movie-web/simple-proxy
1
0
Fork 0
mirror of https://github.com/movie-web/simple-proxy.git synced 2025-09-13 16:33:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: CORS and body

Browse Source
This commit is contained in:
Isra
2023-09-09 01:47:34 -05:00
parent 6e7df4e107
commit af1331bcc2
1 changed files with 53 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

105
routes/index.ts
View File

@@ -1,16 +1,16 @@
import { import {
defineEventHandler, defineEventHandler,
EventHandlerRequest, EventHandlerRequest,
readBody, readRawBody,
getQuery, getQuery,
isMethod, isMethod,
H3Event, H3Event,
} from 'h3'; } from "h3";
const corsHeaders = { const corsHeaders = {
'Access-Control-Allow-Origin': '*', "Access-Control-Allow-Origin": "*",
'Access-Control-Allow-Methods': 'GET,HEAD,POST,OPTIONS', "Access-Control-Allow-Methods": "GET,HEAD,POST,OPTIONS",
'Access-Control-Max-Age': '86400', "Access-Control-Max-Age": "86400",
}; };
async function handleRequest( async function handleRequest(
@@ -24,7 +24,7 @@ async function handleRequest(
): Promise<Response> { ): Promise<Response> {
console.log( console.log(
`PROXYING ${requestData.destination}${ `PROXYING ${requestData.destination}${
iteration ? ' ON ITERATION ' + iteration : '' iteration ? " ON ITERATION " + iteration : ""
}`, }`,
); );
@@ -34,45 +34,45 @@ async function handleRequest(
method: requestData.method, method: requestData.method,
body: requestData.body, body: requestData.body,
}); });
request.headers.set('Origin', new URL(requestData.destination).origin); request.headers.set("Origin", new URL(requestData.destination).origin);
// TODO: Make cookie handling better. PHPSESSID overwrites all other cookie related headers // TODO: Make cookie handling better. PHPSESSID overwrites all other cookie related headers
// Add custom X headers from client // Add custom X headers from client
// These headers are usually forbidden to be set by fetch // These headers are usually forbidden to be set by fetch
const cookieValue = request.headers.get('X-Cookie'); const cookieValue = request.headers.get("X-Cookie");
if (cookieValue) { if (cookieValue) {
request.headers.set('Cookie', cookieValue); request.headers.set("Cookie", cookieValue);
request.headers.delete('X-Cookie'); request.headers.delete("X-Cookie");
} }
const refererValue = request.headers.get('X-Referer'); const refererValue = request.headers.get("X-Referer");
if (refererValue) { if (refererValue) {
request.headers.set('Referer', refererValue); request.headers.set("Referer", refererValue);
request.headers.delete('X-Referer'); request.headers.delete("X-Referer");
} }
const originValue = request.headers.get('X-Origin'); const originValue = request.headers.get("X-Origin");
if (originValue) { if (originValue) {
request.headers.set('Origin', originValue); request.headers.set("Origin", originValue);
request.headers.delete('X-Origin'); request.headers.delete("X-Origin");
} }
// Set PHPSESSID cookie // Set PHPSESSID cookie
if (request.headers.get('PHPSESSID')) { if (request.headers.get("PHPSESSID")) {
request.headers.set( request.headers.set(
'Cookie', "Cookie",
`PHPSESSID=${request.headers.get('PHPSESSID')}`, `PHPSESSID=${request.headers.get("PHPSESSID")}`,
); );
} }
// Set User Agent, if not exists // Set User Agent, if not exists
const userAgent = request.headers.get('User-Agent'); const userAgent = request.headers.get("User-Agent");
if (!userAgent) { if (!userAgent) {
request.headers.set( request.headers.set(
'User-Agent', "User-Agent",
'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/93.0', "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/93.0",
); );
} }
@@ -80,12 +80,12 @@ async function handleRequest(
const oResponse = await fetch(request.clone()); const oResponse = await fetch(request.clone());
// If the server returned a redirect, follow it // If the server returned a redirect, follow it
const locationValue = oResponse.headers.get('location'); const locationValue = oResponse.headers.get("location");
if ((oResponse.status === 302 || oResponse.status === 301) && locationValue) { if ((oResponse.status === 302 || oResponse.status === 301) && locationValue) {
// Server tried to redirect too many times // Server tried to redirect too many times
if (iteration > 5) { if (iteration > 5) {
return new Response('418 Too many redirects', { return new Response("418 Too many redirects", {
status: 418, status: 418,
}); });
} }
@@ -106,36 +106,36 @@ async function handleRequest(
const response = new Response(oResponse.body, oResponse); const response = new Response(oResponse.body, oResponse);
// Set CORS headers // Set CORS headers
response.headers.set('Access-Control-Allow-Origin', '*'); response.headers.set("Access-Control-Allow-Origin", "*");
response.headers.set('Access-Control-Expose-Headers', '*'); response.headers.set("Access-Control-Expose-Headers", "*");
const cookiesToSet = response.headers.get('Set-Cookie'); const cookiesToSet = response.headers.get("Set-Cookie");
// Transfer Set-Cookie to X-Set-Cookie // Transfer Set-Cookie to X-Set-Cookie
// Normally the Set-Cookie header is not accessible to fetch clients // Normally the Set-Cookie header is not accessible to fetch clients
const setCookieValue = response.headers.get('Set-Cookie'); const setCookieValue = response.headers.get("Set-Cookie");
if (cookiesToSet && setCookieValue) { if (cookiesToSet && setCookieValue) {
response.headers.set('X-Set-Cookie', setCookieValue); response.headers.set("X-Set-Cookie", setCookieValue);
} }
// Set PHPSESSID cookie // Set PHPSESSID cookie
if ( if (
cookiesToSet && cookiesToSet &&
cookiesToSet.includes('PHPSESSID') && cookiesToSet.includes("PHPSESSID") &&
cookiesToSet.includes(';') cookiesToSet.includes(";")
) { ) {
let phpsessid = cookiesToSet.slice(cookiesToSet.search('PHPSESSID') + 10); let phpsessid = cookiesToSet.slice(cookiesToSet.search("PHPSESSID") + 10);
phpsessid = phpsessid.slice(0, phpsessid.search(';')); phpsessid = phpsessid.slice(0, phpsessid.search(";"));
response.headers.set('PHPSESSID', phpsessid); response.headers.set("PHPSESSID", phpsessid);
} }
// Append to/Add Vary header so browser will cache response correctly // Append to/Add Vary header so browser will cache response correctly
response.headers.append('Vary', 'Origin'); response.headers.append("Vary", "Origin");
// Add X-Final-Destination header to get the final url // Add X-Final-Destination header to get the final url
response.headers.set('X-Final-Destination', oResponse.url); response.headers.set("X-Final-Destination", oResponse.url);
return response; return response;
} }
@@ -146,24 +146,24 @@ function handleOptions(request: H3Event<EventHandlerRequest>) {
const headers = request.headers; const headers = request.headers;
let response = new Response(null, { let response = new Response(null, {
headers: { headers: {
Allow: 'GET, HEAD, POST, OPTIONS', Allow: "GET, HEAD, POST, OPTIONS",
}, },
}); });
if ( if (
headers.get('Origin') !== null && headers.get("Origin") !== null &&
headers.get('Access-Control-Request-Method') !== null && headers.get("Access-Control-Request-Method") !== null &&
headers.get('Access-Control-Request-Headers') !== null headers.get("Access-Control-Request-Headers") !== null
) { ) {
let accessControlRequestValue = headers.get( let accessControlRequestValue = headers.get(
'Access-Control-Request-Headers', "Access-Control-Request-Headers",
); );
response = new Response(null, { response = new Response(null, {
headers: { headers: {
...corsHeaders, ...corsHeaders,
// Allow all future content Request headers to go back to browser // Allow all future content Request headers to go back to browser
// such as Authorization (Bearer) or X-Client-Name-Version // such as Authorization (Bearer) or X-Client-Name-Version
accessControlRequestValue: accessControlRequestValue || '', "Access-Control-Allow-Headers": accessControlRequestValue || "",
}, },
}); });
} }
@@ -174,32 +174,33 @@ function handleOptions(request: H3Event<EventHandlerRequest>) {
export default defineEventHandler(async (event) => { export default defineEventHandler(async (event) => {
const destination = getQuery(event).destination; const destination = getQuery(event).destination;
let response = new Response('404 Not Found', { let response = new Response("404 Not Found", {
status: 404, status: 404,
}); });
let body; let body;
try { try {
body = await readBody(event); body = await readRawBody(event);
} catch { } catch (err) {
body = null; body = null;
console.log(err);
} }
if (isMethod(event, 'OPTIONS')) { if (isMethod(event, "OPTIONS")) {
// Handle CORS preflight requests // Handle CORS preflight requests
response = handleOptions(event); response = handleOptions(event);
} else if (!destination?.toString()) { } else if (!destination?.toString()) {
response = new Response('200 OK', { response = new Response("200 OK", {
status: 200, status: 200,
headers: { headers: {
Allow: 'GET, HEAD, POST, OPTIONS', Allow: "GET, HEAD, POST, OPTIONS",
'Access-Control-Allow-Origin': '*', "Access-Control-Allow-Origin": "*",
}, },
}); });
} else if ( } else if (
isMethod(event, 'GET') || isMethod(event, "GET") ||
isMethod(event, 'HEAD') || isMethod(event, "HEAD") ||
isMethod(event, 'POST') isMethod(event, "POST")
) { ) {
// Handle request // Handle request
response = await handleRequest({ response = await handleRequest({