diff --git a/Services/AbuseIPDBService.cs b/Services/AbuseIPDBService.cs index 9dee50f..f37db47 100644 --- a/Services/AbuseIPDBService.cs +++ b/Services/AbuseIPDBService.cs @@ -472,16 +472,16 @@ public async Task CheckIPAsync(string ipAddress, int maxAg // Build request URL with optional cloudprovider parameter var requestUrl = $"{_cloudflareWorkerUrl}?ipAddress={actualIpAddress}&maxAgeInDays={actualMaxAgeInDays}&verbose={verboseParam}&enableAI={enableAIParam}"; - + // Add cloudprovider parameter if specified (lowercase to match worker) if (!string.IsNullOrEmpty(cloudProvider)) { requestUrl += $"&cloudprovider={cloudProvider.ToLower()}"; } - + // Add timestamp requestUrl += $"×tamp={timestamp}"; - + // Normalize to lowercase for HMAC requestUrl = requestUrl.ToLower(); Console.WriteLine($"Requesting: {requestUrl}"); diff --git a/cloudflare-worker.template.js b/cloudflare-worker.template.js index a61cb1f..b97a92e 100644 --- a/cloudflare-worker.template.js +++ b/cloudflare-worker.template.js @@ -1008,6 +1008,21 @@ function isIpInRange(ip, cidrRange) { const isIPv6 = ip.includes(':'); const isRangeIPv6 = rangeIp.includes(':'); + // Validate prefix length based on IP version + if (isRangeIPv6) { + // IPv6: prefix must be 0-128 + if (prefix < 0 || prefix > 128) { + console.error('Invalid IPv6 prefix length:', prefix, '(must be 0-128) in', cidrRange); + return false; + } + } else { + // IPv4: prefix must be 0-32 + if (prefix < 0 || prefix > 32) { + console.error('Invalid IPv4 prefix length:', prefix, '(must be 0-32) in', cidrRange); + return false; + } + } + // IP versions must match if (isIPv6 !== isRangeIPv6) { return false;