@@ -18,29 +18,29 @@ module.exports = function() {
1818 // Check for IP range allowances. Requests will be allowed through if the IP address is in range.
1919 var ipRanges = process . env . ANONYMOUS_ACCESS_BLOCKER_ALLOWED_IP_RANGES ;
2020 if ( ipRanges ) {
21- // The set of allowed ranges has to be separated by space
22- // characters or a comma.
23- var allowedRanges = ipRanges . split ( / \s + | , / ) ;
21+ // The set of allowed ranges has to be separated by space characters, a comma, or newline.
22+ var allowedRanges = ipRanges . split ( / \s + | , | \n / ) ;
2423
2524 // Using req.ips requires that express 'trust proxy' setting is
2625 // true. When it *is* set the value for ips is extracted from the
2726 // X-Forwarded-For request header. The originating IP address is
2827 // the last one in the array.
29- var requestIP = ( req . ips . length > 0 ) ? req . ips . slice ( ) . pop ( ) : req . ip ;
30- console . log ( 'Client IP: ' + requestIP ) ;
28+ var requestIP = ( process . env . CLIENT_IP_ADDRESS_HEADER ) ? req . header ( process . env . CLIENT_IP_ADDRESS_HEADER ) : req . ip ;
29+ requestIP = rangeCheck . searchIP ( requestIP ) ;
3130
3231 // Deny the request if request IP is not in one of the allowed
3332 // IP address ranges.
3433 var requestAllowed = range_check . in_range ( requestIP , allowedRanges ) ;
3534
3635 if ( requestAllowed ) {
37-
3836 // Allow the request to process
37+ console . log ( 'Allowed IP: ' + requestIP ) ;
3938 return next ( ) ;
4039 }
4140 }
4241
4342 // Request is not allowed. Send the contents of the unauthorized.html file.
43+ console . log ( 'Blocked IP: ' + requestIP ) ;
4444 res . sendfile ( __dirname + '/unauthorized.html' ) ;
4545 return ;
4646 }
0 commit comments