phantom_proxy 1.1.0 → 1.2.0

data/README.rdoc

@@ -40,5 +40,9 @@ You can see the current proxy status by pointing your browser to
 	phantom_proxy_control_panel
 if you have set the proxy or just to the address and port the proxy is running at
 	address:port/phantom_proxy_control_panel
+
+Security(1.2.0)
+Now the phantom_proxy can be secured with a key. The system is implemented with an hmac algorithm.
+Simply supply "-hmac THE_KEY" when starting the proxy and the proxy is secured
  
 == TODO

data/bin/phantom_proxy

@@ -24,14 +24,37 @@ options = {
   :log_output => true
 }
 #Daemons.daemonize(options)
+
+PARAMETERS = Array.new
+
+hmac_key = nil
 phantom = false
+last_arg = nil
 ARGV.each { |arg|
-    phantom = true if /-self/.match(arg)
+  if !/-hmac/.match(arg) && !/-hmac/.match(last_arg) && !/-self/.match(arg)
+    PARAMETERS << arg
+  end
+  phantom = true if /-self/.match(arg)
+  hmac_key = arg if /-hmac/.match(last_arg)
+  last_arg = arg
 }
 
+if hmac_key
+  if !File.directory?("/tmp/phantom_proxy")
+    Dir.mkdir("/tmp/phantom_proxy")
+  end
+  
+  File.open("/tmp/phantom_proxy/key", 'w+') {|f| f.write(hmac_key) }
+else
+  begin
+    File.delete("/tmp/phantom_proxy/key")
+  rescue
+  end
+end
+
 if !phantom
-  startoptions = ["start", "-R", PhantomJSProxy::CONFIG, "-P", "/tmp/pids/phantom_proxy.pid", "--tag", "phantom_proxy"]+ARGV
-  Thin::Runner.new(startoptions).run!
+  startoptions = ["start", "-R", PhantomJSProxy::CONFIG, "-P", "/tmp/pids/phantom_proxy.pid", "--tag", "phantom_proxy"]+PARAMETERS
+  runner = Thin::Runner.new(startoptions).run!
 else
   Thin::Server.start(PhantomJSProxy::PhantomJSServer.new, ARGV[0], ARGV[1], ARGV[2])
 end

data/lib/phantom_proxy/phantomjs.rb

@@ -24,10 +24,10 @@ module PhantomJSProxy
       end
 			
 			if pictureOnly
-				if !File.directory?("/tmp/phantomjs_proxy")
-					Dir.mkdir("/tmp/phantomjs_proxy")
+				if !File.directory?("/tmp/phantom_proxy")
+					Dir.mkdir("/tmp/phantom_proxy")
 				end
-				pictureFile = Tempfile.new(["phantomjs_proxy/page", ".png"])
+				pictureFile = Tempfile.new(["phantom_proxy/page", ".png"])
 				picture = pictureFile.path
 			end
 			
@@ -75,7 +75,7 @@ module PhantomJSProxy
 		def invokePhantomJS(script, args)
 			argString = " "+args.join(" ")
 			puts("Call phantomJS with: "+argString)
-			out = IO.popen(PHANTOMJS_BIN+" --cookies-file=/tmp/phantomjs_proxy/cookies.txt "+script+argString)
+			out = IO.popen(PHANTOMJS_BIN+" --cookies-file=/tmp/phantom_proxy/cookies.txt "+script+argString)
 			o = out.readlines.join
       puts("PHANTOMJS_OUT: "+o)
 			return o

data/lib/phantom_proxy/phantomjsserver.rb

@@ -1,12 +1,27 @@
 require 'net/http'
+require 'hmac-md5'
 
 module PhantomJSProxy
 	class PhantomJSServer
-		def initialize()
+		def initialize
 		  @control_panel = PhantomJSProxy::PhantomJSControlPanel.new
+		  
+		  #load key
+		  @hmac_activated = false
+      @hmac = nil
+		  if File.directory?("/tmp/phantom_proxy")
+        if File.exists?("/tmp/phantom_proxy/key")
+          key = File.open("/tmp/phantom_proxy/key", "r").read
+          #puts "HMAC_KEY: #{key}"
+          @hmac_activated = true
+          @hmac = HMAC::MD5.new key
+        end
+      end
 		end
 		
 		attr_accessor :control_panel
+		attr_accessor :hmac
+		attr_accessor :hmac_activated
     
     def check_for_route(url)
       if /\.js/i.match(url)
@@ -42,6 +57,19 @@ module PhantomJSProxy
       resp.finish
     end
     
+    def check_request_security req, env
+      client_key = env['HTTP_HMAC_KEY']
+      client_time= Time.parse(env['HTTP_HMAC_TIME'])
+      remote_time= Time.now
+      remote_key = hmac.update(env['REQUEST_URI']+env['HTTP_HMAC_TIME']).hexdigest
+
+      if (client_key != remote_key || (remote_time-client_time).abs > 120)
+        control_panel.add_special_request "@did not pass security check"
+        return false
+      end
+      return true
+    end
+    
 		def call(env)
 		  control_panel.add_request
 		  
@@ -50,7 +78,21 @@ module PhantomJSProxy
 			haha = env.collect { |k, v| "#{k} : #{v}\n" }.join
 			env['rack.errors'].write("The request: "+req.url()+"\nGET: "+haha+"\n")
 			
-			params = req.params.collect { |k, v| "#{k}=#{v}&\n" }.join
+			if hmac_activated && !check_request_security(req, env)
+        resp = Rack::Response.new([], 503,  {
+                                                'Content-Type' => 'text/html'
+                                            }) { |r|
+          r.write("Security ERROR")
+        }
+        return resp.finish
+      end
+			
+			https_request = false
+			if /\:443/.match(req.url())
+			 https_request = true
+			end
+			
+			params = req.params.collect { |k, v| "#{k}=#{v}&" }.join
 			env['rack.errors'].write("Paramas: "+params+"\n")
       
       #this routes the request to the outgoing server incase its not html that we want to load
@@ -79,6 +121,11 @@ module PhantomJSProxy
         end
         
         url = env['REQUEST_URI'];
+        if https_request
+          url['http'] = 'https'
+          url[':443'] = ''
+        end
+        
         if params.length > 0
           url += '?'+params;
         end

data/lib/phantom_proxy/scripts/proxy.js

@@ -5,7 +5,7 @@ var frameCount = 1;
 var frameContent = [];
 var masterURL = "";
 
-evaluateWithVars = function(page, func, vars)
+function evaluateWithVars(page, func, vars)
 {
 	var fstr = func.toString()
 	//console.log(fstr.replace("function () {", "function () {\n"+vstr))
@@ -20,7 +20,7 @@ evaluateWithVars = function(page, func, vars)
 	return page.evaluate(evalstr)
 }
 
-var insertFrames = function(url) {
+function insertFrames(url) {
 	var page = require('webpage').create();
 	page.onConsoleMessage = function (msg) { console.log(msg); };
   page.onAlert = function(msg) { console.log(msg);};

data/lib/phantom_proxy.rb

@@ -4,7 +4,7 @@ module PhantomJSProxy
 	ROOT = File.expand_path(File.dirname(__FILE__))
 	SCRIPT = ROOT+"/phantom_proxy/scripts/proxy.js"
 	CONTROL_PANEL = ROOT+"/phantom_proxy/web/control_panel.html"
-	PHANTOMJS_BIN = ROOT+'/../bin/phantomjs'
+	PHANTOMJS_BIN = ROOT+'/phantom_proxy/vendor/bin/phantomjs'
 end
 
 require PhantomJSProxy::ROOT+'/phantom_proxy/phantomjs.rb'

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: phantom_proxy
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.2.0
   prerelease: 
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-04-19 00:00:00.000000000 Z
+date: 2012-05-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: thin
@@ -27,6 +27,22 @@ dependencies:
     - - ! '>='
       - !ruby/object:Gem::Version
         version: 1.3.1
+- !ruby/object:Gem::Dependency
+  name: ruby-hmac
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 0.4.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 0.4.0
 description: This is a phyntonjs Proxy it allows you to fetch webpages and execute
   javascript in them.
 email: suddani@googlemail.com
@@ -42,8 +58,8 @@ files:
 - lib/phantom_proxy/scripts/proxy.js
 - lib/phantom_proxy/config.ru
 - lib/phantom_proxy/web/control_panel.html
+- lib/phantom_proxy/vendor/bin/phantomjs
 - bin/phantom_proxy
-- bin/phantomjs
 - README.rdoc
 - Gemfile
 homepage: http://experteer.com