diff --git a/pages/api/collect.js b/pages/api/collect.js index c9159858..3387cde1 100644 --- a/pages/api/collect.js +++ b/pages/api/collect.js @@ -1,9 +1,10 @@ +const { Resolver } = require('dns').promises; import isbot from 'isbot'; import ipaddr from 'ipaddr.js'; import { savePageView, saveEvent } from 'lib/queries'; import { useCors, useSession } from 'lib/middleware'; import { getJsonBody, getIpAddress } from 'lib/request'; -import { ok, send, badRequest } from 'lib/response'; +import { ok, send, badRequest, forbidden } from 'lib/response'; import { createToken } from 'lib/crypto'; import { removeTrailingSlash } from 'lib/url'; @@ -15,16 +16,35 @@ export default async (req, res) => { } const ignoreIps = process.env.IGNORE_IP; - if (ignoreIps) { - const ips = ignoreIps.split(',').map(n => n.trim()); - const ip = getIpAddress(req); - const blocked = ips.find(i => { - if (i === ip) return true; + const ignoreHostnames = process.env.IGNORE_HOSTNAME; + + if (ignoreIps || ignoreHostnames) { + const ips = []; + + if (ignoreIps) { + ips.push(...ignoreIps.split(',').map(n => n.trim())); + } + + if (ignoreHostnames) { + const resolver = new Resolver(); + const promises = ignoreHostnames + .split(',') + .map(n => resolver.resolve4(n.trim()).catch(() => {})); + + await Promise.all(promises).then(resolvedIps => { + ips.push(...resolvedIps.filter(n => n).flatMap(n => n)); + }); + } + + const clientIp = getIpAddress(req); + + const blocked = ips.find(ip => { + if (ip === clientIp) return true; // CIDR notation - if (i.indexOf('/') > 0) { - const addr = ipaddr.parse(ip); - const range = ipaddr.parseCIDR(i); + if (ip.indexOf('/') > 0) { + const addr = ipaddr.parse(clientIp); + const range = ipaddr.parseCIDR(ip); if (addr.kind() === range[0].kind() && addr.match(range)) return true; } @@ -33,7 +53,7 @@ export default async (req, res) => { }); if (blocked) { - return ok(res); + return forbidden(res); } }