ExilProductions/InviCanvas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added back Remote Cursors

Browse Source
This commit is contained in:
ExilProductions
2026-01-16 17:06:43 +01:00
parent fa0762643e
commit 8eed0a0a92
10 changed files with 307 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
server/middleware.ts
View File

@@ -19,7 +19,7 @@ export const securityHeaders = helmet({
frameSrc: ["'none'"],
},
},
crossOriginEmbedderPolicy: false, // Req. for Socket.io
crossOriginEmbedderPolicy: false,
hsts: {
maxAge: 31536000,
includeSubDomains: true,
@@ -37,6 +37,18 @@ export const createRateLimit = rateLimit({
},
standardHeaders: true,
legacyHeaders: false,
keyGenerator: (req: Request) => {
const forwarded = req.headers['x-forwarded-for'];
if (forwarded) {
return typeof forwarded === 'string'
? forwarded.split(',')[0].trim()
: forwarded[0];
}
return req.ip ||
req.headers['x-real-ip'] as string ||
req.connection.remoteAddress ||
'unknown';
},
handler: (req: Request, res: Response) => {
securityLogger.rateLimitExceeded(
req.ip || req.connection.remoteAddress || 'unknown',