mirror of
https://github.com/Wolvan/poll.horse.git
synced 2024-11-21 20:47:59 +01:00
Fix IP Deduplication check behind proxy
Turns out using `X-Forwarded-For` appends each proxy's IP. This leads to being able to easily circumvent IP duplication checking especially behind hosts like cloudflare that use different routes each time to reach the destination server. Now the IP is being split at all commas, as hosts are comma separated in the header and uses the first IP it can get.
This commit is contained in:
parent
4788087a3e
commit
c9ef07880a
1 changed files with 3 additions and 2 deletions
|
@ -94,8 +94,9 @@ export default async function init(router: Router, polls: Storage): Promise<void
|
||||||
};
|
};
|
||||||
|
|
||||||
if (poll.dupeCheckMode === "ip") {
|
if (poll.dupeCheckMode === "ip") {
|
||||||
if (Array.isArray(poll.dupeData) && poll.dupeData.includes(ip as string)) return null;
|
const dupeIP = ip.split(/, ?/).shift() || "";
|
||||||
if (Array.isArray(poll.dupeData)) poll.dupeData.push(ip as string);
|
if (Array.isArray(poll.dupeData) && poll.dupeData.includes(dupeIP)) return null;
|
||||||
|
if (Array.isArray(poll.dupeData)) poll.dupeData.push(dupeIP);
|
||||||
} else if (poll.dupeCheckMode === "cookie") {
|
} else if (poll.dupeCheckMode === "cookie") {
|
||||||
const cookie = cookies[poll.dupeData as string];
|
const cookie = cookies[poll.dupeData as string];
|
||||||
if (cookie) return null;
|
if (cookie) return null;
|
||||||
|
|
Loading…
Reference in a new issue