@solongate/proxy 0.23.0 → 0.23.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +31 -9
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -4729,7 +4729,7 @@ var init_stage1_rules2 = __esm3({
|
|
|
4729
4729
|
patterns: [
|
|
4730
4730
|
/\bignore\s+(all\s+)?(previous|prior|above|earlier)\s+(instructions?|prompts?|rules?|directives?)\b/i,
|
|
4731
4731
|
/\bdisregard\s+(all\s+)?(previous|prior|above|earlier|your)\s+(instructions?|prompts?|rules?|guidelines?)\b/i,
|
|
4732
|
-
/\bforget\s+(all\s+)?(your|the|previous|prior)\
|
|
4732
|
+
/\bforget\s+(all\s+|everything\s+)?(your|the|previous|prior|above|earlier)\b/i,
|
|
4733
4733
|
/\boverride\s+(the\s+)?(system|previous|current)\s+(prompt|instructions?|rules?|settings?)\b/i,
|
|
4734
4734
|
/\bdo\s+not\s+follow\s+(your|the|any)\s+(instructions?|rules?|guidelines?)\b/i,
|
|
4735
4735
|
/\bcancel\s+(all\s+)?(prior|previous)\s+(directives?|instructions?)\b/i,
|
|
@@ -4788,13 +4788,13 @@ var init_stage1_rules2 = __esm3({
|
|
|
4788
4788
|
name: "multi_language",
|
|
4789
4789
|
weight: 0.7,
|
|
4790
4790
|
patterns: [
|
|
4791
|
-
|
|
4792
|
-
|
|
4793
|
-
|
|
4794
|
-
|
|
4795
|
-
|
|
4796
|
-
|
|
4797
|
-
|
|
4791
|
+
/ignor(iere|a|e[zs]?)\s+(alle|todas?|toutes?|tüm|все)/iu,
|
|
4792
|
+
/игнорируйте/iu,
|
|
4793
|
+
/yoksay/iu,
|
|
4794
|
+
/vorherigen?\s+Anweisungen/iu,
|
|
4795
|
+
/instrucciones\s+anteriores/iu,
|
|
4796
|
+
/instructions?\s+pr[eé]c[eé]dentes?/iu,
|
|
4797
|
+
/önceki\s+talimatlar/iu
|
|
4798
4798
|
]
|
|
4799
4799
|
}
|
|
4800
4800
|
];
|
|
@@ -5271,6 +5271,10 @@ var PATH_TRAVERSAL_PATTERNS = [
|
|
|
5271
5271
|
var SENSITIVE_PATHS = [
|
|
5272
5272
|
/\/etc\/passwd/i,
|
|
5273
5273
|
/\/etc\/shadow/i,
|
|
5274
|
+
/\/proc\/self\/environ/i,
|
|
5275
|
+
// Process environment variables
|
|
5276
|
+
/\/proc\/\d+\/environ/i,
|
|
5277
|
+
// Any process environment
|
|
5274
5278
|
/\/proc\//i,
|
|
5275
5279
|
/\/dev\//i,
|
|
5276
5280
|
/c:\\windows\\system32/i,
|
|
@@ -5332,8 +5336,26 @@ var SHELL_INJECTION_PATTERNS = [
|
|
|
5332
5336
|
// URL-encoded tab
|
|
5333
5337
|
/\r\n/,
|
|
5334
5338
|
// CRLF injection
|
|
5335
|
-
/\n
|
|
5339
|
+
/\n/,
|
|
5336
5340
|
// Newline (command separator on Unix)
|
|
5341
|
+
/\bbash\s+-c\b/i,
|
|
5342
|
+
// Subshell wrapper: bash -c
|
|
5343
|
+
/\bsh\s+-c\b/i,
|
|
5344
|
+
// Subshell wrapper: sh -c
|
|
5345
|
+
/\bzsh\s+-c\b/i,
|
|
5346
|
+
// Subshell wrapper: zsh -c
|
|
5347
|
+
/\bsource\s+/i,
|
|
5348
|
+
// Source command
|
|
5349
|
+
/\bprintenv\b/i,
|
|
5350
|
+
// Environment variable leak
|
|
5351
|
+
/\$'\\x[0-9a-f]/i,
|
|
5352
|
+
// Hex escape in bash: $'\x72\x6d'
|
|
5353
|
+
/\bxargs\b/i,
|
|
5354
|
+
// xargs chaining
|
|
5355
|
+
/\bbase64\s+-d\b/i,
|
|
5356
|
+
// Base64 decode pipe
|
|
5357
|
+
/\bxxd\s+-r\b/i
|
|
5358
|
+
// Hex decode pipe
|
|
5337
5359
|
];
|
|
5338
5360
|
function detectShellInjection(value) {
|
|
5339
5361
|
for (const pattern of SHELL_INJECTION_PATTERNS) {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@solongate/proxy",
|
|
3
|
-
"version": "0.23.
|
|
3
|
+
"version": "0.23.2",
|
|
4
4
|
"description": "MCP security proxy — protect any MCP server with customizable policies, path/command constraints, rate limiting, and audit logging. Zero code changes required.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"bin": {
|