ericychoi/webhook-server.js

## webhook-server.js
const http = require('http');

const PORT = 80;
const ALLOWED_CIDRS = [
  '167.89.0.0/17',
  // Add more CIDRs as needed
];

function isIpInCidr(ip, cidr) {
  const [range, bits] = cidr.split('/');
  const mask = ~(2 ** (32 - parseInt(bits)) - 1);
  const ipNum = ip.split('.').reduce((acc, octet) => (acc << 8) + parseInt(octet), 0) >>> 0;
  const rangeNum = range.split('.').reduce((acc, octet) => (acc << 8) + parseInt(octet), 0) >>> 0;
  return (ipNum & mask) === (rangeNum & mask);
}

function isIpInAnyCidr(ip, cidrs) {
  return cidrs.some(cidr => isIpInCidr(ip, cidr));
}

const server = http.createServer((req, res) => {
  let clientIp = req.socket.remoteAddress;
  // Extract IPv4 from x-forwarded-for header or IPv6-mapped address
  if (req.headers['x-forwarded-for']) {
    clientIp = req.headers['x-forwarded-for'].split(',')[0].trim();
  } else if (clientIp.includes('::ffff:')) {
    clientIp = clientIp.split('::ffff:')[1];
  } else if (clientIp === '::1') {
    clientIp = '127.0.0.1';
  }

  if (req.method === 'POST' && req.url === '/webhook') {
    let body = '';

    req.on('data', chunk => {
      body += chunk.toString();
    });

    req.on('end', () => {
      console.log('Headers:', req.headers);
      console.log('Body:', body);

      try {
        const jsonData = JSON.parse(body);
        console.log('Parsed JSON:', jsonData);
      } catch (e) {
        console.log('Body is not JSON');
      }

      if (!isIpInAnyCidr(clientIp, ALLOWED_CIDRS)) {
        console.log(`Blocked request from ${clientIp} - not in allowed CIDR ${ALLOWED_CIDRS}`);
        res.writeHead(403, { 'Content-Type': 'text/plain' });
        res.end('Forbidden');
        return;
      }
      console.log('Accepted request from', clientIp);
      res.writeHead(200, { 'Content-Type': 'application/json' });
      res.end(JSON.stringify({ status: 'success', message: 'Webhook received' }));
    });
  } else {
    res.writeHead(404, { 'Content-Type': 'text/plain' });
    res.end('Not Found');
  }
});

server.listen(PORT, () => {
  console.log(`Webhook server listening on port ${PORT}`);
  console.log(`Send POST requests to http://localhost:${PORT}/webhook`);
});
	const http = require('http');

	const PORT = 80;
	const ALLOWED_CIDRS = [
	'167.89.0.0/17',
	// Add more CIDRs as needed
	];

	function isIpInCidr(ip, cidr) {
	const [range, bits] = cidr.split('/');
	const mask = ~(2 ** (32 - parseInt(bits)) - 1);
	const ipNum = ip.split('.').reduce((acc, octet) => (acc << 8) + parseInt(octet), 0) >>> 0;
	const rangeNum = range.split('.').reduce((acc, octet) => (acc << 8) + parseInt(octet), 0) >>> 0;
	return (ipNum & mask) === (rangeNum & mask);
	}

	function isIpInAnyCidr(ip, cidrs) {
	return cidrs.some(cidr => isIpInCidr(ip, cidr));
	}

	const server = http.createServer((req, res) => {
	let clientIp = req.socket.remoteAddress;
	// Extract IPv4 from x-forwarded-for header or IPv6-mapped address
	if (req.headers['x-forwarded-for']) {
	clientIp = req.headers['x-forwarded-for'].split(',')[0].trim();
	} else if (clientIp.includes('::ffff:')) {
	clientIp = clientIp.split('::ffff:')[1];
	} else if (clientIp === '::1') {
	clientIp = '127.0.0.1';
	}

	if (req.method === 'POST' && req.url === '/webhook') {
	let body = '';

	req.on('data', chunk => {
	body += chunk.toString();
	});

	req.on('end', () => {
	console.log('Headers:', req.headers);
	console.log('Body:', body);

	try {
	const jsonData = JSON.parse(body);
	console.log('Parsed JSON:', jsonData);
	} catch (e) {
	console.log('Body is not JSON');
	}

	if (!isIpInAnyCidr(clientIp, ALLOWED_CIDRS)) {
	console.log(`Blocked request from ${clientIp} - not in allowed CIDR ${ALLOWED_CIDRS}`);
	res.writeHead(403, { 'Content-Type': 'text/plain' });
	res.end('Forbidden');
	return;
	}
	console.log('Accepted request from', clientIp);
	res.writeHead(200, { 'Content-Type': 'application/json' });
	res.end(JSON.stringify({ status: 'success', message: 'Webhook received' }));
	});
	} else {
	res.writeHead(404, { 'Content-Type': 'text/plain' });
	res.end('Not Found');
	}
	});

	server.listen(PORT, () => {
	console.log(`Webhook server listening on port ${PORT}`);
	console.log(`Send POST requests to http://localhost:${PORT}/webhook`);
	});
No results found