From a973e36064786c54d050c64e665d78661e7883a7 Mon Sep 17 00:00:00 2001
From: Determinant <tederminant@gmail.com>
Date: Sun, 7 Jun 2020 16:32:48 -0400
Subject: new branch: denali-next

---
 plugin/evm/vm.go | 20 ++++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

(limited to 'plugin/evm')

diff --git a/plugin/evm/vm.go b/plugin/evm/vm.go
index 2dd0dd8..fbea1a3 100644
--- a/plugin/evm/vm.go
+++ b/plugin/evm/vm.go
@@ -327,6 +327,22 @@ func (vm *VM) LastAccepted() ids.ID {
 	return vm.lastAccepted.ID()
 }
 
+type ipFilter struct {
+	handler http.Handler
+}
+
+func (ipf ipFilter) ServeHTTP(writer http.ResponseWriter, request *http.Request) {
+	if ips, _, err := net.SplitHostPort(request.RemoteAddr); err != nil && ips == "127.0.0.1" {
+		ipf.handler.ServeHTTP(writer, request)
+		return
+	}
+	writer.WriterHeader(404)
+}
+
+func NewIPFilter(handler http.Handler) {
+	ipFilter{handler}
+}
+
 // CreateHandlers makes new http handlers that can handle API calls
 func (vm *VM) CreateHandlers() map[string]*commonEng.HTTPHandler {
 	handler := vm.chain.NewRPCHandler()
@@ -337,8 +353,8 @@ func (vm *VM) CreateHandlers() map[string]*commonEng.HTTPHandler {
 	handler.RegisterName("debug", &DebugAPI{vm})
 
 	return map[string]*commonEng.HTTPHandler{
-		"/rpc": &commonEng.HTTPHandler{LockOptions: commonEng.NoLock, Handler: handler},
-		"/ws":  &commonEng.HTTPHandler{LockOptions: commonEng.NoLock, Handler: handler.WebsocketHandler([]string{"*"})},
+		"/rpc": &commonEng.HTTPHandler{LockOptions: commonEng.NoLock, Handler: NewIPFilter(handler)},
+		"/ws":  &commonEng.HTTPHandler{LockOptions: commonEng.NoLock, Handler: NewIPFilter(handler.WebsocketHandler([]string{"*"}))},
 	}
 }
 
-- 
cgit v1.2.3-70-g09d2