mirror of
https://github.com/n8n-io/n8n.git
synced 2024-12-24 04:04:06 -08:00
fix(core): Prevent bots from scanning the application (no-changelog) (#7066)
N8N-6878
This commit is contained in:
parent
a693b29134
commit
2432dcc661
|
@ -142,6 +142,7 @@
|
|||
"infisical-node": "^1.3.0",
|
||||
"inquirer": "^7.0.1",
|
||||
"ioredis": "^5.2.4",
|
||||
"isbot": "^3.6.13",
|
||||
"json-diff": "^1.0.6",
|
||||
"jsonschema": "^1.4.1",
|
||||
"jsonwebtoken": "^9.0.0",
|
||||
|
|
|
@ -3,6 +3,9 @@ import { readFile } from 'fs/promises';
|
|||
import type { Server } from 'http';
|
||||
import express from 'express';
|
||||
import compression from 'compression';
|
||||
import isbot from 'isbot';
|
||||
import { jsonParse, LoggerProxy as Logger } from 'n8n-workflow';
|
||||
|
||||
import config from '@/config';
|
||||
import { N8N_VERSION, inDevelopment, inTest } from '@/constants';
|
||||
import { ActiveWorkflowRunner } from '@/ActiveWorkflowRunner';
|
||||
|
@ -16,7 +19,6 @@ import { TestWebhooks } from '@/TestWebhooks';
|
|||
import { WaitingWebhooks } from '@/WaitingWebhooks';
|
||||
import { webhookRequestHandler } from '@/WebhookHelpers';
|
||||
import { RedisService } from '@/services/redis.service';
|
||||
import { jsonParse } from 'n8n-workflow';
|
||||
import { eventBus } from './eventbus';
|
||||
import type { AbstractEventMessageOptions } from './eventbus/EventMessageClasses/AbstractEventMessageOptions';
|
||||
import { getEventMessageObjectByType } from './eventbus/EventMessageClasses/Helpers';
|
||||
|
@ -270,6 +272,16 @@ export abstract class AbstractServer {
|
|||
);
|
||||
}
|
||||
|
||||
// Block bots from scanning the application
|
||||
const checkIfBot = isbot.spawn(['bot']);
|
||||
this.app.use((req, res, next) => {
|
||||
const userAgent = req.headers['user-agent'];
|
||||
if (!userAgent || checkIfBot(userAgent)) {
|
||||
Logger.info(`Blocked ${req.method} ${req.url} for "${userAgent}"`);
|
||||
res.status(204).end();
|
||||
} else next();
|
||||
});
|
||||
|
||||
if (inDevelopment) {
|
||||
this.setupDevMiddlewares();
|
||||
}
|
||||
|
|
|
@ -828,7 +828,7 @@
|
|||
"iconv-lite": "^0.6.2",
|
||||
"ics": "^2.27.0",
|
||||
"imap-simple": "^4.3.0",
|
||||
"isbot": "^3.3.4",
|
||||
"isbot": "^3.6.13",
|
||||
"iso-639-1": "^2.1.3",
|
||||
"js-nacl": "^1.4.0",
|
||||
"jsonwebtoken": "^9.0.0",
|
||||
|
|
|
@ -317,6 +317,9 @@ importers:
|
|||
ioredis:
|
||||
specifier: ^5.2.4
|
||||
version: 5.2.4
|
||||
isbot:
|
||||
specifier: ^3.6.13
|
||||
version: 3.6.13
|
||||
json-diff:
|
||||
specifier: ^1.0.6
|
||||
version: 1.0.6
|
||||
|
@ -1061,8 +1064,8 @@ importers:
|
|||
specifier: ^4.3.0
|
||||
version: 4.3.0
|
||||
isbot:
|
||||
specifier: ^3.3.4
|
||||
version: 3.6.1
|
||||
specifier: ^3.6.13
|
||||
version: 3.6.13
|
||||
iso-639-1:
|
||||
specifier: ^2.1.3
|
||||
version: 2.1.15
|
||||
|
@ -14366,8 +14369,8 @@ packages:
|
|||
/isarray@2.0.5:
|
||||
resolution: {integrity: sha512-xHjhDr3cNBK0BzdUJSPXZntQUx/mwMS5Rw4A7lPJ90XGAO6ISP/ePDNuo0vhqOZU+UD5JoodwCAAoZQd3FeAKw==}
|
||||
|
||||
/isbot@3.6.1:
|
||||
resolution: {integrity: sha512-e1RmjWns87x60QyiHberWWMJGutL3+Ad0nZ8cz735iDEDDS6ApPfKSFo4EMj0PmMZ0m0ntpWIM0ADdqDFvUJPQ==}
|
||||
/isbot@3.6.13:
|
||||
resolution: {integrity: sha512-uoP4uK5Dc2CrabmK+Gue1jTL+scHiCc1c9rblRpJwG8CPxjLIv8jmGyyGRGkbPOweayhkskdZsEQXG6p+QCQrg==}
|
||||
engines: {node: '>=12'}
|
||||
dev: false
|
||||
|
||||
|
|
Loading…
Reference in a new issue