diff --git a/lib/detect.ts b/lib/detect.ts index 9c1e1fa4..43dac649 100644 --- a/lib/detect.ts +++ b/lib/detect.ts @@ -3,6 +3,7 @@ import { getClientIp } from 'request-ip'; import { browserName, detectOS } from 'detect-browser'; import isLocalhost from 'is-localhost-ip'; import maxmind from 'maxmind'; +import { safeDecodeURIComponent } from 'next-basics'; import { DESKTOP_OS, @@ -65,20 +66,18 @@ export async function getLocation(ip, req) { // Cloudflare headers if (req.headers['cf-ipcountry']) { return { - country: req.headers['cf-ipcountry'], + country: safeDecodeURIComponent(req.headers['cf-ipcountry']), + subdivision1: safeDecodeURIComponent(req.headers['cf-region-code']), + city: safeDecodeURIComponent(req.headers['cf-ipcity']), }; } // Vercel headers if (req.headers['x-vercel-ip-country']) { - const country = req.headers['x-vercel-ip-country']; - const region = req.headers['x-vercel-ip-country-region']; - const city = req.headers['x-vercel-ip-city']; - return { - country, - subdivision1: region, - city: city ? decodeURIComponent(city) : undefined, + country: safeDecodeURIComponent(req.headers['x-vercel-ip-country']), + subdivision1: safeDecodeURIComponent(req.headers['x-vercel-ip-country-region']), + city: safeDecodeURIComponent(req.headers['x-vercel-ip-city']), }; } diff --git a/package.json b/package.json index 868b3cdf..647cdf41 100644 --- a/package.json +++ b/package.json @@ -90,7 +90,7 @@ "maxmind": "^4.3.6", "moment-timezone": "^0.5.35", "next": "13.3.1", - "next-basics": "^0.35.0", + "next-basics": "^0.36.0", "node-fetch": "^3.2.8", "npm-run-all": "^4.1.5", "react": "^18.2.0", diff --git a/yarn.lock b/yarn.lock index 275bcd63..d9224c2a 100644 --- a/yarn.lock +++ b/yarn.lock @@ -6371,10 +6371,10 @@ natural-compare@^1.4.0: resolved "https://registry.yarnpkg.com/natural-compare/-/natural-compare-1.4.0.tgz#4abebfeed7541f2c27acfb29bdbbd15c8d5ba4f7" integrity sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw== -next-basics@^0.35.0: - version "0.35.0" - resolved "https://registry.yarnpkg.com/next-basics/-/next-basics-0.35.0.tgz#aa68fd35a0e3fbabfdaf570cd092b6a7cf8df6f5" - integrity sha512-yqXZMLe109hSJ8sebI/f2m1XNnVuQowpELOhZSGOFOmLfvUyFBAEi0ULdqX1eb8xbttLgjcrumrZfMgmEwuCPw== +next-basics@^0.36.0: + version "0.36.0" + resolved "https://registry.yarnpkg.com/next-basics/-/next-basics-0.36.0.tgz#b1675c3f2b98df2fec8df605095dab7d17f9dc7b" + integrity sha512-Nwou8pCjFuoD/ZxUw9iKC7hhZeWbo/ng0ze74yck3W89MNc/CepwCDziflAHY5XcmIVNmpXOCu9OfmzTdVRPWQ== dependencies: bcryptjs "^2.4.3" jsonwebtoken "^9.0.0"