From 43e123417fb0a2ffedf3af1c94923ba147e9af45 Mon Sep 17 00:00:00 2001 From: Kevin Heis Date: Thu, 9 Jan 2025 13:09:36 -0800 Subject: [PATCH] Remove remote IP endpoint (#53826) --- src/frame/middleware/index.ts | 2 -- src/frame/middleware/remote-ip.ts | 25 ------------------- src/frame/tests/remote-ip.ts | 41 ------------------------------- 3 files changed, 68 deletions(-) delete mode 100644 src/frame/middleware/remote-ip.ts delete mode 100644 src/frame/tests/remote-ip.ts diff --git a/src/frame/middleware/index.ts b/src/frame/middleware/index.ts index d899c34c549f..9d4c9a99d42a 100644 --- a/src/frame/middleware/index.ts +++ b/src/frame/middleware/index.ts @@ -29,7 +29,6 @@ import archivedEnterpriseVersionsAssets from '@/archives/middleware/archived-ent import api from './api' import healthz from './healthz' import manifestJson from './manifest-json' -import remoteIP from './remote-ip' import buildInfo from './build-info' import reqHeaders from './req-headers' import archivedEnterpriseVersions from '@/archives/middleware/archived-enterprise-versions' @@ -245,7 +244,6 @@ export default function (app: Express) { // *** Rendering, 2xx responses *** app.use('/api', api) - app.get('/_ip', remoteIP) app.get('/_build', buildInfo) app.get('/_req-headers', reqHeaders) app.use(asyncMiddleware(manifestJson)) diff --git a/src/frame/middleware/remote-ip.ts b/src/frame/middleware/remote-ip.ts deleted file mode 100644 index b0072409e207..000000000000 --- a/src/frame/middleware/remote-ip.ts +++ /dev/null @@ -1,25 +0,0 @@ -import type { Request, Response } from 'express' - -import { noCacheControl } from './cache-control.js' - -export default function remoteIp(req: Request, res: Response) { - noCacheControl(res) - res.json({ - ip: req.ip, - 'x-forwarded-for': req.headers['x-forwarded-for'] || null, - 'x-forwarded-host': req.headers['x-forwarded-host'] || null, - host: req.headers['host'] || null, - 'fastly-client-ip': req.headers['fastly-client-ip'] || null, - }) -} - -/* -Note from previous author: -This is used to check that the WAF is working correctly. -Doing things such as IP blocking in the Azure Firewall. -To make sure we got the Fastly -> Azure FrontDoor -> Azure App service header stuff right. -For example, if you use the express IP rate limit thing, -you want to make sure it's using the end user's IP and not the Fastly POP node. -So it was to end-to-end test the config by comparing that URL -with this https://www.google.com/search?q=what+is+my+ip -*/ diff --git a/src/frame/tests/remote-ip.ts b/src/frame/tests/remote-ip.ts deleted file mode 100644 index 37a963ebddf2..000000000000 --- a/src/frame/tests/remote-ip.ts +++ /dev/null @@ -1,41 +0,0 @@ -import { describe, expect, test, vi } from 'vitest' - -import { get } from '@/tests/helpers/e2etest.js' - -describe('remote ip debugging', () => { - vi.setConfig({ testTimeout: 60 * 1000 }) - - test('basics', async () => { - const res = await get('/_ip') - expect(res.statusCode).toBe(200) - expect(res.headers['content-type']).toContain('application/json') - const kv = JSON.parse(res.body) - expect('ip' in kv).toBeTruthy() - expect('x-forwarded-for' in kv).toBeTruthy() - expect('fastly-client-ip' in kv).toBeTruthy() - }) - - test('carrying the x-forwarded-for header', async () => { - const res = await get('/_ip', { - headers: { - 'X-Forwarded-For': '123.123.0.1', - }, - }) - expect(res.statusCode).toBe(200) - const kv = JSON.parse(res.body) - expect(kv['x-forwarded-for']).toBe('123.123.0.1') - }) - - test('req.ip becomes the first value from x-forwarded-for', async () => { - const xForwardedFor = '100.0.0.1, 100.0.0.2, 100.0.0.3' - const res = await get('/_ip', { - headers: { - 'X-Forwarded-For': xForwardedFor, - }, - }) - expect(res.statusCode).toBe(200) - const kv = JSON.parse(res.body) - expect(kv.ip).toBe('100.0.0.1') - expect(kv['x-forwarded-for']).toBe(xForwardedFor) - }) -})