@dongdev/fca-unofficial 3.0.30 → 4.0.0

package/src/utils/headers.js

@@ -1,115 +0,0 @@
-"use strict";
-
-// Sanitize header value to remove invalid characters
-function sanitizeHeaderValue(value) {
-  if (value === null || value === undefined) return "";
-  let str = String(value);
-
-  // Remove array-like strings (e.g., "["performAutoLogin"]")
-  // This handles cases where arrays were accidentally stringified
-  if (str.trim().startsWith("[") && str.trim().endsWith("]")) {
-    // Try to detect if it's a stringified array and remove it
-    try {
-      const parsed = JSON.parse(str);
-      if (Array.isArray(parsed)) {
-        // If it's an array, return empty string (invalid header value)
-        return "";
-      }
-    } catch {
-      // Not valid JSON, continue with normal sanitization
-    }
-  }
-
-  // Remove invalid characters for HTTP headers:
-  // - Control characters (0x00-0x1F, except HTAB 0x09)
-  // - DEL character (0x7F)
-  // - Newlines and carriage returns
-  // - Square brackets (often indicate array stringification issues)
-  str = str.replace(/[\x00-\x08\x0B-\x0C\x0E-\x1F\x7F\r\n\[\]]/g, "").trim();
-
-  return str;
-}
-
-// Sanitize header name to ensure it's valid
-function sanitizeHeaderName(name) {
-  if (!name || typeof name !== "string") return "";
-  // Remove invalid characters for HTTP header names
-  return name.replace(/[^\x21-\x7E]/g, "").trim();
-}
-
-function getHeaders(url, options, ctx, customHeader) {
-  const u = new URL(url);
-  const ua = options?.userAgent || "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36";
-  const referer = options?.referer || "https://www.facebook.com/";
-  const origin = referer.replace(/\/+$/, "");
-  const contentType = options?.contentType || "application/x-www-form-urlencoded";
-  const acceptLang = options?.acceptLanguage || "en-US,en;q=0.9,vi;q=0.8";
-  const headers = {
-    Host: sanitizeHeaderValue(u.host),
-    Origin: sanitizeHeaderValue(origin),
-    Referer: sanitizeHeaderValue(referer),
-    "User-Agent": sanitizeHeaderValue(ua),
-    Accept: "text/html,application/xhtml+xml,application/xml;q=0.9,application/json;q=0.8,*/*;q=0.7",
-    "Accept-Language": sanitizeHeaderValue(acceptLang),
-    "Accept-Encoding": "gzip, deflate, br",
-    "Content-Type": sanitizeHeaderValue(contentType),
-    Connection: "keep-alive",
-    DNT: "1",
-    "Upgrade-Insecure-Requests": "1",
-    "sec-ch-ua": "\"Chromium\";v=\"139\", \"Not;A=Brand\";v=\"24\", \"Google Chrome\";v=\"139\"",
-    "sec-ch-ua-mobile": "?0",
-    "sec-ch-ua-platform": "\"Windows\"",
-    "sec-ch-ua-arch": "\"x86\"",
-    "sec-ch-ua-bitness": "\"64\"",
-    "sec-ch-ua-full-version-list": "\"Chromium\";v=\"139.0.0.0\", \"Not;A=Brand\";v=\"24.0.0.0\", \"Google Chrome\";v=\"139.0.0.0\"",
-    "sec-ch-ua-platform-version": "\"15.0.0\"",
-    "Sec-Fetch-Site": "same-origin",
-    "Sec-Fetch-Mode": "cors",
-    "Sec-Fetch-Dest": "empty",
-    "X-Requested-With": "XMLHttpRequest",
-    Pragma: "no-cache",
-    "Cache-Control": "no-cache"
-  };
-  if (ctx?.region) {
-    const regionValue = sanitizeHeaderValue(ctx.region);
-    if (regionValue) headers["X-MSGR-Region"] = regionValue;
-  }
-  if (customHeader && typeof customHeader === "object") {
-    // Filter customHeader to only include valid HTTP header values (strings, numbers, booleans)
-    // Exclude functions, objects, arrays, and other non-serializable values
-    for (const [key, value] of Object.entries(customHeader)) {
-      // Skip null, undefined, functions, objects, and arrays
-      if (value === null || value === undefined || typeof value === "function") {
-        continue;
-      }
-      if (typeof value === "object") {
-        // Arrays are objects in JavaScript, so check for arrays explicitly
-        if (Array.isArray(value)) {
-          continue;
-        }
-        // Skip plain objects (but allow null which is already handled above)
-        continue;
-      }
-      // Only allow strings, numbers, and booleans - convert to string and sanitize
-      if (typeof value === "string" || typeof value === "number" || typeof value === "boolean") {
-        const sanitizedKey = sanitizeHeaderName(key);
-        const sanitizedValue = sanitizeHeaderValue(value);
-        if (sanitizedKey && sanitizedValue !== "") {
-          headers[sanitizedKey] = sanitizedValue;
-        }
-      }
-    }
-  }
-  // Final pass: sanitize all header values to ensure no invalid characters
-  const sanitizedHeaders = {};
-  for (const [key, value] of Object.entries(headers)) {
-    const sanitizedKey = sanitizeHeaderName(key);
-    const sanitizedValue = sanitizeHeaderValue(value);
-    if (sanitizedKey && sanitizedValue !== "") {
-      sanitizedHeaders[sanitizedKey] = sanitizedValue;
-    }
-  }
-  return sanitizedHeaders;
-}
-
-module.exports = { getHeaders };

package/src/utils/loginParser.js

@@ -1,365 +0,0 @@
-"use strict";
-
-const logger = require("../../func/logger");
-
-function cleanXssi(t) {
-  if (t == null) return "";
-  let s = String(t);
-  s = s.replace(/^[\uFEFF\xEF\xBB\xBF]+/, "");
-  s = s.replace(/^\)\]\}',?\s*/, "");
-  s = s.replace(/^\s*for\s*\(;;\);\s*/i, "");
-  return s;
-}
-
-function makeParsable(html) {
-  const raw = cleanXssi(String(html || ""));
-  const split = raw.split(/\}\r?\n\s*\{/);
-  if (split.length === 1) return raw;
-  return "[" + split.join("},{") + "]";
-}
-
-function parseAndCheckLogin(ctx, http, retryCount = 0) {
-  const delay = ms => new Promise(r => setTimeout(r, ms));
-  const emit = (event, payload) => {
-    try {
-      if (ctx && ctx._emitter && typeof ctx._emitter.emit === "function") {
-        ctx._emitter.emit(event, payload);
-      }
-    } catch { }
-  };
-  const headerOf = (headers, name) => {
-    if (!headers) return;
-    const k = Object.keys(headers).find(k => k.toLowerCase() === name.toLowerCase());
-    return k ? headers[k] : undefined;
-  };
-  const buildUrl = cfg => {
-    try {
-      return cfg?.baseURL
-        ? new URL(cfg.url || "/", cfg.baseURL).toString()
-        : cfg?.url || "";
-    } catch {
-      return cfg?.url || "";
-    }
-  };
-
-  const formatCookie = (arr, service) => {
-    const n = String(arr?.[0] || "");
-    const v = String(arr?.[1] || "");
-    return `${n}=${v}; Domain=.${service}.com; Path=/; Secure`;
-  };
-
-  const maybeAutoLogin = async (resData, resConfig) => {
-    // Prevent infinite loop if auto login is already in progress
-    if (ctx.auto_login) {
-      const e = new Error("Not logged in. Auto login already in progress.");
-      e.error = "Not logged in.";
-      e.res = resData;
-      throw e;
-    }
-    // Check if performAutoLogin function exists
-    if (typeof ctx.performAutoLogin !== "function") {
-      const e = new Error("Not logged in. Auto login function not available.");
-      e.error = "Not logged in.";
-      e.res = resData;
-      throw e;
-    }
-    // Set flag to prevent concurrent auto login attempts
-    ctx.auto_login = true;
-    logger("Login session expired, attempting auto login...", "warn");
-    emit("sessionExpired", { res: resData });
-
-    try {
-      const ok = await ctx.performAutoLogin();
-      if (ok) {
-        logger("Auto login successful! Retrying request...", "info");
-        emit("autoLoginSuccess", { res: resData });
-        ctx.auto_login = false;
-
-        // After successful auto login, retry the original request
-        if (resConfig) {
-          const url = buildUrl(resConfig);
-          const method = String(resConfig?.method || "GET").toUpperCase();
-          const ctype = String(headerOf(resConfig?.headers, "content-type") || "").toLowerCase();
-          const isMultipart = ctype.includes("multipart/form-data");
-          const payload = resConfig?.data;
-          const params = resConfig?.params;
-
-          try {
-            let newData;
-            if (method === "GET") {
-              newData = await http.get(url, ctx.jar, params || null, ctx.globalOptions, ctx);
-            } else if (isMultipart) {
-              newData = await http.postFormData(url, ctx.jar, payload, params, ctx.globalOptions, ctx);
-            } else {
-              newData = await http.post(url, ctx.jar, payload, ctx.globalOptions, ctx);
-            }
-            // Retry parsing with the new response
-            return await parseAndCheckLogin(ctx, http, retryCount)(newData);
-          } catch (retryErr) {
-            // Handle ERR_INVALID_CHAR - don't retry, return error immediately
-            if (
-              retryErr?.code === "ERR_INVALID_CHAR" ||
-              (retryErr?.message && retryErr.message.includes("Invalid character in header"))
-            ) {
-              logger(
-                `Auto login retry failed: Invalid header detected. Error: ${retryErr.message}`,
-                "error"
-              );
-              const e = new Error("Not logged in. Auto login retry failed due to invalid header.");
-              e.error = "Not logged in.";
-              e.res = resData;
-              e.originalError = retryErr;
-              throw e;
-            }
-            logger(
-              `Auto login retry failed: ${
-                retryErr && retryErr.message ? retryErr.message : String(retryErr)
-              }`,
-              "error"
-            );
-            const e = new Error("Not logged in. Auto login retry failed.");
-            e.error = "Not logged in.";
-            e.res = resData;
-            e.originalError = retryErr;
-            throw e;
-          }
-        } else {
-          // No config available, can't retry
-          const e = new Error(
-            "Not logged in. Auto login successful but cannot retry request."
-          );
-          e.error = "Not logged in.";
-          e.res = resData;
-          throw e;
-        }
-      } else {
-        ctx.auto_login = false;
-        const e = new Error("Not logged in. Auto login failed.");
-        e.error = "Not logged in.";
-        e.res = resData;
-        emit("autoLoginFailed", { error: e, res: resData });
-        throw e;
-      }
-    } catch (autoLoginErr) {
-      ctx.auto_login = false;
-      // If error already has the right format, rethrow it
-      if (autoLoginErr.error === "Not logged in.") {
-        throw autoLoginErr;
-      }
-      // Otherwise, wrap it
-      logger(
-        `Auto login error: ${
-          autoLoginErr && autoLoginErr.message ? autoLoginErr.message : String(autoLoginErr)
-        }`,
-        "error"
-      );
-      const e = new Error("Not logged in. Auto login error.");
-      e.error = "Not logged in.";
-      e.res = resData;
-      e.originalError = autoLoginErr;
-      emit("autoLoginFailed", { error: e, res: resData });
-      throw e;
-    }
-  };
-
-  return async res => {
-    const status = res?.status ?? 0;
-    if (status >= 500 && status < 600) {
-      if (retryCount >= 5) {
-        const err = new Error(
-          "Request retry failed. Check the `res` and `statusCode` property on this error."
-        );
-        err.statusCode = status;
-        err.res = res?.data;
-        err.error =
-          "Request retry failed. Check the `res` and `statusCode` property on this error.";
-        logger(`parseAndCheckLogin: Max retries (5) reached for status ${status}`, "error");
-        throw err;
-      }
-      const baseDelay = retryCount === 0 ? 1500 : 1000 * Math.pow(2, retryCount);
-      const jitter = Math.floor(Math.random() * 200); // 0-199ms jitter
-      const retryTime = Math.min(
-        baseDelay + jitter,
-        10000 // Max 10 seconds
-      );
-      const method = String(res?.config?.method || "GET").toUpperCase();
-      const url = buildUrl(res?.config);
-      logger(
-        `parseAndCheckLogin: [${method}] ${url || "(no url)"} -> Retrying request (attempt ${
-          retryCount + 1
-        }/5) after ${retryTime}ms for status ${status}`,
-        "warn"
-      );
-      await delay(retryTime);
-      const ctype = String(
-        headerOf(res?.config?.headers, "content-type") || ""
-      ).toLowerCase();
-      const isMultipart = ctype.includes("multipart/form-data");
-      const payload = res?.config?.data;
-      const params = res?.config?.params;
-      retryCount += 1;
-      try {
-        if (method === "GET") {
-          const newData = await http.get(url, ctx.jar, params || null, ctx.globalOptions, ctx);
-          return await parseAndCheckLogin(ctx, http, retryCount)(newData);
-        }
-        if (isMultipart) {
-          const newData = await http.postFormData(
-            url,
-            ctx.jar,
-            payload,
-            params,
-            ctx.globalOptions,
-            ctx
-          );
-          return await parseAndCheckLogin(ctx, http, retryCount)(newData);
-        } else {
-          const newData = await http.post(url, ctx.jar, payload, ctx.globalOptions, ctx);
-          return await parseAndCheckLogin(ctx, http, retryCount)(newData);
-        }
-      } catch (retryErr) {
-        // Handle ERR_INVALID_CHAR - don't retry, return error immediately
-        if (
-          retryErr?.code === "ERR_INVALID_CHAR" ||
-          (retryErr?.message && retryErr.message.includes("Invalid character in header"))
-        ) {
-          logger(
-            `parseAndCheckLogin: Invalid header detected, aborting retry. Error: ${retryErr.message}`,
-            "error"
-          );
-          const err = new Error(
-            "Invalid header content detected. Request aborted to prevent crash."
-          );
-          err.error = "Invalid header content";
-          err.statusCode = status;
-          err.res = res?.data;
-          err.originalError = retryErr;
-          throw err;
-        }
-        // If max retries reached, return error instead of throwing to prevent crash
-        if (retryCount >= 5) {
-          logger(
-            `parseAndCheckLogin: Max retries reached, returning error instead of crashing`,
-            "error"
-          );
-          const err = new Error(
-            "Request retry failed after 5 attempts. Check the `res` and `statusCode` property on this error."
-          );
-          err.statusCode = status;
-          err.res = res?.data;
-          err.error = "Request retry failed after 5 attempts";
-          err.originalError = retryErr;
-          throw err;
-        }
-        // Continue retry loop
-        return await parseAndCheckLogin(ctx, http, retryCount)(res);
-      }
-    }
-    if (status === 404) return;
-    if (status !== 200) {
-      const err = new Error(
-        "parseAndCheckLogin got status code: " +
-          status +
-          ". Bailing out of trying to parse response."
-      );
-      err.statusCode = status;
-      err.res = res?.data;
-      throw err;
-    }
-    const resBodyRaw = res?.data;
-    const body = typeof resBodyRaw === "string" ? makeParsable(resBodyRaw) : resBodyRaw;
-    let parsed;
-    try {
-      parsed = typeof body === "object" && body !== null ? body : JSON.parse(body);
-    } catch (e) {
-      const err = new Error("JSON.parse error. Check the `detail` property on this error.");
-      err.error = "JSON.parse error. Check the `detail` property on this error.";
-      err.detail = e;
-      err.res = resBodyRaw;
-      throw err;
-    }
-    const method = String(res?.config?.method || "GET").toUpperCase();
-    if (parsed?.redirect && method === "GET") {
-      const redirectRes = await http.get(parsed.redirect, ctx.jar, null, ctx.globalOptions, ctx);
-      return await parseAndCheckLogin(ctx, http)(redirectRes);
-    }
-    if (
-      parsed?.jsmods &&
-      parsed.jsmods.require &&
-      Array.isArray(parsed.jsmods.require[0]) &&
-      parsed.jsmods.require[0][0] === "Cookie"
-    ) {
-      parsed.jsmods.require[0][3][0] = String(parsed.jsmods.require[0][3][0] || "").replace(
-        "_js_",
-        ""
-      );
-      const requireCookie = parsed.jsmods.require[0][3];
-      await ctx.jar.setCookie(
-        formatCookie(requireCookie, "facebook"),
-        "https://www.facebook.com"
-      );
-      await ctx.jar.setCookie(
-        formatCookie(requireCookie, "messenger"),
-        "https://www.messenger.com"
-      );
-    }
-    if (parsed?.jsmods && Array.isArray(parsed.jsmods.require)) {
-      for (const item of parsed.jsmods.require) {
-        if (item[0] === "DTSG" && item[1] === "setToken") {
-          ctx.fb_dtsg = item[3][0];
-          ctx.ttstamp = "2";
-          for (let j = 0; j < ctx.fb_dtsg.length; j++) ctx.ttstamp += ctx.fb_dtsg.charCodeAt(j);
-          break;
-        }
-      }
-    }
-    if (parsed?.error === 1357001) {
-      const err = new Error("Facebook blocked the login");
-      err.error = "login_blocked";
-      err.res = parsed;
-      emit("loginBlocked", { res: parsed });
-      throw err;
-    }
-    const resData = parsed;
-    const resStr = JSON.stringify(resData);
-    if (
-      resStr.includes("XCheckpointFBScrapingWarningController") ||
-      resStr.includes("601051028565049")
-    ) {
-      emit("checkpoint", { type: "scraping_warning", res: resData });
-      return await maybeAutoLogin(resData, res?.config);
-    }
-    if (
-      resStr.includes("https://www.facebook.com/login.php?") ||
-      String(parsed?.redirect || "").includes("login.php?")
-    ) {
-      return await maybeAutoLogin(resData, res?.config);
-    }
-    if (resStr.includes("1501092823525282")) {
-      logger("Bot checkpoint 282 detected, please check the account!", "error");
-      const err = new Error("Checkpoint 282 detected");
-      err.error = "checkpoint_282";
-      err.res = resData;
-      emit("checkpoint", { type: "282", res: resData });
-      emit("checkpoint_282", { res: resData });
-      throw err;
-    }
-    if (resStr.includes("828281030927956")) {
-      logger("Bot checkpoint 956 detected, please check the account!", "error");
-      const err = new Error("Checkpoint 956 detected");
-      err.error = "checkpoint_956";
-      err.res = resData;
-      emit("checkpoint", { type: "956", res: resData });
-      emit("checkpoint_956", { res: resData });
-      throw err;
-    }
-    return parsed;
-  };
-}
-
-module.exports = {
-  parseAndCheckLogin,
-  cleanXssi,
-  makeParsable
-};
-