bdy 1.9.30 → 1.9.32-dev
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/distTs/package.json
CHANGED
|
@@ -56,7 +56,8 @@ class ServerHttp1 extends events_1.default {
|
|
|
56
56
|
req.end();
|
|
57
57
|
}
|
|
58
58
|
checkHostHeader(req, res, host) {
|
|
59
|
-
|
|
59
|
+
const headerHost = (req.headers.host || '').split(':')[0];
|
|
60
|
+
if (headerHost === host)
|
|
60
61
|
return true;
|
|
61
62
|
else {
|
|
62
63
|
res.statusCode = 421;
|
|
@@ -56,7 +56,8 @@ class ServerHttp2 extends events_1.default {
|
|
|
56
56
|
req.end();
|
|
57
57
|
}
|
|
58
58
|
checkHostHeader(req, res, host) {
|
|
59
|
-
|
|
59
|
+
const headerHost = (req.headers[':authority'] || '').split(':')[0];
|
|
60
|
+
if (headerHost === host)
|
|
60
61
|
return true;
|
|
61
62
|
else {
|
|
62
63
|
res.statusCode = 421;
|
|
@@ -121,25 +121,27 @@ class TunnelHttp extends events_1.default {
|
|
|
121
121
|
}
|
|
122
122
|
return h;
|
|
123
123
|
}
|
|
124
|
-
getClearedHeaders(headers = {}, compressionMethod) {
|
|
124
|
+
getClearedHeaders(headers = {}, compressionMethod, allowUpgrade = false) {
|
|
125
125
|
const hop = [
|
|
126
126
|
':method',
|
|
127
127
|
':path',
|
|
128
128
|
':scheme',
|
|
129
129
|
':authority',
|
|
130
130
|
':status',
|
|
131
|
-
'keep-alive',
|
|
132
131
|
'host',
|
|
133
|
-
'connection',
|
|
134
132
|
'proxy-authenticate',
|
|
135
133
|
'proxy-connection',
|
|
136
|
-
'
|
|
134
|
+
'proxy-authorization',
|
|
137
135
|
'trailer',
|
|
138
|
-
'upgrade',
|
|
139
136
|
'transfer-encoding',
|
|
140
137
|
'strict-transport-security',
|
|
141
138
|
'te',
|
|
142
139
|
];
|
|
140
|
+
if (!(allowUpgrade && headers.connection === 'Upgrade')) {
|
|
141
|
+
hop.push('upgrade');
|
|
142
|
+
hop.push('connection');
|
|
143
|
+
hop.push('keep-alive');
|
|
144
|
+
}
|
|
143
145
|
const tmp = {};
|
|
144
146
|
if (compressionMethod &&
|
|
145
147
|
compressionMethod !== utils_1.TUNNEL_COMPRESSION_METHOD_IDENTITY) {
|
|
@@ -152,6 +154,15 @@ class TunnelHttp extends events_1.default {
|
|
|
152
154
|
tmp[name] = headers[name];
|
|
153
155
|
}
|
|
154
156
|
});
|
|
157
|
+
tmp['access-control-allow-origin'] = '*';
|
|
158
|
+
if (tmp['set-cookie']) {
|
|
159
|
+
const setCookie = [];
|
|
160
|
+
const h = (this.req.headers.host || this.req.headers[':authority'] || '').split(':')[0];
|
|
161
|
+
tmp['set-cookie'].forEach((cookie) => {
|
|
162
|
+
setCookie.push(cookie.replaceAll(/([dD]omain)=[\w_\-\\.]+/ig, `$1=${h}`));
|
|
163
|
+
});
|
|
164
|
+
tmp['set-cookie'] = setCookie;
|
|
165
|
+
}
|
|
155
166
|
return tmp;
|
|
156
167
|
}
|
|
157
168
|
getPath() {
|
|
@@ -169,7 +180,7 @@ class TunnelHttp extends events_1.default {
|
|
|
169
180
|
const method = this.getMethod();
|
|
170
181
|
const path = this.getPath();
|
|
171
182
|
const headers = {
|
|
172
|
-
...this.getClearedHeaders(reqHeaders),
|
|
183
|
+
...this.getClearedHeaders(reqHeaders, null, true),
|
|
173
184
|
...this.headers,
|
|
174
185
|
...this.getRequestHeaders(false),
|
|
175
186
|
};
|
|
@@ -184,6 +195,24 @@ class TunnelHttp extends events_1.default {
|
|
|
184
195
|
headers,
|
|
185
196
|
});
|
|
186
197
|
this.logRequest = this.httpLog.newRequest(method, headers, path, utils_1.TUNNEL_IDENTIFIED_HTTP1, this.req);
|
|
198
|
+
r.on('upgrade', (proxyRes, socket) => {
|
|
199
|
+
const headers = this.getClearedHeaders(proxyRes.headers, null, true);
|
|
200
|
+
let msg = 'HTTP/1.1 101 Web Socket Protocol Handshake\r\n';
|
|
201
|
+
Object.keys(headers).forEach((k) => {
|
|
202
|
+
const v = headers[k];
|
|
203
|
+
if (Array.isArray(v)) {
|
|
204
|
+
v.forEach((vv) => {
|
|
205
|
+
msg += `${k}: ${vv}\r\n`;
|
|
206
|
+
});
|
|
207
|
+
}
|
|
208
|
+
else {
|
|
209
|
+
msg += `${k}: ${v}\r\n`;
|
|
210
|
+
}
|
|
211
|
+
});
|
|
212
|
+
msg += '\r\n';
|
|
213
|
+
this.req.socket.write(msg);
|
|
214
|
+
this.req.socket.pipe(socket).pipe(this.req.socket);
|
|
215
|
+
});
|
|
187
216
|
r.on('response', (proxyRes) => {
|
|
188
217
|
this.proxyRes = proxyRes;
|
|
189
218
|
const statusCode = this.proxyRes.statusCode;
|
|
@@ -209,7 +238,7 @@ class TunnelHttp extends events_1.default {
|
|
|
209
238
|
const reqHeaders = this.req.headers;
|
|
210
239
|
const method = this.getMethod();
|
|
211
240
|
const headers = {
|
|
212
|
-
...this.getClearedHeaders(reqHeaders),
|
|
241
|
+
...this.getClearedHeaders(reqHeaders, null, true),
|
|
213
242
|
...this.headers,
|
|
214
243
|
...this.getRequestHeaders(false),
|
|
215
244
|
};
|
|
@@ -226,6 +255,24 @@ class TunnelHttp extends events_1.default {
|
|
|
226
255
|
headers,
|
|
227
256
|
});
|
|
228
257
|
this.logRequest = this.httpLog.newRequest(method, headers, path, utils_1.TUNNEL_IDENTIFIED_HTTP1, this.req);
|
|
258
|
+
r.on('upgrade', (proxyRes, socket) => {
|
|
259
|
+
const headers = this.getClearedHeaders(proxyRes.headers, null, true);
|
|
260
|
+
let msg = 'HTTP/1.1 101 Web Socket Protocol Handshake\r\n';
|
|
261
|
+
Object.keys(headers).forEach((k) => {
|
|
262
|
+
const v = headers[k];
|
|
263
|
+
if (Array.isArray(v)) {
|
|
264
|
+
v.forEach((vv) => {
|
|
265
|
+
msg += `${k}: ${vv}\r\n`;
|
|
266
|
+
});
|
|
267
|
+
}
|
|
268
|
+
else {
|
|
269
|
+
msg += `${k}: ${v}\r\n`;
|
|
270
|
+
}
|
|
271
|
+
});
|
|
272
|
+
msg += '\r\n';
|
|
273
|
+
this.req.socket.write(msg);
|
|
274
|
+
this.req.socket.pipe(socket).pipe(this.req.socket);
|
|
275
|
+
});
|
|
229
276
|
r.on('response', (proxyRes) => {
|
|
230
277
|
this.proxyRes = proxyRes;
|
|
231
278
|
const statusCode = this.proxyRes.statusCode;
|