NestJS Referers

Decorator based validation for request referers.

Introduction

NestJS Referers is a simple package that implements decorator based validation for the referer header of incoming HTTP requests. The adopted syntax for specifying allowed URL's was based on Algolia's example.

A few examples:

• https://algolia.com/* will restrict access to all referers starting with https://algolia.com
• *.algolia.com will restrict access to all referers ending with .algolia.com
• If you want to allow access for the full domain algolia.com, you can use algolia.com/

Regarding security, you should know that referers can be easily spoofed like any other HTTP header, so you should not rely on this technique alone for securing requests.

Installation

npm i nestjs-referers --save

Basic usage

You can checkout the usage of this package with this example.

test.controller.ts

import { Controller,Get} from '@nestjs/common';
import { ValidateReferers } from "nestjs-referers"
 
 
@Controller('test')
export class TestController {
    constructor(){}
 
    @Get('/')
    @ValidateReferers("*localhost*","https://website/*")
    async testRoute() {
       return "OK"
    }
}
 
 

Installation for Development

1. Clone the repo
2. Run npm/yarn install

cd nestjs-referers
npm install

Change Log

See Changelog for more information.

Contributing

All contributions are welcome! Check out Contributing.

Author

Ricardo Ferreira da Silva (Check out my Website)

License

Licensed under the MIT License - see the LICENSE file for details.