Skip to content

Add prefix length validation for CIDR ranges in isIpInRange#17

Merged
devnomadic merged 3 commits into
bug/fix-worker-ai-bindingsfrom
copilot/sub-pr-16
Dec 28, 2025
Merged

Add prefix length validation for CIDR ranges in isIpInRange#17
devnomadic merged 3 commits into
bug/fix-worker-ai-bindingsfrom
copilot/sub-pr-16

Conversation

Copilot AI commented Dec 28, 2025

Copy link
Copy Markdown
Contributor

The isIpInRange function validated prefix parsing but not range bounds, allowing invalid values like /33 for IPv4 or /129 for IPv6 to pass through to bitwise operations.

Changes:

  • Add IPv4 prefix validation (0-32)
  • Add IPv6 prefix validation (0-128)
  • Return false with error logging for out-of-range values

Example:

// Before: Would attempt mask calculation with invalid prefix
isIpInRange('192.168.1.1', '192.168.1.0/33')  // Undefined behavior

// After: Rejects with clear error
isIpInRange('192.168.1.1', '192.168.1.0/33')
// console.error: "Invalid IPv4 prefix length: 33 (must be 0-32) in 192.168.1.0/33"
// returns: false

Validation occurs after NaN check and before IP version matching, preventing incorrect subnet mask calculations from (0xFFFFFFFF << (32 - prefixLength)) with out-of-bounds prefix values.


✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

…nges

Co-authored-by: devnomadic <14085319+devnomadic@users.noreply.github.com>
Copilot AI changed the title [WIP] WIP address feedback on worker AI bindings Add prefix length validation for CIDR ranges in isIpInRange Dec 28, 2025
Copilot AI requested a review from devnomadic December 28, 2025 09:13
@github-actions

Copy link
Copy Markdown

🚀 PR Status Dashboard

📊 Workflow Status

CI: success (view)
Deploy: not deployed

🌐 Preview Environments

SPA Preview: https://copilot-sub-pr-16.albatross-5kt.pages.dev
Worker Preview: https://abuseipdb-preview.devnomadic.workers.dev

📝 PR Details

Branch: copilot/sub-pr-16
Commit: f09e0c91
Author: @Copilot
Target: bug/fix-worker-ai-bindings
Last Updated: 2025-12-28T09:20:14.618Z


This comment is automatically updated by the PR Update workflow

@devnomadic devnomadic marked this pull request as ready for review December 28, 2025 09:23
@devnomadic devnomadic merged commit 3cc2ec3 into bug/fix-worker-ai-bindings Dec 28, 2025
10 checks passed
devnomadic added a commit that referenced this pull request Dec 28, 2025
* Update deployment configuration for preview environment and ensure AI binding is set correctly

* Add API page for IP analysis and reputation checking; update home page logo for December

* Fix casing for AI reputation property in API response

* Implement API response handling and create results page

* Enhance API response handling with HTML output and cloud provider support; remove legacy API results page

* Update API page to support HTML output and enhance syntax highlighting; fix cloud provider parameter casing

* Improve Azure manifest search logging and error handling; validate CIDR format and prefix length

* Fix JSON output highlighting in API page and adjust manifest URL casing

* Enhance JSON highlighting in API page by moving highlight logic to JS function and invoking it after rendering

* Enhance API documentation and UI; add interactive mode for IP analysis, improve error handling, and update styles

* Add API hostname selection and enhance response display in API page

* Enable workers_dev for production and preview environments in wrangler.toml

* Update cloudflare-worker.template.js

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update cloudflare-worker.template.js

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update cloudflare-worker.template.js

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update cloudflare-worker.template.js

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update cloudflare-worker.template.js

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update wwwroot/openapi.json

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update wwwroot/js/json-highlight.js

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Add prefix length validation for CIDR ranges in isIpInRange (#17)

* Initial plan

* Add prefix length validation for IPv4 (0-32) and IPv6 (0-128) CIDR ranges

Co-authored-by: devnomadic <14085319+devnomadic@users.noreply.github.com>

* Fix whitespace formatting in AbuseIPDBService.cs

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devnomadic <14085319+devnomadic@users.noreply.github.com>
Co-authored-by: Drew Kennedy <drewkenn@gmail.com>

* Update IP manifest filenames to lowercase and adjust last modified dates in sitemap

* Refactor code structure for improved readability and maintainability

* Add environment-based base URL and set ENVIRONMENT variables for production and preview

---------

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devnomadic <14085319+devnomadic@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants