Spaces:
Configuration error
Configuration error
File size: 1,662 Bytes
9de8f9d |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
import { config } from "../config";
import { RequestHandler } from "express";
const BLOCKED_REFERERS = config.blockedOrigins?.split(",") || [];
/** Disallow requests from blocked origins and referers. */
export const checkOrigin: RequestHandler = (req, res, next) => {
const msgToSend = `Your IP address is ${req.ip}. You have been reported for fraud.`;
const blocks = BLOCKED_REFERERS || [];
for (const block of blocks) {
if (
req.headers.origin?.includes(block) ||
req.headers.referer?.includes(block)
) {
req.log.warn(
{ origin: req.headers.origin, referer: req.headers.referer },
"Blocked request from origin or referer"
);
// VenusAI requests incorrectly say they accept HTML despite immediately
// trying to parse the response as JSON, so we check the body type instead
const hasJsonBody =
req.headers["content-type"]?.includes("application/json");
if (!req.accepts("html") || hasJsonBody) {
return res.status(403).json({
error: { type: "blocked_origin", message: msgToSend},
});
} else {
const destination = config.blockRedirect || "https://openai.com";
return res.status(403).send(
`<html>
<head>
<title>Redirecting</title>
<meta http-equiv="refresh" content="3; url=${destination}" />
</head>
<body style="font-family: sans-serif; height: 100vh; display: flex; flex-direction: column; justify-content: center; text-align: center;">
<h2>${msgToSend}</h3>
<p><strong>Please hold while you are redirected to a more suitable service.</strong></p>
</body>
</html>`
);
}
}
}
next();
};
|