aicodeswitch 2.0.4 → 2.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +2 -0
- package/dist/server/proxy-server.js +31 -5
- package/package.json +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -1127,14 +1127,40 @@ class ProxyServer {
|
|
|
1127
1127
|
}
|
|
1128
1128
|
});
|
|
1129
1129
|
}
|
|
1130
|
+
/**
|
|
1131
|
+
* 对敏感的 header 值进行脱敏处理
|
|
1132
|
+
* @param key header 键(小写)
|
|
1133
|
+
* @param value header 值
|
|
1134
|
+
* @returns 脱敏后的值,如果 header 是敏感的则返回 32 个 *
|
|
1135
|
+
*/
|
|
1136
|
+
sanitizeHeaderValue(key, value) {
|
|
1137
|
+
// 需要脱敏的敏感 header 列表(不区分大小写)
|
|
1138
|
+
const sensitiveHeaders = [
|
|
1139
|
+
'authorization', // Bearer token
|
|
1140
|
+
'x-api-key', // API key
|
|
1141
|
+
'api-key', // API key
|
|
1142
|
+
'apikey', // API key
|
|
1143
|
+
'x-openai-api-key', // OpenAI API key
|
|
1144
|
+
'openai-api-key', // OpenAI API key
|
|
1145
|
+
'anthropic-api-key', // Anthropic API key
|
|
1146
|
+
'access-token', // Access token
|
|
1147
|
+
'x-anthropic-api-key', // Anthropic API key
|
|
1148
|
+
'refresh-token', // Refresh token
|
|
1149
|
+
];
|
|
1150
|
+
// 检查是否是敏感 header
|
|
1151
|
+
if (sensitiveHeaders.includes(key)) {
|
|
1152
|
+
return '********************************';
|
|
1153
|
+
}
|
|
1154
|
+
return value;
|
|
1155
|
+
}
|
|
1130
1156
|
normalizeHeaders(headers) {
|
|
1131
1157
|
const normalized = {};
|
|
1132
1158
|
for (const [key, value] of Object.entries(headers)) {
|
|
1133
1159
|
if (typeof value === 'string') {
|
|
1134
|
-
normalized[key] = value;
|
|
1160
|
+
normalized[key] = this.sanitizeHeaderValue(key.toLowerCase(), value);
|
|
1135
1161
|
}
|
|
1136
1162
|
else if (Array.isArray(value)) {
|
|
1137
|
-
normalized[key] = value.join(', ');
|
|
1163
|
+
normalized[key] = this.sanitizeHeaderValue(key.toLowerCase(), value.join(', '));
|
|
1138
1164
|
}
|
|
1139
1165
|
}
|
|
1140
1166
|
return normalized;
|
|
@@ -1144,13 +1170,13 @@ class ProxyServer {
|
|
|
1144
1170
|
for (const [key, value] of Object.entries(headers)) {
|
|
1145
1171
|
if (value !== null && value !== undefined) {
|
|
1146
1172
|
if (typeof value === 'string') {
|
|
1147
|
-
normalized[key] = value;
|
|
1173
|
+
normalized[key] = this.sanitizeHeaderValue(key.toLowerCase(), value);
|
|
1148
1174
|
}
|
|
1149
1175
|
else if (Array.isArray(value)) {
|
|
1150
|
-
normalized[key] = value.join(', ');
|
|
1176
|
+
normalized[key] = this.sanitizeHeaderValue(key.toLowerCase(), value.join(', '));
|
|
1151
1177
|
}
|
|
1152
1178
|
else {
|
|
1153
|
-
normalized[key] = String(value);
|
|
1179
|
+
normalized[key] = this.sanitizeHeaderValue(key.toLowerCase(), String(value));
|
|
1154
1180
|
}
|
|
1155
1181
|
}
|
|
1156
1182
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "aicodeswitch",
|
|
3
|
-
"version": "2.0.
|
|
3
|
+
"version": "2.0.5",
|
|
4
4
|
"description": "A tool to help you manage AI programming tools to access large language models locally. It allows your Claude Code, Codex and other tools to no longer be limited to official models.",
|
|
5
5
|
"author": "tangshuang",
|
|
6
6
|
"license": "GPL-3.0",
|