replaced fxa-geodb with load balancer header

Co-authored-by: timvisee <tim@visee.me>
2020-07-28 09:31:09 -07:00 · 2020-07-28 09:31:09 -07:00 · b5ef1785ab
commit b5ef1785ab
parent 4b1b7cb821
8 changed files with 84 additions and 141 deletions
--- a/server/routes/delete.js
+++ b/server/routes/delete.js
@ -11,6 +11,8 @@ module.exports = async function(req, res) {
    statDeleteEvent({
      id,
      ip: req.ip,
+      country: req.geo.country,
+      state: req.geo.state,
      owner: meta.owner,
      download_count: meta.dl,
      ttl,
--- a/server/routes/download.js
+++ b/server/routes/download.js
@ -31,6 +31,8 @@ module.exports = async function(req, res) {
      statDownloadEvent({
        id,
        ip: req.ip,
+        country: req.geo.country,
+        state: req.geo.state,
        owner: meta.owner,
        download_count: dl,
        ttl,
--- a/server/routes/index.js
+++ b/server/routes/index.js
@ -32,55 +32,54 @@ module.exports = function(app) {
  });
  if (!IS_DEV) {
    let csp = {
-        directives: {
-          defaultSrc: ["'self'"],
-          connectSrc: [
-            "'self'",
-            'wss://*.dev.lcip.org',
-            'wss://*.send.nonprod.cloudops.mozgcp.net',
-            config.base_url.replace(/^https:\/\//, 'wss://'),
-            'https://*.dev.lcip.org',
-            'https://accounts.firefox.com',
-            'https://*.accounts.firefox.com',
-            'https://sentry.prod.mozaws.net'
-          ],
-          imgSrc: [
-            "'self'",
-            'https://*.dev.lcip.org',
-            'https://firefoxusercontent.com',
-            'https://secure.gravatar.com'
-          ],
-          scriptSrc: [
-            "'self'",
-            function(req) {
-              return `'nonce-${req.cspNonce}'`;
-            }
-          ],
-          formAction: ["'none'"],
-          frameAncestors: ["'none'"],
-          objectSrc: ["'none'"],
-          reportUri: '/__cspreport__'
-        }
+      directives: {
+        defaultSrc: ["'self'"],
+        connectSrc: [
+          "'self'",
+          'wss://*.dev.lcip.org',
+          'wss://*.send.nonprod.cloudops.mozgcp.net',
+          config.base_url.replace(/^https:\/\//, 'wss://'),
+          'https://*.dev.lcip.org',
+          'https://accounts.firefox.com',
+          'https://*.accounts.firefox.com',
+          'https://sentry.prod.mozaws.net'
+        ],
+        imgSrc: [
+          "'self'",
+          'https://*.dev.lcip.org',
+          'https://firefoxusercontent.com',
+          'https://secure.gravatar.com'
+        ],
+        scriptSrc: [
+          "'self'",
+          function(req) {
+            return `'nonce-${req.cspNonce}'`;
+          }
+        ],
+        formAction: ["'none'"],
+        frameAncestors: ["'none'"],
+        objectSrc: ["'none'"],
+        reportUri: '/__cspreport__'
      }
+    };

-    csp.directives.connectSrc.push(config.base_url.replace(/^https:\/\//,'wss://'))
-    if(config.fxa_csp_oauth_url != ""){
-      csp.directives.connectSrc.push(config.fxa_csp_oauth_url)
-    }
-    if(config.fxa_csp_content_url != "" ){
-      csp.directives.connectSrc.push(config.fxa_csp_content_url)
-    }
-    if(config.fxa_csp_profile_url != "" ){
-      csp.directives.connectSrc.push(config.fxa_csp_profile_url)
-    }
-    if(config.fxa_csp_profileimage_url != ""){
-      csp.directives.imgSrc.push(config.fxa_csp_profileimage_url)
-    }
-
-
-    app.use(
-      helmet.contentSecurityPolicy(csp)
+    csp.directives.connectSrc.push(
+      config.base_url.replace(/^https:\/\//, 'wss://')
    );
+    if (config.fxa_csp_oauth_url != '') {
+      csp.directives.connectSrc.push(config.fxa_csp_oauth_url);
+    }
+    if (config.fxa_csp_content_url != '') {
+      csp.directives.connectSrc.push(config.fxa_csp_content_url);
+    }
+    if (config.fxa_csp_profile_url != '') {
+      csp.directives.connectSrc.push(config.fxa_csp_profile_url);
+    }
+    if (config.fxa_csp_profileimage_url != '') {
+      csp.directives.imgSrc.push(config.fxa_csp_profileimage_url);
+    }
+
+    app.use(helmet.contentSecurityPolicy(csp));
  }

  app.use(function(req, res, next) {
@ -91,6 +90,19 @@ module.exports = function(app) {
    );
    next();
  });
+  app.use(function(req, res, next) {
+    try {
+      // set by the load balancer
+      const [country, state] = req.header('X-Client-Geo-Location').split(',');
+      req.geo = {
+        country,
+        state
+      };
+    } catch (e) {
+      req.geo = {};
+    }
+    next();
+  });
  app.use(bodyParser.json());
  app.use(bodyParser.text());
  app.get('/', language, pages.index);
--- a/server/routes/metrics.js
+++ b/server/routes/metrics.js
@ -12,7 +12,8 @@ module.exports = async function(req, res) {
        data.session_id + deltaT,
        deltaT,
        data.platform,
-        req.ip
+        req.geo.country,
+        req.geo.state
      )
    );
    const status = await sendBatch(events);
--- a/server/routes/ws.js
+++ b/server/routes/ws.js
@ -111,6 +111,8 @@ module.exports = function(ws, req) {
        statUploadEvent({
          id: newId,
          ip: req.ip,
+          country: req.geo.country,
+          state: req.geo.state,
          owner,
          dlimit,
          timeLimit,