@xuda.io/xuda-worker-bundle-min 1.3.1513 → 1.3.1514
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/index.js +141 -5
- package/package.json +1 -1
package/index.js
CHANGED
|
@@ -8459,7 +8459,7 @@ func.expression.parse = function (input) {
|
|
|
8459
8459
|
return segments;
|
|
8460
8460
|
};
|
|
8461
8461
|
|
|
8462
|
-
func.expression.
|
|
8462
|
+
func.expression.get_property_org = async function (valP) {
|
|
8463
8463
|
async function secure_eval(val) {
|
|
8464
8464
|
if (typeof IS_PROCESS_SERVER === 'undefined') {
|
|
8465
8465
|
try {
|
|
@@ -8497,21 +8497,73 @@ func.expression.get_property = async function (valP) {
|
|
|
8497
8497
|
property2: property2,
|
|
8498
8498
|
};
|
|
8499
8499
|
};
|
|
8500
|
-
|
|
8500
|
+
|
|
8501
|
+
func.expression.get_property = async function (valP) {
|
|
8502
|
+
if (typeof valP !== 'string') return { property1: undefined, property2: undefined };
|
|
8503
|
+
|
|
8504
|
+
const secureEval = async (expr) => {
|
|
8505
|
+
if (typeof IS_PROCESS_SERVER === 'undefined') {
|
|
8506
|
+
try {
|
|
8507
|
+
return eval(expr);
|
|
8508
|
+
} catch (err) {
|
|
8509
|
+
console.error(err);
|
|
8510
|
+
return undefined;
|
|
8511
|
+
}
|
|
8512
|
+
}
|
|
8513
|
+
try {
|
|
8514
|
+
const vm = new VM.VM({
|
|
8515
|
+
sandbox: {
|
|
8516
|
+
func,
|
|
8517
|
+
SESSION_ID,
|
|
8518
|
+
SESSION_OBJ: { [SESSION_ID]: SESSION_OBJ[SESSION_ID] },
|
|
8519
|
+
},
|
|
8520
|
+
timeout: 1000,
|
|
8521
|
+
allowAsync: false,
|
|
8522
|
+
});
|
|
8523
|
+
return await vm.run(expr);
|
|
8524
|
+
} catch {
|
|
8525
|
+
return undefined; // Simplified error handling
|
|
8526
|
+
}
|
|
8527
|
+
};
|
|
8528
|
+
|
|
8529
|
+
let property1, property2;
|
|
8530
|
+
const bracketStart = valP.indexOf('[');
|
|
8531
|
+
const bracketEnd = valP.indexOf(']');
|
|
8532
|
+
|
|
8533
|
+
if (bracketStart > -1 && bracketEnd > bracketStart) {
|
|
8534
|
+
const expr = valP.slice(bracketStart + 1, bracketEnd);
|
|
8535
|
+
property1 = await secureEval(expr);
|
|
8536
|
+
}
|
|
8537
|
+
|
|
8538
|
+
const dotIndex = valP.indexOf('.');
|
|
8539
|
+
if (dotIndex > -1) {
|
|
8540
|
+
property2 = valP.slice(dotIndex + 1);
|
|
8541
|
+
}
|
|
8542
|
+
|
|
8543
|
+
return { property1, property2 };
|
|
8544
|
+
};
|
|
8545
|
+
|
|
8546
|
+
func.expression.validate_constant_org = function (valP) {
|
|
8501
8547
|
var patt = /["']/;
|
|
8502
8548
|
if (typeof valP === 'string' && patt.test(valP.substr(0, 1)) && patt.test(valP.substr(0, valP.length - 1))) return true;
|
|
8503
8549
|
else return false;
|
|
8504
8550
|
};
|
|
8505
|
-
func.expression.
|
|
8551
|
+
func.expression.validate_variables_org = function (valP) {
|
|
8506
8552
|
if (typeof valP === 'string' && valP.indexOf('@') > -1) return true;
|
|
8507
8553
|
else return false;
|
|
8508
8554
|
};
|
|
8509
|
-
func.expression.
|
|
8555
|
+
func.expression.remove_quotes_org = function (valP) {
|
|
8510
8556
|
if (func.expression.validate_constant(valP)) return valP.substr(1, valP.length - 2);
|
|
8511
8557
|
else return valP;
|
|
8512
8558
|
};
|
|
8513
8559
|
|
|
8514
|
-
func.expression.
|
|
8560
|
+
func.expression.validate_constant = (valP) => typeof valP === 'string' && /^["'].*["']$/.test(valP);
|
|
8561
|
+
|
|
8562
|
+
func.expression.validate_variables = (valP) => typeof valP === 'string' && valP.includes('@');
|
|
8563
|
+
|
|
8564
|
+
func.expression.remove_quotes = (valP) => (func.expression.validate_constant(valP) && typeof valP === 'string' ? valP.slice(1, -1) : valP);
|
|
8565
|
+
|
|
8566
|
+
func.expression.secure_eval_org = async function (SESSION_ID, sourceP, val, job_id, dsSessionP, js_script_callback, evt) {
|
|
8515
8567
|
const api_utils = await func.common.get_module(SESSION_ID, 'xuda-api-library.mjs', {
|
|
8516
8568
|
func,
|
|
8517
8569
|
glb,
|
|
@@ -8612,3 +8664,87 @@ func.expression.secure_eval = async function (SESSION_ID, sourceP, val, job_id,
|
|
|
8612
8664
|
}
|
|
8613
8665
|
}
|
|
8614
8666
|
};
|
|
8667
|
+
|
|
8668
|
+
func.expression.secure_eval = async function (SESSION_ID, sourceP, val, job_id, dsSessionP, js_script_callback, evt) {
|
|
8669
|
+
if (typeof val !== 'string') return val;
|
|
8670
|
+
|
|
8671
|
+
const xu = await func.common.get_module(SESSION_ID, 'xuda-api-library.mjs', {
|
|
8672
|
+
func,
|
|
8673
|
+
glb,
|
|
8674
|
+
SESSION_OBJ,
|
|
8675
|
+
SESSION_ID,
|
|
8676
|
+
APP_OBJ,
|
|
8677
|
+
dsSession: dsSessionP,
|
|
8678
|
+
job_id,
|
|
8679
|
+
});
|
|
8680
|
+
|
|
8681
|
+
const isServer = typeof IS_PROCESS_SERVER !== 'undefined' || typeof IS_DOCKER !== 'undefined';
|
|
8682
|
+
|
|
8683
|
+
// Client-side execution
|
|
8684
|
+
if (!isServer) {
|
|
8685
|
+
try {
|
|
8686
|
+
return eval(val);
|
|
8687
|
+
} catch {
|
|
8688
|
+
try {
|
|
8689
|
+
return JSON5.parse(val);
|
|
8690
|
+
} catch {
|
|
8691
|
+
return val;
|
|
8692
|
+
}
|
|
8693
|
+
}
|
|
8694
|
+
}
|
|
8695
|
+
|
|
8696
|
+
// Server-side execution
|
|
8697
|
+
const sandbox = {
|
|
8698
|
+
func,
|
|
8699
|
+
xu,
|
|
8700
|
+
SESSION_ID,
|
|
8701
|
+
SESSION_OBJ: { [SESSION_ID]: SESSION_OBJ[SESSION_ID] },
|
|
8702
|
+
callback: js_script_callback,
|
|
8703
|
+
job_id,
|
|
8704
|
+
...(sourceP === 'javascript' ? { axios, got, FormData } : {}),
|
|
8705
|
+
};
|
|
8706
|
+
|
|
8707
|
+
const handleError = (err) => {
|
|
8708
|
+
console.error('Execution error:', err);
|
|
8709
|
+
func.events.delete_job(SESSION_ID, job_id);
|
|
8710
|
+
if (isServer && !SESSION_OBJ[SESSION_ID].crawler) {
|
|
8711
|
+
if (sourceP === 'javascript') {
|
|
8712
|
+
__.rpi.write_log(SESSION_OBJ[SESSION_ID].app_id, 'error', 'worker', 'vm error', err, null, val, 'func.expression.get.secure_eval');
|
|
8713
|
+
} else {
|
|
8714
|
+
__.db.add_error_log(SESSION_OBJ[SESSION_ID].app_id, 'api', err);
|
|
8715
|
+
}
|
|
8716
|
+
}
|
|
8717
|
+
return val; // Fallback to original value
|
|
8718
|
+
};
|
|
8719
|
+
|
|
8720
|
+
if (sourceP === 'javascript') {
|
|
8721
|
+
process.on('uncaughtException', handleError);
|
|
8722
|
+
try {
|
|
8723
|
+
const dir = path.join(_conf.studio_drive_path, SESSION_OBJ[SESSION_ID].app_id, 'node_modules');
|
|
8724
|
+
const script = new VM.VMScript(`try { ${val} } catch (e) { func.api.error(SESSION_ID, "nodejs error", e); console.error(e); func.events.delete_job(SESSION_ID, "${job_id}"); }`, { filename: dir, dirname: dir });
|
|
8725
|
+
const vm = new VM.NodeVM({
|
|
8726
|
+
require: { external: true },
|
|
8727
|
+
sandbox,
|
|
8728
|
+
timeout: 60000,
|
|
8729
|
+
});
|
|
8730
|
+
return await vm.run(script, { filename: dir, dirname: dir });
|
|
8731
|
+
} catch (err) {
|
|
8732
|
+
return handleError(err);
|
|
8733
|
+
}
|
|
8734
|
+
}
|
|
8735
|
+
|
|
8736
|
+
try {
|
|
8737
|
+
const vm = new VM.VM({
|
|
8738
|
+
sandbox,
|
|
8739
|
+
timeout: 1000,
|
|
8740
|
+
allowAsync: false,
|
|
8741
|
+
});
|
|
8742
|
+
return await vm.run(val);
|
|
8743
|
+
} catch {
|
|
8744
|
+
try {
|
|
8745
|
+
return JSON5.parse(val);
|
|
8746
|
+
} catch {
|
|
8747
|
+
return val;
|
|
8748
|
+
}
|
|
8749
|
+
}
|
|
8750
|
+
};
|