Update packages/remix/src/utils/getIpAddress.ts

onurtemizkan · lobsterkatie · web-flow · commit 0f5bb31216d2 · 2022-11-24T10:16:22.000Z
Co-authored-by: Katie Byers &lt;katie.byers@sentry.io&gt;
diff --git a/packages/remix/src/utils/getIpAddress.ts b/packages/remix/src/utils/getIpAddress.ts
@@ -3,23 +3,6 @@
 
 import { isIP } from 'net';
 
-/**
- * This is the list of headers, in order of preference, that will be used to
- * determine the client's IP address.
- */
-const headerNames = [
-  'X-Client-IP',
-  'X-Forwarded-For',
-  'Fly-Client-IP',
-  'CF-Connecting-IP',
-  'Fastly-Client-Ip',
-  'True-Client-Ip',
-  'X-Real-IP',
-  'X-Cluster-Client-IP',
-  'X-Forwarded',
-  'Forwarded-For',
-  'Forwarded',
-];
 /**
  * Get the IP address of the client sending a request.
  *
@@ -45,35 +28,58 @@ const headerNames = [
  * will be returned.
  */
 export function getClientIPAddress(headers: Headers): string | null {
-  const ipAddress = headerNames
-    .map((headerName: string) => {
-      const value = headers.get(headerName);
-      if (headerName === 'Forwarded') {
-        return parseForwardedHeader(value);
-      }
-      if (!value?.includes(', ')) return value;
-      return value.split(', ');
-    })
-    .reduce((acc: string[], val) => {
-      if (!val) {
-        return acc;
-      }
+  // The headers to check, in priority order
+  const headerNames = [
+    "X-Client-IP",
+    "X-Forwarded-For",
+    "Fly-Client-IP",
+    "CF-Connecting-IP",
+    "Fastly-Client-Ip",
+    "True-Client-Ip",
+    "X-Real-IP",
+    "X-Cluster-Client-IP",
+    "X-Forwarded",
+    "Forwarded-For",
+    "Forwarded",
+  ];
+
+  // This will end up being Array<string | string[] | undefined | null> because of the various possible values a header
+  // can take
+  const headerValues = headerNames.map((headerName: string) => {
+    const value = headers.get(headerName);
+    
+    if (headerName === "Forwarded") {
+      return parseForwardedHeader(value);
+    }
+    
+    return value?.split(", ");
+  });
+
+  // Flatten the array and filter out any falsy entries
+  const flattenedHeaderValues = headerValues.reduce((acc: string[], val) => {
+    if (!val) {
+      return acc;
+    }
 
-      return acc.concat(val);
-    }, [])
-    .find(ip => {
-      if (ip === null) return false;
-      return isIP(ip);
-    });
+    return acc.concat(val);
+  }, []);
 
-  return ipAddress ?? null;
+  // Find the first value which is a valid IP address, if any
+  const ipAddress = flattenedHeaderValues.find((ip) => ip !== null && isIP(ip));
+
+  return ipAddress || null;
 }
 
 function parseForwardedHeader(value: string | null): string | null {
-  if (!value) return null;
-  for (const part of value.split(';')) {
-    if (part.startsWith('for=')) return part.slice(4);
-    continue;
+  if (!value) {
+    return null;
+  }
+
+  for (const part of value.split(";")) {
+    if (part.startsWith("for=")) {
+      return part.slice(4);
+    }
   }
+
   return null;
 }
