To retrieve the legitimate source hostname in Nodejs Express, you can use the req.get('host') method, which returns the value of the Host header in the HTTP request.
Here's an example code snippet:
app.get('/example', function(req, res) {
var clientHost = req.get('host');
var serverHost = req.hostname;
if (clientHost === serverHost) {
// Request is legitimate
res.send('Legitimate request');
} else {
// Spoofed request
res.send('Spoofed request');
}
});
In this example, we retrieve the client's hostname using the req.get('host') method and compare it with the server's hostname using the req.hostname method. If the two values match, the request is considered legitimate, and we can proceed with the requested action. If the values do not match, the request is considered spoofed, and we can reject or handle it accordingly.
Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss
Asked: 2022-07-07 11:00:00 +0000
Seen: 7 times
Last updated: Jun 02 '22
What does "Failed to lookup view 'error' in views directory" mean in express node.js?
How can you express "Permission denied" in React-Native in different words?
How can empty URL parameters be handled in Node.js using Express?
Is it possible to display the os.hostname() module from nodejs in an electron application's HTML?