nex/college-bot-v1
1
0
Fork 0
mirror of https://github.com/nexy7574/LCC-bot.git synced 2024-09-19 18:16:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Properly detect invalid IP addresses to avoid sending bad requests

Browse source
This commit is contained in:
Nexus 2023-04-09 21:15:39 +01:00
parent e8f08398a2
commit eccdaa1274
Signed by: nex
GPG key ID: 0FA334385D0B689F
1 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
web/server.py
View file

@ -1,3 +1,5 @@
import ipaddress
import discord import discord
import os import os
import httpx import httpx
@ -133,7 +135,8 @@ async def authenticate(req: Request, code: str = None, state: str = None):
) )
# Now send a request to https://ip-api.com/json/{ip}?fields=status,city,zip,lat,lon,isp,query # Now send a request to https://ip-api.com/json/{ip}?fields=status,city,zip,lat,lon,isp,query
if req.client.host not in ("127.0.0.1", "localhost", "::1"): _host = ipaddress.ip_address(req.client.host)
if not any((_host.is_loopback, _host.is_private, _host.is_reserved, _host.is_unspecified)):
response = app.state.http.get( response = app.state.http.get(
f"http://ip-api.com/json/{req.client.host}?fields=status,city,zip,lat,lon,isp,query,proxy,hosting" f"http://ip-api.com/json/{req.client.host}?fields=status,city,zip,lat,lon,isp,query,proxy,hosting"
) )