 | "100.102.", 71 | "100.103.", 72 | "100.104.", 73 | "100.105.", 74 | "100.106.", 75 | "100.107.", 76 | "100.108.", 77 | "100.109.", 78 | "100.110.", 79 | "100.111.", 80 | "100.112.", 81 | "100.113.", 82 | "100.114.", 83 | "100.115.", 84 | "100.116.", 85 | "100.117.", 86 | "100.118.", 87 | "100.119.", 88 | "100.120.", 89 | "100.121.", 90 | "100.122.", 91 | "100.123.", 92 | "100.124.", 93 | "100.125.", 94 | "100.126.", 95 | "100.127." 96 | ], 97 | 98 | "IPV4_LOCAL_LINK_BLOCK_IP_PREFIX": [ 99 | "169.254." 100 | ], 101 | 102 | "IPV4_CLASS_B_PRIVATE_BLOCK_IP_PREFIX": [ 103 | "172.16.", 104 | "172.17.", 105 | "172.18.", 106 | "172.19.", 107 | "172.20.", 108 | "172.21.", 109 | "172.22.", 110 | "172.23.", 111 | "172.24.", 112 | "172.25.", 113 | "172.26.", 114 | "172.27.", 115 | "172.28.", 116 | "172.29.", 117 | "172.30.", 118 | "172.31." 119 | ], 120 | 121 | "IPV4_INAA_SPECIAL_ADDRESS_REGISTRY_IP_PREFIX": [ 122 | "192.0.0." 123 | ], 124 | 125 | "IPV4_DOCUMENTATION_AND_EXAMPLE_CODE_192_IP_PREFIX": [ 126 | "192.0.2." 127 | ], 128 | 129 | "IPV4_CLASS_C_PRIVATE_BLOCK_IP_PREFIX": [ 130 | "192.168." 131 | ], 132 | 133 | "IPV4_INNER_NETWORK_COMMUNICATION_BETWEEN_TWO_SEPARATE_SUBNETS_IP_PREFIX": [ 134 | "198.18.", 135 | "198.19." 136 | ], 137 | 138 | "IPV4_DOCUMENTATION_AND_EXAMPLE_CODE_198_IP_PREFIX": [ 139 | "198.51.100." 140 | ], 141 | 142 | "IPV4_DOCUMENTATION_AND_EXAMPLE_CODE_203_IP_PREFIX": [ 143 | "203.0.113." 144 | ], 145 | 146 | "IPV4_MULTICAST_IP_PREFIX": [ 147 | "224.", 148 | "225.", 149 | "226.", 150 | "227.", 151 | "228.", 152 | "229.", 153 | "230.", 154 | "231.", 155 | "232.", 156 | "233.", 157 | "234.", 158 | "235.", 159 | "236.", 160 | "237.", 161 | "238.", 162 | "239." 163 | ], 164 | 165 | "IPV4_RESERVED_IP_PREFIX": [ 166 | "240.", 167 | "241.", 168 | "242.", 169 | "243.", 170 | "244.", 171 | "245.", 172 | "246.", 173 | "247.", 174 | "248.", 175 | "249.", 176 | "250.", 177 | "251.", 178 | "252.", 179 | "253.", 180 | "254." 181 | ], 182 | 183 | "IPV4_BRODCAST_IP_PREFIX": [ 184 | "255." 185 | ], 186 | 187 | "IPV4_LOOPBACK_IP_PREFIX": [ 188 | "127." 189 | ], 190 | 191 | "IPV6_EXAMPLE_CODE_DOCUMENTATION_IP_PREFIX": [ 192 | "2001:db8:" 193 | ], 194 | 195 | "IPV6_PRIVATE_BLOCK_IP_PREFIX": [ 196 | "fc00:" 197 | ], 198 | 199 | "IPV6_LINK_LOCAL_UNICAST_IP_PREFIX": [ 200 | "fe80:" 201 | ], 202 | 203 | "IPV6_MULTICAST_IP_PREFIX": [ 204 | "ff00:" 205 | ], 206 | 207 | "IPV6_LOOPBACK_IP_PREFIX": [ 208 | "::1" 209 | ] 210 | 211 | } 212 | -------------------------------------------------------------------------------- /index.js: -------------------------------------------------------------------------------- 1 | var is_initialized = false; 2 | var ipware_defs = null; 3 | var ipware_precedence_list = []; 4 | var ipware_proxy_precedence_list = []; 5 | var ipware_proxy_list = []; 6 | var ipware_prefix_list = []; 7 | 8 | 9 | module.exports = function (config_file) { 10 | var _me = {}; 11 | var _conf = config_file || __dirname + '/defaults.json'; 12 | 13 | function get_precedence_list() { 14 | try { 15 | ipware_precedence_list = ipware_defs.IPWARE_HTTP_HEADER_PRECEDENCE_ORDER; 16 | } catch(e) { 17 | throw e; 18 | } 19 | } 20 | 21 | function get_proxy_precedence_list() { 22 | try { 23 | ipware_proxy_precedence_list = ipware_defs.IPWARE_HTTP_HEADER_PROXY_PRECEDENCE_ORDER; 24 | } catch(e) { 25 | throw e; 26 | } 27 | } 28 | 29 | function get_proxy_list() { 30 | try { 31 | ipware_proxy_list = ipware_defs.IPWARE_TRUSTED_PROXY_LIST; 32 | } catch(e) { 33 | throw e; 34 | } 35 | } 36 | 37 | function get_non_routable_prefix_list() { 38 | for (var prefix in ipware_defs) { 39 | if (prefix.indexOf('IPV4') === 0 || prefix.indexOf('IPV6') === 0) { 40 | var private_prefix = ipware_defs[prefix]; 41 | ipware_prefix_list = ipware_prefix_list.concat(private_prefix); 42 | } 43 | } 44 | if (ipware_prefix_list.length === 0) { 45 | throw "No private IP prefix found in " + _conf; 46 | } 47 | } 48 | 49 | function get_config_file() { 50 | try { 51 | ipware_defs = require(_conf); 52 | } catch(e) { 53 | throw e; 54 | } 55 | } 56 | 57 | function initialize() { 58 | if (!is_initialized) { 59 | get_config_file(); 60 | get_precedence_list(); 61 | get_proxy_precedence_list(); 62 | get_proxy_list(); 63 | get_non_routable_prefix_list(); 64 | is_initialized = true; 65 | } 66 | } 67 | 68 | _me.cleanup_ip = function (ip) { 69 | var ip = ip.trim(); 70 | if (ip.toLowerCase().startsWith('::ffff:')) { 71 | return ip.substring('::ffff:'.length) 72 | } 73 | return ip; 74 | } 75 | 76 | _me.is_loopback_ip = function (ip) { 77 | var ip = ip.toLowerCase().trim(); 78 | return ip === '127.0.0.1' || ip === '::1'; 79 | } 80 | 81 | _me.is_private_ip = function (ip) { 82 | var ip = ip.toLowerCase(); 83 | for (var i = 0; i < ipware_prefix_list.length; i++) { 84 | var prefix = ipware_prefix_list[i]; 85 | if (ip.indexOf(prefix.toLowerCase()) === 0) { 86 | return true; 87 | } 88 | } 89 | return false; 90 | } 91 | 92 | _me.is_valid_ipv4 = function (ip) { 93 | var ipv4_pattern = /^(\d?\d?\d)\.(\d?\d?\d)\.(\d?\d?\d)\.(\d?\d?\d)$/; 94 | if (!ipv4_pattern.test(ip)) { 95 | return false; 96 | } 97 | var token = ip.split('.'); 98 | return token[0] <= 255 && token[1] <= 255 && token[2] <= 255 && token[3] <= 255; 99 | } 100 | 101 | _me.is_valid_ipv6 = function (ip) { 102 | var ipv6_pattern = /^::|^::1|^([a-fA-F0-9]{1,4}::?){1,7}([a-fA-F0-9]{1,4})$/; 103 | return ipv6_pattern.test(ip) 104 | } 105 | 106 | _me.is_valid_ip = function (ip) { 107 | return _me.is_valid_ipv4(ip) || _me.is_valid_ipv6(ip); 108 | } 109 | 110 | _me.get_headers_attribute = function (headers, key) { 111 | var key_upper = key.toUpperCase(); 112 | if (key_upper in headers) { 113 | return headers[key_upper]; 114 | } 115 | 116 | var key_lower = key.toLowerCase(); 117 | if (key_lower in headers) { 118 | return headers[key_lower]; 119 | } 120 | 121 | var alt_key_lower = key_lower.replace(/_/g, '-'); 122 | if (alt_key_lower in headers) { 123 | return headers[alt_key_lower]; 124 | } 125 | 126 | var alt_key_upper = alt_key_lower.toUpperCase() 127 | if (alt_key_upper in headers) { 128 | return headers[alt_key_upper]; 129 | } 130 | 131 | return null; 132 | } 133 | 134 | _me.get_local_ip = function (req) { 135 | var ip = '127.0.0.1'; 136 | try { 137 | ip = req.connection.remoteAddress; 138 | } catch (e) { 139 | try { 140 | ip = req.socket.remoteAddress; 141 | } catch (e) { 142 | try { 143 | ip = req.connection.socket.remoteAddress; 144 | } catch (e) { 145 | ip = '127.0.0.1'; 146 | } 147 | } 148 | } 149 | return ip || '127.0.0.1'; 150 | } 151 | 152 | _me.get_ip = function (req, right_most_proxy) { 153 | 154 | initialize(); 155 | req.clientIpRoutable = false; 156 | req.clientIp = null; 157 | var value = null; 158 | var right_most_proxy = right_most_proxy || false; 159 | 160 | for (var i = 0; i < ipware_precedence_list.length; i++) { 161 | value = _me.get_headers_attribute(req.headers, ipware_precedence_list[i].trim()); 162 | if (value) { 163 | var ips = value.split(','); 164 | if (right_most_proxy) { 165 | ips = ips.reverse(); 166 | } 167 | for (var j = 0; j < ips.length; j++) { 168 | var ip = _me.cleanup_ip(ips[j]); 169 | if (ip && _me.is_valid_ip(ip)) { 170 | if (_me.is_private_ip(ip)) { 171 | if (!req.clientIp || (!_me.is_loopback_ip(ip) && 172 | _me.is_loopback_ip(req.clientIp))) { 173 | req.clientIp = ip; 174 | } 175 | } else { 176 | req.clientIp = ip; 177 | req.clientIpRoutable = true; 178 | return {clientIp: req.clientIp, clientIpRoutable: req.clientIpRoutable} 179 | } 180 | } 181 | } 182 | } 183 | } 184 | if (!req.clientIp) { 185 | req.clientIp = _me.get_local_ip(req); 186 | req.clientIpRoutable = !_me.is_private_ip(req.clientIp); 187 | } 188 | 189 | return {clientIp: req.clientIp, clientIpRoutable: req.clientIpRoutable} 190 | }; 191 | 192 | _me.get_trusted_ip = function (req, trusted_proxies, right_most_proxy) { 193 | initialize(); 194 | var trusted_proxies = trusted_proxies || ipware_proxy_list; 195 | var right_most_proxy = right_most_proxy || false; 196 | req.clientIpRoutable = false; 197 | req.clientIp = null; 198 | var value = null; 199 | 200 | if (trusted_proxies.length >= 1) { 201 | for (var i = 0; i < ipware_proxy_precedence_list.length; i++) { 202 | value = _me.get_headers_attribute(req.headers, ipware_proxy_precedence_list[i].trim()); 203 | if (value) { 204 | var ips = value.split(','); 205 | if (ips.length > 1 && right_most_proxy) { 206 | ips = ips.reverse(); 207 | } 208 | if (ips.length > 1) { 209 | for (var j = 0; j < trusted_proxies.length; j++) { 210 | if (trusted_proxies[j] === ips[ips.length-1].trim()) { 211 | var ip = _me.cleanup_ip(ips[0]); 212 | if (ip && _me.is_valid_ip(ip)) { 213 | req.clientIp = ip; 214 | req.clientIpRoutable = !_me.is_private_ip(ip); 215 | return {clientIp: req.clientIp, clientIpRoutable: req.clientIpRoutable} 216 | } 217 | } 218 | } 219 | } 220 | } 221 | } 222 | } 223 | 224 | if (!req.clientIp) { 225 | req.clientIp = _me.get_local_ip(req); 226 | req.clientIpRoutable = !_me.is_private_ip(req.clientIp); 227 | } 228 | 229 | return {clientIp: req.clientIp, clientIpRoutable: req.clientIpRoutable} 230 | }; 231 | 232 | return _me; 233 | }; 234 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Library was deprecated in favor of [`@fullerstack/nax-ipware`](https://github.com/neekware/fullerstack/tree/main/libs/nax-ipware) 2 | 3 | Node IPware 4 | ==================== 5 | 6 | **A Node application to retrieve user's IP address** 7 | 8 | [![status-image]][status-link] 9 | [![version-image]][version-link] 10 | [![download-image]][download-link] 11 | 12 | Overview 13 | ==================== 14 | 15 | **Best attempt** to get user's (client's) real ip-address while keeping it **DRY**. 16 | 17 | How to install 18 | ==================== 19 | 20 | 1. npm install ipware 21 | 2. git clone http://github.com/un33k/node-ipware 22 | a. npm install node-ipware 23 | 3. wget https://github.com/un33k/node-ipware/zipball/master 24 | a. unzip the downloaded file 25 | b. npm install node-ipware 26 | 27 | How to use 28 | ==================== 29 | 30 | ```javascript 31 | // In your js file (e.g. app.js) 32 | var get_ip = require('ipware')().get_ip; 33 | app.use(function(req, res, next) { 34 | var ip_info = get_ip(req); 35 | console.log(ip_info); 36 | // { clientIp: '127.0.0.1', clientIpRoutable: false } 37 | next(); 38 | }); 39 | 40 | // `get_ip` also adds two fields to your request object 41 | // 1. `clientIp`, 2. `clientIpRoutable` 42 | // Where: 43 | // `clientIp` holds the client's IP address 44 | // 'clientIpRoutable` is `true` if user's IP is `public`. (externally route-able) 45 | // is `false` if user's IP is `private`. (not externally route-able) 46 | 47 | // Advanced option: By default the left most address in the `HTTP_X_FORWARDED_FOR` or `X_FORWARDED_FOR` 48 | // is returned. However, depending on your preference and needs, you can change this 49 | // behavior by passing the `right_most_proxy=True` to the API. 50 | // Note: Not all proxies are equal. So left to right or right to left preference is not a 51 | // rule that all proxy servers follow. 52 | 53 | var ip_info = get_ip(req, right_most_proxy=True) 54 | ``` 55 | 56 | Advanced users: 57 | ==================== 58 | 59 | ```javascript 60 | // 1. Trusted Proxies: 61 | // ************************* 62 | // To only get client ip addresses from your own trusted proxy server(s), use `get_trusted_ip()`. 63 | // In your js file (e.g. app.js) 64 | var get_trusted_ip = require('ipware')().get_trusted_ip; 65 | var trusted_proxies = ['177.144.11.100', '177.144.11.101']; 66 | app.use(function(req, res, next) { 67 | var ip_info = get_trusted_ip(req, trusted_proxies); 68 | console.log(ip_info); 69 | // { clientIp: '177.100.44.22', clientIpRoutable: true } 70 | next(); 71 | }); 72 | 73 | // Alternatively, you can pass in the trusted proxies via the configuration file. 74 | { 75 | ... 76 | "IPWARE_TRUSTED_PROXY_LIST": [ 77 | '177.144.11.100', 78 | '177.144.11.101' 79 | ], 80 | ... 81 | } 82 | 83 | // 2. Customizable configuration file: 84 | // *********************************** 85 | // You can also use your own config file as below. 86 | // for `IPWARE_HTTP_HEADER_PRECEDENCE_ORDER` items, the 87 | // check is done from top to bottom where the request `headers` 88 | // is examined for the existence of the IP address field. 89 | 90 | // All lists that start with `IPV` are examined and if an IP 91 | // address starts with any of those patterns the IP is considered 92 | // `private`, otherwise the IP is considered `public` which means 93 | // the IP is externally routable. (reachable through the Internet :) 94 | 95 | // Simply copy the following content into a JSON file and 96 | // modify it to suit your needs and place it in your project 97 | // under version control. 98 | 99 | // Then you can use it like: 100 | // var get_ip = require('ipware')('../path/to/your/conf.json').get_ip; 101 | 102 | { 103 | "IPWARE_HTTP_HEADER_PRECEDENCE_ORDER": [ 104 | "HTTP_X_FORWARDED_FOR", 105 | "HTTP_CLIENT_IP", 106 | "HTTP_X_REAL_IP", 107 | "HTTP_X_FORWARDED", 108 | "HTTP_X_CLUSTER_CLIENT_IP", 109 | "HTTP_FORWARDED_FOR", 110 | "HTTP_FORWARDED", 111 | "HTTP_VIA", 112 | "X_FORWARDED_FOR", 113 | "REMOTE_ADDR" 114 | ], 115 | 116 | "IPWARE_HTTP_HEADER_PROXY_PRECEDENCE_ORDER": [ 117 | "HTTP_X_FORWARDED_FOR", 118 | "X_FORWARDED_FOR" 119 | ], 120 | 121 | "IPWARE_TRUSTED_PROXY_LIST": [ 122 | ], 123 | 124 | "IPV4_EXTERNALLY_NON_ROUTABLE_IP_PREFIX": [ 125 | "0." 126 | ], 127 | 128 | "IPV4_CLASS_A_PRIVATE_BLOCK_IP_PREFIX": [ 129 | "10." 130 | ], 131 | 132 | "IPV4_CARRIER_GRADE_NAT_IP_PREFIX": [ 133 | "100.64.", 134 | "100.65.", 135 | "100.66.", 136 | "100.67.", 137 | "100.68.", 138 | "100.69.", 139 | "100.70.", 140 | "100.71.", 141 | "100.72.", 142 | "100.73.", 143 | "100.74.", 144 | "100.75.", 145 | "100.76.", 146 | "100.77.", 147 | "100.78.", 148 | "100.79.", 149 | "100.80.", 150 | "100.81.", 151 | "100.82.", 152 | "100.83.", 153 | "100.84.", 154 | "100.85.", 155 | "100.86.", 156 | "100.87.", 157 | "100.88.", 158 | "100.89.", 159 | "100.90.", 160 | "100.91.", 161 | "100.92.", 162 | "100.93.", 163 | "100.94.", 164 | "100.95.", 165 | "100.96.", 166 | "100.97.", 167 | "100.98.", 168 | "100.99.", 169 | "100.100.", 170 | "100.101.", 171 | "100.102.", 172 | "100.103.", 173 | "100.104.", 174 | "100.105.", 175 | "100.106.", 176 | "100.107.", 177 | "100.108.", 178 | "100.109.", 179 | "100.110.", 180 | "100.111.", 181 | "100.112.", 182 | "100.113.", 183 | "100.114.", 184 | "100.115.", 185 | "100.116.", 186 | "100.117.", 187 | "100.118.", 188 | "100.119.", 189 | "100.120.", 190 | "100.121.", 191 | "100.122.", 192 | "100.123.", 193 | "100.124.", 194 | "100.125.", 195 | "100.126.", 196 | "100.127." 197 | ], 198 | 199 | "IPV4_LOCAL_LINK_BLOCK_IP_PREFIX": [ 200 | "169.254." 201 | ], 202 | 203 | "IPV4_CLASS_B_PRIVATE_BLOCK_IP_PREFIX": [ 204 | "172.16.", 205 | "172.17.", 206 | "172.18.", 207 | "172.19.", 208 | "172.20.", 209 | "172.21.", 210 | "172.22.", 211 | "172.23.", 212 | "172.24.", 213 | "172.25.", 214 | "172.26.", 215 | "172.27.", 216 | "172.28.", 217 | "172.29.", 218 | "172.30.", 219 | "172.31." 220 | ], 221 | 222 | "IPV4_INAA_SPECIAL_ADDRESS_REGISTRY_IP_PREFIX": [ 223 | "192.0.0." 224 | ], 225 | 226 | "IPV4_DOCUMENTATION_AND_EXAMPLE_CODE_192_IP_PREFIX": [ 227 | "192.0.2." 228 | ], 229 | 230 | "IPV4_CLASS_C_PRIVATE_BLOCK_IP_PREFIX": [ 231 | "192.168." 232 | ], 233 | 234 | "IPV4_INNER_NETWORK_COMMUNICATION_BETWEEN_TWO_SEPARATE_SUBNETS_IP_PREFIX": [ 235 | "198.18.", 236 | "198.19." 237 | ], 238 | 239 | "IPV4_DOCUMENTATION_AND_EXAMPLE_CODE_198_IP_PREFIX": [ 240 | "198.51.100." 241 | ], 242 | 243 | "IPV4_DOCUMENTATION_AND_EXAMPLE_CODE_203_IP_PREFIX": [ 244 | "203.0.113." 245 | ], 246 | 247 | "IPV4_MULTICAST_IP_PREFIX": [ 248 | "224.", 249 | "225.", 250 | "226.", 251 | "227.", 252 | "228.", 253 | "229.", 254 | "230.", 255 | "231.", 256 | "232.", 257 | "233.", 258 | "234.", 259 | "235.", 260 | "236.", 261 | "237.", 262 | "238.", 263 | "239." 264 | ], 265 | 266 | "IPV4_RESERVED_IP_PREFIX": [ 267 | "240.", 268 | "241.", 269 | "242.", 270 | "243.", 271 | "244.", 272 | "245.", 273 | "246.", 274 | "247.", 275 | "248.", 276 | "249.", 277 | "250.", 278 | "251.", 279 | "252.", 280 | "253.", 281 | "254." 282 | ], 283 | 284 | "IPV4_BRODCAST_IP_PREFIX": [ 285 | "255." 286 | ], 287 | 288 | "IPV4_LOOPBACK_IP_PREFIX": [ 289 | "127." 290 | ], 291 | 292 | "IPV6_EXAMPLE_CODE_DOCUMENTATION_IP_PREFIX": [ 293 | "2001:db8:" 294 | ], 295 | 296 | "IPV6_PRIVATE_BLOCK_IP_PREFIX": [ 297 | "fc00:" 298 | ], 299 | 300 | "IPV6_LINK_LOCAL_UNICAST_IP_PREFIX": [ 301 | "fe80:" 302 | ], 303 | 304 | "IPV6_MULTICAST_IP_PREFIX": [ 305 | "ff00:" 306 | ], 307 | 308 | "IPV6_LOOPBACK_IP_PREFIX": [ 309 | "::1" 310 | ] 311 | } 312 | ``` 313 | 314 | Running the tests 315 | ==================== 316 | 317 | To run the tests against the current environment: 318 | 319 | npm install 320 | npm test 321 | 322 | License 323 | ==================== 324 | 325 | Released under a ([MIT](LICENSE)) license. 326 | 327 | Version 328 | ==================== 329 | X.Y.Z Version 330 | 331 | `MAJOR` version -- when you make incompatible API changes, 332 | `MINOR` version -- when you add functionality in a backwards-compatible manner, and 333 | `PATCH` version -- when you make backwards-compatible bug fixes. 334 | 335 | Sponsors 336 | ==================== 337 | 338 | [Neekware Inc](http://neekware.com) 339 | 340 | [status-image]: https://secure.travis-ci.org/un33k/node-ipware.png?branch=master 341 | [status-link]: http://travis-ci.org/un33k/node-ipware?branch=master 342 | [version-image]: https://img.shields.io/npm/v/ipware.svg 343 | [version-link]: https://www.npmjs.com/package/ipware 344 | [coverage-image]: https://coveralls.io/repos/un33k/node-ipware/badge.svg 345 | [coverage-link]: https://coveralls.io/r/un33k/node-ipware 346 | [download-image]: https://img.shields.io/npm/dm/ipware.svg 347 | [download-link]: https://www.npmjs.com/package/ipware 348 | -------------------------------------------------------------------------------- /test/ipv6_test.js: -------------------------------------------------------------------------------- 1 | var get_ip = require('..')().get_ip, 2 | get_trusted_ip = require('..')().get_trusted_ip, 3 | assert = require('assert'); 4 | 5 | 6 | describe('get_ip(): IPV6: HTTP_X_FORWARDED_FOR', function() { 7 | it('test_http_x_forwarded_for_multiple', function() { 8 | var request = {headers: {}}; 9 | request.headers.HTTP_X_FORWARDED_FOR = '3ffe:1900:4545:3:200:f8ff:fe21:67cf, 74dc::02ba'; 10 | request.headers.HTTP_X_REAL_IP = '74dc::02ba'; 11 | request.headers.REMOTE_ADDR = '74dc::02ba'; 12 | get_ip(request); 13 | assert.equal(request.clientIp, '3ffe:1900:4545:3:200:f8ff:fe21:67cf'); 14 | assert.equal(request.clientIpRoutable, true); 15 | }); 16 | }); 17 | 18 | describe('get_ip(): IPV6: X_FORWARDED_FOR', function() { 19 | it('test_x_forwarded_for_single', function() { 20 | var request = {headers: {}}; 21 | request.headers.X_FORWARDED_FOR = '3ffe:1900:4545:3:200:f8ff:fe21:67cf'; 22 | request.headers.REMOTE_ADDR = '74dc::02ba'; 23 | get_ip(request); 24 | assert.equal(request.clientIp, '3ffe:1900:4545:3:200:f8ff:fe21:67cf'); 25 | assert.equal(request.clientIpRoutable, true); 26 | }); 27 | }); 28 | 29 | describe('get_ip(): IPV6: HTTP_X_FORWARDED_FOR', function() { 30 | it('test_http_x_forwarded_for_multiple_bad_address', function() { 31 | var request = {headers: {}}; 32 | request.headers.HTTP_X_FORWARDED_FOR = 'unknown, ::1/128, 74dc::02ba'; 33 | request.headers.HTTP_X_REAL_IP = '3ffe:1900:4545:3:200:f8ff:fe21:67cf'; 34 | request.headers.REMOTE_ADDR = '3ffe:1900:4545:3:200:f8ff:fe21:67cf'; 35 | get_ip(request); 36 | assert.equal(request.clientIp, '74dc::02ba'); 37 | assert.equal(request.clientIpRoutable, true); 38 | }); 39 | }); 40 | 41 | describe('get_ip(): IPV6: HTTP_X_FORWARDED_FOR', function() { 42 | it('test_http_x_forwarded_for_singleton', function() { 43 | var request = {headers: {}}; 44 | request.headers.HTTP_X_FORWARDED_FOR = '74dc::02ba'; 45 | request.headers.HTTP_X_REAL_IP = '3ffe:1900:4545:3:200:f8ff:fe21:67cf'; 46 | request.headers.REMOTE_ADDR = '3ffe:1900:4545:3:200:f8ff:fe21:67cf'; 47 | get_ip(request); 48 | assert.equal(request.clientIp, '74dc::02ba'); 49 | assert.equal(request.clientIpRoutable, true); 50 | }); 51 | }); 52 | 53 | describe('get_ip(): IPV6: HTTP_X_FORWARDED_FOR & HTTP_X_REAL_IP', function() { 54 | it('test_http_x_forwarded_for_singleton_private_address', function() { 55 | var request = {headers: {}}; 56 | request.headers.HTTP_X_FORWARDED_FOR = '::1/128'; 57 | request.headers.HTTP_X_REAL_IP = '74dc::02ba'; 58 | request.headers.REMOTE_ADDR = '3ffe:1900:4545:3:200:f8ff:fe21:67cf'; 59 | get_ip(request); 60 | assert.equal(request.clientIp, '74dc::02ba'); 61 | assert.equal(request.clientIpRoutable, true); 62 | }); 63 | }); 64 | 65 | describe('get_ip(): IPV6: HTTP_X_FORWARDED_FOR & HTTP_X_REAL_IP', function() { 66 | it('test_bad_http_x_forwarded_for_fallback_on_x_real_ip', function() { 67 | var request = {headers: {}}; 68 | request.headers.HTTP_X_FORWARDED_FOR = 'unknown ::1/128'; 69 | request.headers.HTTP_X_REAL_IP = '74dc::02ba'; 70 | request.headers.REMOTE_ADDR = '3ffe:1900:4545:3:200:f8ff:fe21:67cf'; 71 | get_ip(request); 72 | assert.equal(request.clientIp, '74dc::02ba'); 73 | assert.equal(request.clientIpRoutable, true); 74 | }); 75 | }); 76 | 77 | describe('get_ip(): IPV6: HTTP_X_FORWARDED_FOR & HTTP_X_REAL_IP', function() { 78 | it('test_empty_http_x_forwarded_for_fallback_on_x_real_ip', function() { 79 | var request = {headers: {}}; 80 | request.headers.HTTP_X_FORWARDED_FOR = ''; 81 | request.headers.HTTP_X_REAL_IP = '74dc::02ba'; 82 | request.headers.REMOTE_ADDR = '3ffe:1900:4545:3:200:f8ff:fe21:67cf'; 83 | get_ip(request); 84 | assert.equal(request.clientIp, '74dc::02ba'); 85 | assert.equal(request.clientIpRoutable, true); 86 | }); 87 | }); 88 | 89 | describe('get_ip(): IPV6: HTTP_X_FORWARDED_FOR & HTTP_X_REAL_IP & REMOTE_ADDR', function() { 90 | it('test_empty_http_x_forwarded_for_empty_x_real_ip_fallback_on_remote_addr', function() { 91 | var request = {headers: {}}; 92 | request.headers.HTTP_X_FORWARDED_FOR = ''; 93 | request.headers.HTTP_X_REAL_IP = ''; 94 | request.headers.REMOTE_ADDR = '74dc::02ba'; 95 | get_ip(request); 96 | assert.equal(request.clientIp, '74dc::02ba'); 97 | assert.equal(request.clientIpRoutable, true); 98 | }); 99 | }); 100 | 101 | describe('get_ip(): IPV6: HTTP_X_FORWARDED_FOR & HTTP_X_REAL_IP & REMOTE_ADDR', function() { 102 | it('test_empty_http_x_forwarded_for_private_x_real_ip_fallback_on_remote_addr', function() { 103 | var request = {headers: {}}; 104 | request.headers.HTTP_X_FORWARDED_FOR = ''; 105 | request.headers.HTTP_X_REAL_IP = '::1/128'; 106 | request.headers.REMOTE_ADDR = '74dc::02ba'; 107 | get_ip(request); 108 | assert.equal(request.clientIp, '74dc::02ba'); 109 | assert.equal(request.clientIpRoutable, true); 110 | }); 111 | }); 112 | 113 | describe('get_ip(): IPV6: HTTP_X_FORWARDED_FOR & HTTP_X_REAL_IP & REMOTE_ADDR', function() { 114 | it('test_private_http_x_forward_for_ip_addr', function() { 115 | var request = {headers: {}}; 116 | request.headers.HTTP_X_FORWARDED_FOR = '::1/128'; 117 | request.headers.HTTP_X_REAL_IP = ''; 118 | request.headers.REMOTE_ADDR = ''; 119 | get_ip(request); 120 | assert.equal(request.clientIp, '::1/128'); 121 | assert.equal(request.clientIpRoutable, false); 122 | }); 123 | }); 124 | 125 | describe('get_ip(): IPV6: HTTP_X_FORWARDED_FOR & HTTP_X_REAL_IP & REMOTE_ADDR', function() { 126 | it('test_private_real_ip_for_ip_addr', function() { 127 | var request = {headers: {}}; 128 | request.headers.HTTP_X_FORWARDED_FOR = ''; 129 | request.headers.HTTP_X_REAL_IP = '::1/128'; 130 | request.headers.REMOTE_ADDR = ''; 131 | get_ip(request); 132 | assert.equal(request.clientIp, '::1/128'); 133 | assert.equal(request.clientIpRoutable, false); 134 | }); 135 | }); 136 | 137 | describe('get_ip(): IPV6: HTTP_X_FORWARDED_FOR & HTTP_X_REAL_IP & REMOTE_ADDR', function() { 138 | it('test_private_remote_addr_for_ip_addr', function() { 139 | var request = {headers: {}}; 140 | request.headers.HTTP_X_FORWARDED_FOR = ''; 141 | request.headers.HTTP_X_REAL_IP = ''; 142 | request.headers.REMOTE_ADDR = '::1/128'; 143 | get_ip(request); 144 | assert.equal(request.clientIp, '::1/128'); 145 | assert.equal(request.clientIpRoutable, false); 146 | }); 147 | }); 148 | 149 | describe('get_ip(): IPV6: HTTP_X_REAL_IP & REMOTE_ADDR', function() { 150 | it('test_missing_http_x_forwarded', function() { 151 | var request = {headers: {}}; 152 | request.headers.HTTP_X_REAL_IP = '74dc::02ba'; 153 | request.headers.REMOTE_ADDR = '74dc::02ba'; 154 | get_ip(request); 155 | assert.equal(request.clientIp, '74dc::02ba'); 156 | assert.equal(request.clientIpRoutable, true); 157 | }); 158 | }); 159 | 160 | describe('get_ip(): IPV6: REMOTE_ADDR', function() { 161 | it('test_missing_http_x_forwarded_missing_real_ip', function() { 162 | var request = {headers: {}}; 163 | request.headers.REMOTE_ADDR = '74dc::02ba'; 164 | get_ip(request); 165 | assert.equal(request.clientIp, '74dc::02ba'); 166 | assert.equal(request.clientIpRoutable, true); 167 | }); 168 | }); 169 | 170 | describe('get_ip(): IPV6: HTTP_X_REAL_IP & REMOTE_ADDR', function() { 171 | it('test_missing_http_x_forwarded_missing_real_ip_mix_case', function() { 172 | var request = {headers: {}}; 173 | request.headers.REMOTE_ADDR = '74dC::02bA'; 174 | get_ip(request); 175 | assert.equal(request.clientIp, '74dC::02bA'); 176 | assert.equal(request.clientIpRoutable, true); 177 | }); 178 | }); 179 | 180 | describe('get_ip(): IPV6: HTTP_X_REAL_IP & REMOTE_ADDR', function() { 181 | it('test_private_remote_address', function() { 182 | var request = {headers: {}}; 183 | request.headers.REMOTE_ADDR = 'fe80::02ba'; 184 | get_ip(request); 185 | assert.equal(request.clientIp, 'fe80::02ba'); 186 | assert.equal(request.clientIpRoutable, false); 187 | }); 188 | }); 189 | 190 | describe('get_ip(): IPV6: HTTP_X_REAL_IP & REMOTE_ADDR', function() { 191 | it('test_best_matched_real_ip', function() { 192 | var request = {headers: {}}; 193 | request.headers.HTTP_X_REAL_IP = '::1'; 194 | request.headers.REMOTE_ADDR = 'fe80::02ba'; 195 | get_ip(request); 196 | assert.equal(request.clientIp, 'fe80::02ba'); 197 | assert.equal(request.clientIpRoutable, false); 198 | }); 199 | }); 200 | 201 | describe('get_ip(): IPV6: http_x_real_ip', function() { 202 | it('test_lower_case_http_x_real_ip', function() { 203 | var request = {headers: {}}; 204 | request.headers.HTTP_X_FORWARDED_FOR = 'fe80::02ba'; 205 | request.headers.http_x_real_ip = '74dC::02bA'; 206 | request.headers.REMOTE_ADDR = '177.139.233.133'; 207 | get_ip(request); 208 | assert.equal(request.clientIp, '74dC::02bA'); 209 | assert.equal(request.clientIpRoutable, true); 210 | }); 211 | }); 212 | 213 | describe('get_ip(): IPV6: http_x_real_ip', function() { 214 | it('test_fallback_on_request.connection.remoteAddress.private', function() { 215 | var request = {headers: {}}; 216 | request.connection = {}; 217 | request.connection.remoteAddress = "::1"; 218 | get_ip(request); 219 | assert.equal(request.clientIp, '::1'); 220 | assert.equal(request.clientIpRoutable, false); 221 | }); 222 | }); 223 | 224 | describe('get_ip(): IPV6: to IPV4', function() { 225 | it('test_ipv6_encapsulation_of_ipv4', function() { 226 | var request = {headers: {}}; 227 | request.headers.HTTP_X_FORWARDED_FOR = "::ffff:127.0.0.1"; 228 | get_ip(request); 229 | assert.equal(request.clientIp, '127.0.0.1'); 230 | assert.equal(request.clientIpRoutable, false); 231 | }); 232 | }); 233 | 234 | describe('get_ip(): IPV6: http_x_real_ip', function() { 235 | it('test_fallback_on_request.connection.remoteAddress.public', function() { 236 | var request = {headers: {}, connection: {}}; 237 | request.connection.remoteAddress = "74dC::02bA"; 238 | get_ip(request); 239 | assert.equal(request.clientIp, '74dC::02bA'); 240 | assert.equal(request.clientIpRoutable, true); 241 | }); 242 | }); 243 | 244 | describe('get_ip(): IPV6: http_x_real_ip', function() { 245 | it('test_fallback_on_request.socket.remoteAddress.public', function() { 246 | var request = {headers: {}, socket: {}}; 247 | request.socket.remoteAddress = "74dC::02bA"; 248 | get_ip(request); 249 | assert.equal(request.clientIp, '74dC::02bA'); 250 | assert.equal(request.clientIpRoutable, true); 251 | }); 252 | }); 253 | 254 | describe('get_ip(): IPV6: X-FORWARDED-FOR', function() { 255 | it('test_http_x_forwarded_for_precedence-hyphenated', function() { 256 | var request = {headers: {'X-FORWARDED-FOR': '74dC::02bA'}}; 257 | get_ip(request); 258 | assert.equal(request.clientIp, '74dC::02bA'); 259 | assert.equal(request.clientIpRoutable, true); 260 | }); 261 | }); 262 | 263 | describe('get_trusted_ip(): IPV6: HTTP_X_FORWARDED_FOR', function() { 264 | it('test_http_x_forwarded_for_multiple', function() { 265 | var request = {headers: {}}; 266 | request.headers.HTTP_X_FORWARDED_FOR = '3ffe:1900:4545:3:200:f8ff:fe21:67cf, 74dc::02ba, 74dc::02bb'; 267 | var trusted_proxy_list = ['74dc::02bb']; 268 | get_trusted_ip(request, trusted_proxy_list); 269 | assert.equal(request.clientIp, '3ffe:1900:4545:3:200:f8ff:fe21:67cf'); 270 | assert.equal(request.clientIpRoutable, true); 271 | }); 272 | }); 273 | -------------------------------------------------------------------------------- /test/ipv4_test.js: -------------------------------------------------------------------------------- 1 | var get_ip = require('..')().get_ip, 2 | get_trusted_ip = require('..')().get_trusted_ip, 3 | assert = require('assert'); 4 | 5 | 6 | describe('get_ip(): IPV4: HTTP_X_FORWARDED_FOR', function() { 7 | it('test_http_x_forwarded_for_multiple', function() { 8 | var request = {headers: {}}; 9 | request.headers.HTTP_X_FORWARDED_FOR = '192.168.255.182, 10.0.0.0, 127.0.0.1, 198.84.193.157, 177.139.233.139'; 10 | request.headers.HTTP_X_REAL_IP = '177.139.233.132'; 11 | request.headers.REMOTE_ADDR = '177.139.233.133'; 12 | get_ip(request); 13 | assert.equal(request.clientIp, '198.84.193.157'); 14 | assert.equal(request.clientIpRoutable, true); 15 | }); 16 | }); 17 | 18 | describe('get_ip(): IPV4: HTTP_X_FORWARDED_FOR', function() { 19 | it('test_http_x_forwarded_for_multiple_right_most_proxy', function() { 20 | var request = {headers: {}}; 21 | request.headers.HTTP_X_FORWARDED_FOR = '192.168.255.182, 198.84.193.157, 10.0.0.0, 127.0.0.1, 177.139.233.139'; 22 | request.headers.HTTP_X_REAL_IP = '177.139.233.132'; 23 | request.headers.REMOTE_ADDR = '177.139.233.133'; 24 | get_ip(request, right_most_proxy=true); 25 | assert.equal(request.clientIp, '177.139.233.139'); 26 | assert.equal(request.clientIpRoutable, true); 27 | }); 28 | }); 29 | 30 | describe('get_ip(): IPV4: HTTP_X_FORWARDED_FOR', function() { 31 | it('test_http_x_forwarded_for_multiple_bad_address', function() { 32 | var request = {headers: {}}; 33 | request.headers.HTTP_X_FORWARDED_FOR = 'unknown, 192.168.255.182, 10.0.0.0, 127.0.0.1, 198.84.193.157, 177.139.233.139'; 34 | request.headers.HTTP_X_REAL_IP = '177.139.233.132'; 35 | request.headers.REMOTE_ADDR = '177.139.233.133'; 36 | get_ip(request); 37 | assert.equal(request.clientIp, '198.84.193.157'); 38 | assert.equal(request.clientIpRoutable, true); 39 | }); 40 | }); 41 | 42 | describe('get_ip(): IPV4: HTTP_X_FORWARDED_FOR', function() { 43 | it('test_http_x_forwarded_for_singleton', function() { 44 | var request = {headers: {}}; 45 | request.headers.HTTP_X_FORWARDED_FOR = '177.139.233.139'; 46 | request.headers.HTTP_X_REAL_IP = '177.139.233.132'; 47 | request.headers.REMOTE_ADDR = '177.139.233.133'; 48 | get_ip(request); 49 | assert.equal(request.clientIp, '177.139.233.139'); 50 | assert.equal(request.clientIpRoutable, true); 51 | }); 52 | }); 53 | 54 | describe('get_ip(): IPV4: HTTP_X_FORWARDED_FOR & HTTP_X_REAL_IP', function() { 55 | it('test_http_x_forwarded_for_singleton_private_address', function() { 56 | var request = {headers: {}}; 57 | request.headers.HTTP_X_FORWARDED_FOR = '192.168.255.182'; 58 | request.headers.HTTP_X_REAL_IP = '177.139.233.132'; 59 | request.headers.REMOTE_ADDR = '177.139.233.133'; 60 | get_ip(request); 61 | assert.equal(request.clientIp, '177.139.233.132'); 62 | assert.equal(request.clientIpRoutable, true); 63 | }); 64 | }); 65 | 66 | describe('get_ip(): IPV4: HTTP_X_FORWARDED_FOR & HTTP_X_REAL_IP', function() { 67 | it('test_bad_http_x_forwarded_for_fallback_on_x_real_ip', function() { 68 | var request = {headers: {}}; 69 | request.headers.HTTP_X_FORWARDED_FOR = 'unknown 177.139.233.139'; 70 | request.headers.HTTP_X_REAL_IP = '177.139.233.132'; 71 | request.headers.REMOTE_ADDR = '177.139.233.133'; 72 | get_ip(request); 73 | assert.equal(request.clientIp, '177.139.233.132'); 74 | assert.equal(request.clientIpRoutable, true); 75 | }); 76 | }); 77 | 78 | describe('get_ip(): IPV4: HTTP_X_FORWARDED_FOR & HTTP_X_REAL_IP', function() { 79 | it('test_empty_http_x_forwarded_for_fallback_on_x_real_ip', function() { 80 | var request = {headers: {}}; 81 | request.headers.HTTP_X_FORWARDED_FOR = ''; 82 | request.headers.HTTP_X_REAL_IP = '177.139.233.132'; 83 | request.headers.REMOTE_ADDR = '177.139.233.133'; 84 | get_ip(request); 85 | assert.equal(request.clientIp, '177.139.233.132'); 86 | assert.equal(request.clientIpRoutable, true); 87 | }); 88 | }); 89 | 90 | describe('get_ip(): IPV4: HTTP_X_FORWARDED_FOR & HTTP_X_REAL_IP & REMOTE_ADDR', function() { 91 | it('test_empty_http_x_forwarded_for_empty_x_real_ip_fallback_on_remote_addr', function() { 92 | var request = {headers: {}}; 93 | request.headers.HTTP_X_FORWARDED_FOR = ''; 94 | request.headers.HTTP_X_REAL_IP = ''; 95 | request.headers.REMOTE_ADDR = '177.139.233.133'; 96 | get_ip(request); 97 | assert.equal(request.clientIp, '177.139.233.133'); 98 | assert.equal(request.clientIpRoutable, true); 99 | }); 100 | }); 101 | 102 | describe('get_ip(): IPV4: HTTP_X_FORWARDED_FOR & HTTP_X_REAL_IP & REMOTE_ADDR', function() { 103 | it('test_empty_http_x_forwarded_for_private_x_real_ip_fallback_on_remote_addr', function() { 104 | var request = {headers: {}}; 105 | request.headers.HTTP_X_FORWARDED_FOR = ''; 106 | request.headers.HTTP_X_REAL_IP = '192.168.255.182'; 107 | request.headers.REMOTE_ADDR = '177.139.233.133'; 108 | get_ip(request); 109 | assert.equal(request.clientIp, '177.139.233.133'); 110 | assert.equal(request.clientIpRoutable, true); 111 | }); 112 | }); 113 | 114 | describe('get_ip(): IPV4: HTTP_X_FORWARDED_FOR & HTTP_X_REAL_IP & REMOTE_ADDR', function() { 115 | it('test_private_http_x_forward_for_ip_addr', function() { 116 | var request = {headers: {}}; 117 | request.headers.HTTP_X_FORWARDED_FOR = '127.0.0.1'; 118 | request.headers.HTTP_X_REAL_IP = ''; 119 | request.headers.REMOTE_ADDR = ''; 120 | get_ip(request); 121 | assert.equal(request.clientIp, '127.0.0.1'); 122 | assert.equal(request.clientIpRoutable, false); 123 | }); 124 | }); 125 | 126 | describe('get_ip(): IPV4: HTTP_X_FORWARDED_FOR & HTTP_X_REAL_IP & REMOTE_ADDR', function() { 127 | it('test_private_real_ip_for_ip_addr', function() { 128 | var request = {headers: {}}; 129 | request.headers.HTTP_X_FORWARDED_FOR = ''; 130 | request.headers.HTTP_X_REAL_IP = '127.0.0.1'; 131 | request.headers.REMOTE_ADDR = ''; 132 | get_ip(request); 133 | assert.equal(request.clientIp, '127.0.0.1'); 134 | assert.equal(request.clientIpRoutable, false); 135 | }); 136 | }); 137 | 138 | describe('get_ip(): IPV4: HTTP_X_FORWARDED_FOR & HTTP_X_REAL_IP & REMOTE_ADDR', function() { 139 | it('test_private_remote_addr_for_ip_addr', function() { 140 | var request = {headers: {}}; 141 | request.headers.HTTP_X_FORWARDED_FOR = ''; 142 | request.headers.HTTP_X_REAL_IP = ''; 143 | request.headers.REMOTE_ADDR = '127.0.0.1'; 144 | get_ip(request); 145 | assert.equal(request.clientIp, '127.0.0.1'); 146 | assert.equal(request.clientIpRoutable, false); 147 | }); 148 | }); 149 | 150 | describe('get_ip(): IPV4: HTTP_X_REAL_IP & REMOTE_ADDR', function() { 151 | it('test_missing_http_x_forwarded', function() { 152 | var request = {headers: {}}; 153 | request.headers.HTTP_X_REAL_IP = '177.139.233.132'; 154 | request.headers.REMOTE_ADDR = '177.139.233.133'; 155 | get_ip(request); 156 | assert.equal(request.clientIp, '177.139.233.132'); 157 | assert.equal(request.clientIpRoutable, true); 158 | }); 159 | }); 160 | 161 | describe('get_ip(): IPV4: REMOTE_ADDR', function() { 162 | it('test_missing_http_x_forwarded_missing_real_ip', function() { 163 | var request = {headers: {}}; 164 | request.headers.REMOTE_ADDR = '177.139.233.133'; 165 | get_ip(request); 166 | assert.equal(request.clientIp, '177.139.233.133'); 167 | assert.equal(request.clientIpRoutable, true); 168 | }); 169 | }); 170 | 171 | describe('get_ip(): IPV4: HTTP_X_REAL_IP & REMOTE_ADDR', function() { 172 | it('test_best_matched_real_ip', function() { 173 | var request = {headers: {}}; 174 | request.headers.HTTP_X_REAL_IP = '127.0.0.1'; 175 | request.headers.REMOTE_ADDR = '177.139.233.133'; 176 | get_ip(request); 177 | assert.equal(request.clientIp, '177.139.233.133'); 178 | assert.equal(request.clientIpRoutable, true); 179 | }); 180 | }); 181 | 182 | describe('get_ip(): IPV4: http_x_real_ip', function() { 183 | it('test_lower_case_http_x_real_ip', function() { 184 | var request = {headers: {}}; 185 | request.headers.HTTP_X_FORWARDED_FOR = ''; 186 | request.headers.http_x_real_ip = '177.139.233.132'; 187 | request.headers.REMOTE_ADDR = '177.139.233.133'; 188 | get_ip(request); 189 | assert.equal(request.clientIp, '177.139.233.132'); 190 | assert.equal(request.clientIpRoutable, true); 191 | }); 192 | }); 193 | 194 | 195 | describe('get_ip(): IPV4: X_FORWARDED_FOR', function() { 196 | it('test_x_forwarded_for', function() { 197 | var request = {headers: {}}; 198 | request.headers.HTTP_X_FORWARDED_FOR = ''; 199 | request.headers.X_FORWARDED_FOR = '177.139.233.132'; 200 | request.headers.REMOTE_ADDR = '177.139.233.100'; 201 | get_ip(request); 202 | assert.equal(request.clientIp, '177.139.233.132'); 203 | assert.equal(request.clientIpRoutable, true); 204 | }); 205 | }); 206 | 207 | describe('get_ip(): IPV4: X_FORWARDED_FOR and HTTP_X_FORWARDED_FOR', function() { 208 | it('test_http_x_forwarded_for_precedence', function() { 209 | var request = {headers: {}}; 210 | request.headers.HTTP_X_FORWARDED_FOR = '80.10.1.10'; 211 | request.headers.X_FORWARDED_FOR = '177.139.233.132'; 212 | request.headers.REMOTE_ADDR = ''; 213 | get_ip(request); 214 | assert.equal(request.clientIp, '80.10.1.10'); 215 | assert.equal(request.clientIpRoutable, true); 216 | }); 217 | }); 218 | 219 | describe('get_ip(): IPV4: Test 1.0.0.0/8 blocks', function() { 220 | it('test_1_0_0_0_block', function() { 221 | var request = {headers: {}}; 222 | request.headers.HTTP_X_REAL_IP = '1.0.0.0'; 223 | get_ip(request); 224 | assert.equal(request.clientIp, '1.0.0.0'); 225 | assert.equal(request.clientIpRoutable, true); 226 | }); 227 | }); 228 | 229 | describe('get_ip(): IPV4: Test 2.0.0.0/8 blocks', function() { 230 | it('test_2_0_0_0_block', function() { 231 | var request = {headers: {}}; 232 | request.headers.REMOTE_ADDR = '2.0.0.1'; 233 | get_ip(request); 234 | assert.equal(request.clientIp, '2.0.0.1'); 235 | assert.equal(request.clientIpRoutable, true); 236 | }); 237 | }); 238 | 239 | describe('get_ip(): IPV4: X-FORWARDED-FOR', function() { 240 | it('test_http_x_forwarded_for_precedence-hyphenated', function() { 241 | var request = {headers: {'X-FORWARDED-FOR': '80.10.1.10'}}; 242 | get_ip(request); 243 | assert.equal(request.clientIp, '80.10.1.10'); 244 | assert.equal(request.clientIpRoutable, true); 245 | }); 246 | }); 247 | 248 | describe('get_trusted_ip(): IPV4: EMPTY DEFAULT IPWARE_TRUSTED_PROXY_LIST', function() { 249 | it('test_trusted_ip_default_config', function() { 250 | var request = {headers: {}}; 251 | request.headers.HTTP_X_FORWARDED_FOR = '177.139.100.100, 177.139.233.200, 177.139.233.139'; 252 | get_trusted_ip(request); 253 | assert.equal(request.clientIp, '127.0.0.1'); 254 | assert.equal(request.clientIpRoutable, false); 255 | }); 256 | }); 257 | 258 | describe('get_trusted_ip(): IPV4: PROXY LIST AS PARAM (VALID)', function() { 259 | it('test_trusted_ip_proxy_list_as_params_single', function() { 260 | var request = {headers: {}}; 261 | request.headers.HTTP_X_FORWARDED_FOR = '177.139.100.100, 177.139.233.200, 177.139.233.139'; 262 | var trusted_proxy_list = ['177.139.233.139']; 263 | get_trusted_ip(request, trusted_proxy_list); 264 | assert.equal(request.clientIp, '177.139.100.100'); 265 | assert.equal(request.clientIpRoutable, true); 266 | }); 267 | }); 268 | 269 | describe('get_trusted_ip(): IPV4: PROXY LIST AS PARAM (VALID)', function() { 270 | it('test_trusted_ip_proxy_list_as_params_multi', function() { 271 | var request = {headers: {}}; 272 | request.headers.HTTP_X_FORWARDED_FOR = '177.139.100.100, 177.139.233.200, 177.139.233.139'; 273 | var trusted_proxy_list = ['177.139.233.135', '177.139.233.139', '177.139.233.140']; 274 | get_trusted_ip(request, trusted_proxy_list); 275 | assert.equal(request.clientIp, '177.139.100.100'); 276 | assert.equal(request.clientIpRoutable, true); 277 | }); 278 | }); 279 | 280 | describe('get_trusted_ip(): IPV4: PROXY LIST AS PARAM (INVALID)', function() { 281 | it('test_trusted_ip_proxy_list_as_params_invalid', function() { 282 | var request = {headers: {}}; 283 | request.headers.HTTP_X_FORWARDED_FOR = '177.139.100.100, 177.139.233.200, 177.139.233.130'; 284 | var trusted_proxy_list = ['177.139.233.139']; 285 | get_trusted_ip(request, trusted_proxy_list); 286 | assert.equal(request.clientIp, '127.0.0.1'); 287 | assert.equal(request.clientIpRoutable, false); 288 | }); 289 | }); 290 | 291 | describe('get_trusted_ip(): IPV4: PROXY LIST AS PARAM - X_FORWARDED_FOR(VALID)', function() { 292 | it('test_trusted_ip_proxy_list_as_params_multi_x_forwarded_for', function() { 293 | var request = {headers: {}}; 294 | request.headers.X_FORWARDED_FOR = '177.139.100.100, 177.139.233.200, 177.139.233.139'; 295 | var trusted_proxy_list = ['177.139.233.135', '177.139.233.139', '177.139.233.140']; 296 | get_trusted_ip(request, trusted_proxy_list); 297 | assert.equal(request.clientIp, '177.139.100.100'); 298 | assert.equal(request.clientIpRoutable, true); 299 | }); 300 | }); 301 | --------------------------------------------------------------------------------