Many proxies (e.g., IIS) add start/end brackets around IPv6 addresses in the X-Forwarded-For header, which prevents request-ip from being able to see them there since that fails the is.ip IPv6 regex test; this removes them if they're there.
This uses functions that have been in Javascript since time immemorial (string.startsWith, string.endsWith, string.substring), and all tests continue to pass.
Many proxies (e.g., IIS) add start/end brackets around IPv6 addresses in the X-Forwarded-For header, which prevents request-ip from being able to see them there since that fails the is.ip IPv6 regex test; this removes them if they're there.
This uses functions that have been in Javascript since time immemorial (string.startsWith, string.endsWith, string.substring), and all tests continue to pass.