43 lines
1.5 KiB
JavaScript
43 lines
1.5 KiB
JavaScript
|
import { CredentialsProviderError } from "@smithy/property-provider";
|
||
|
const LOOPBACK_CIDR_IPv4 = "127.0.0.0/8";
|
||
|
const LOOPBACK_CIDR_IPv6 = "::1/128";
|
||
|
const ECS_CONTAINER_HOST = "169.254.170.2";
|
||
|
const EKS_CONTAINER_HOST_IPv4 = "169.254.170.23";
|
||
|
const EKS_CONTAINER_HOST_IPv6 = "[fd00:ec2::23]";
|
||
|
export const checkUrl = (url) => {
|
||
|
if (url.protocol === "https:") {
|
||
|
return;
|
||
|
}
|
||
|
if (url.hostname === ECS_CONTAINER_HOST ||
|
||
|
url.hostname === EKS_CONTAINER_HOST_IPv4 ||
|
||
|
url.hostname === EKS_CONTAINER_HOST_IPv6) {
|
||
|
return;
|
||
|
}
|
||
|
if (url.hostname.includes("[")) {
|
||
|
if (url.hostname === "[::1]" || url.hostname === "[0000:0000:0000:0000:0000:0000:0000:0001]") {
|
||
|
return;
|
||
|
}
|
||
|
}
|
||
|
else {
|
||
|
if (url.hostname === "localhost") {
|
||
|
return;
|
||
|
}
|
||
|
const ipComponents = url.hostname.split(".");
|
||
|
const inRange = (component) => {
|
||
|
const num = parseInt(component, 10);
|
||
|
return 0 <= num && num <= 255;
|
||
|
};
|
||
|
if (ipComponents[0] === "127" &&
|
||
|
inRange(ipComponents[1]) &&
|
||
|
inRange(ipComponents[2]) &&
|
||
|
inRange(ipComponents[3]) &&
|
||
|
ipComponents.length === 4) {
|
||
|
return;
|
||
|
}
|
||
|
}
|
||
|
throw new CredentialsProviderError(`URL not accepted. It must either be HTTPS or match one of the following:
|
||
|
- loopback CIDR 127.0.0.0/8 or [::1/128]
|
||
|
- ECS container host 169.254.170.2
|
||
|
- EKS container host 169.254.170.23 or [fd00:ec2::23]`);
|
||
|
};
|