diff --git a/package-lock.json b/package-lock.json index 905cc916..b0fca9f9 100644 --- a/package-lock.json +++ b/package-lock.json @@ -13,7 +13,7 @@ "@ethersphere/swarm-cid": "^0.1.0", "axios": "^1.5.1", "body-parser": "^1.20.2", - "cafe-utility": "^11.0.1", + "cafe-utility": "^13.1.0", "express": "^4.18.1", "prom-client": "^14.1.0", "request-stats": "^3.0.0", @@ -3128,9 +3128,9 @@ } }, "node_modules/cafe-utility": { - "version": "11.0.1", - "resolved": "https://registry.npmjs.org/cafe-utility/-/cafe-utility-11.0.1.tgz", - "integrity": "sha512-yyrNWXz/LE1NogeBPApPw2pPHWyVR0WdQMCg2Nl9rf5lIvcumP7Hs78R3wlbZb7I/uM98akf26GXdf/5Cc6QPQ==" + "version": "13.1.0", + "resolved": "https://registry.npmjs.org/cafe-utility/-/cafe-utility-13.1.0.tgz", + "integrity": "sha512-O2EKF+7rdXdhfmwEUjnI/EA7eL2ywkH/3WlUC74gBZe3KtGy4gZ/zAAPQLkWj9UyORmYWS5pGPOyKk1SVtcoiw==" }, "node_modules/call-bind": { "version": "1.0.2", @@ -12423,9 +12423,9 @@ "integrity": "sha512-/Nf7TyzTx6S3yRJObOAV7956r8cr2+Oj8AC5dt8wSP3BQAoeX58NoHyCU8P8zGkNXStjTSi6fzO6F0pBdcYbEg==" }, "cafe-utility": { - "version": "11.0.1", - "resolved": "https://registry.npmjs.org/cafe-utility/-/cafe-utility-11.0.1.tgz", - "integrity": "sha512-yyrNWXz/LE1NogeBPApPw2pPHWyVR0WdQMCg2Nl9rf5lIvcumP7Hs78R3wlbZb7I/uM98akf26GXdf/5Cc6QPQ==" + "version": "13.1.0", + "resolved": "https://registry.npmjs.org/cafe-utility/-/cafe-utility-13.1.0.tgz", + "integrity": "sha512-O2EKF+7rdXdhfmwEUjnI/EA7eL2ywkH/3WlUC74gBZe3KtGy4gZ/zAAPQLkWj9UyORmYWS5pGPOyKk1SVtcoiw==" }, "call-bind": { "version": "1.0.2", diff --git a/package.json b/package.json index 633e8841..a0352db2 100644 --- a/package.json +++ b/package.json @@ -65,7 +65,7 @@ "@ethersphere/swarm-cid": "^0.1.0", "axios": "^1.5.1", "body-parser": "^1.20.2", - "cafe-utility": "^11.0.1", + "cafe-utility": "^13.1.0", "express": "^4.18.1", "prom-client": "^14.1.0", "request-stats": "^3.0.0", diff --git a/src/proxy.ts b/src/proxy.ts index 1639ab54..d30cb95e 100644 --- a/src/proxy.ts +++ b/src/proxy.ts @@ -92,12 +92,15 @@ async function fetchAndRespond( }) if (options.allowlist) { + const currentCid = Strings.searchSubstring(path, x => x.length > 48 && x.startsWith('bah')) const currentHash = Strings.searchHex(path, 64) + const isBlockedHash = currentHash && !options.allowlist.includes(currentHash) + const isBlockedCid = currentCid && !options.allowlist.includes(currentCid) + if ( - currentHash && - (response.headers['content-disposition'] || '').toLowerCase().includes('.htm') && - !options.allowlist.includes(currentHash) + (isBlockedHash || isBlockedCid) && + (response.headers['content-disposition'] || '').toLowerCase().includes('.htm') ) { res.status(403).send('Forbidden')