metrics is only allowed from localhost

author: mat <github@matdoes.dev> 2021-12-30 18:36:08 -0600
committer: mat <github@matdoes.dev> 2021-12-30 18:36:08 -0600
commit: 5a199b8842a6739b13ba2cfbb4561bae08546089 (patch)
tree: cb9443237bb61289718c367484c00c1065b3f5b9 /src
parent: 8f1855732cd86f891e84d15cf63b404f5e46191e (diff)
download: skyblock-api-5a199b8842a6739b13ba2cfbb4561bae08546089.tar.gz
skyblock-api-5a199b8842a6739b13ba2cfbb4561bae08546089.tar.bz2
skyblock-api-5a199b8842a6739b13ba2cfbb4561bae08546089.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/src/index.ts b/src/index.ts
index d6a18f7..613d7c8 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -203,7 +203,8 @@ const apiKeyCounter = new Gauge({
 })
 
 app.get('/metrics', async (req, res) => {
-	console.log(req.params, req.headers)
+	if (!req.headers.host?.startsWith('0.0.0.0:'))
+		return res.status(403).send('Forbidden')
 	try {
 		res.set('Content-Type', register.contentType)
 		res.end(await register.metrics())
author	mat <github@matdoes.dev>	2021-12-30 18:36:08 -0600
committer	mat <github@matdoes.dev>	2021-12-30 18:36:08 -0600
commit	5a199b8842a6739b13ba2cfbb4561bae08546089 (patch)
tree	cb9443237bb61289718c367484c00c1065b3f5b9 /src
parent	8f1855732cd86f891e84d15cf63b404f5e46191e (diff)
download	skyblock-api-5a199b8842a6739b13ba2cfbb4561bae08546089.tar.gz skyblock-api-5a199b8842a6739b13ba2cfbb4561bae08546089.tar.bz2 skyblock-api-5a199b8842a6739b13ba2cfbb4561bae08546089.zip