cloudcms-server 3.2.315 → 3.2.317

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/middleware/virtual-config/virtual-config.js +12 -2
  2. package/package.json +1 -1
  3. package/server/index.js +39 -1
package/middleware/virtual-config/virtual-config.js CHANGED
@@ -345,8 +345,18 @@ exports = module.exports = function()
345
345
  {
346
346
  if (doesNotExist)
347
347
  {
348
+ console.log("BLOCK, method: " + req.method + ", url: " + req.url);
349
+ if (req.headers)
350
+ {
351
+ console.log(" -> headers: " + JSON.stringify(req.headers, null, 2));
352
+ }
353
+ if (req.query)
354
+ {
355
+ console.log(" -> query: " + JSON.stringify(req.query, null, 2));
356
+ }
357
+
348
358
  // are we being spoofed? kill the connection
349
- console.log("[BLACKLIST KILL: " + req.virtualHost + " > " + req.method + " " + req.url + "]");
359
+ res.blocked = true;
350
360
  res.writeHead(503, { 'Content-Type': 'application/json' });
351
361
  return res.end(JSON.stringify({"error": true, "message": "Bad Request."}));
352
362
  }
@@ -412,7 +422,7 @@ exports = module.exports = function()
412
422
  }
413
423
 
414
424
  // mark with sentinel (30 minutes)
415
- console.log("[BLACKLIST ADD: " + req.virtualHost + "]");
425
+ req.log("[BLACKLIST] Adding: " + req.virtualHost);
416
426
  process.driverConfigCache.write(req.virtualHost, SENTINEL_NOT_FOUND_VALUE, 30 * 60, function (err) {
417
427
  completionFunction(null, null, true);
418
428
  });
package/package.json CHANGED
@@ -6,7 +6,7 @@
6
6
  },
7
7
  "name": "cloudcms-server",
8
8
  "description": "Cloud CMS Application Server Module",
9
- "version": "3.2.315",
9
+ "version": "3.2.317",
10
10
  "repository": {
11
11
  "type": "git",
12
12
  "url": "git://github.com/gitana/cloudcms-server.git"
package/server/index.js CHANGED
@@ -992,6 +992,36 @@ var startServer = function(config, startServerFinishedFn)
992
992
 
993
993
  next();
994
994
  });
995
+
996
+ // black list
997
+ app.use(function(req, res, next) {
998
+
999
+ var kill = false;
1000
+ if (req.path.endsWith("/env"))
1001
+ {
1002
+ kill = true;
1003
+ }
1004
+
1005
+ if (kill)
1006
+ {
1007
+ console.log("KILL, method: " + req.method + ", url: " + req.url);
1008
+ if (req.headers)
1009
+ {
1010
+ console.log(" -> headers: " + JSON.stringify(req.headers, null, 2));
1011
+ }
1012
+ if (req.query)
1013
+ {
1014
+ console.log(" -> query: " + JSON.stringify(req.query, null, 2));
1015
+ }
1016
+
1017
+ // are we being spoofed? kill the connection
1018
+ res.blocked = true;
1019
+ res.writeHead(503, { 'Content-Type': 'application/json' });
1020
+ return res.end(JSON.stringify({"error": true, "message": "Bad Request."}));
1021
+ }
1022
+
1023
+ next();
1024
+ });
995
1025
 
996
1026
  // common interceptors and config
997
1027
  main.common1(app);
@@ -1023,8 +1053,16 @@ var startServer = function(config, startServerFinishedFn)
1023
1053
  requestPath = util.stripQueryStringFromUrl(requestPath);
1024
1054
  }
1025
1055
  }
1056
+
1057
+ var m = "";
1058
+ if (res.blocked)
1059
+ {
1060
+ m += "*BLOCKED* ";
1061
+ }
1062
+ m += req.method + " " + requestPath + " [" + res.statusCode + "]";
1063
+ m += " (" + time.toFixed(2) + " ms)";
1026
1064
 
1027
- req.log(req.method + " " + requestPath + " [" + res.statusCode + "] (" + time.toFixed(2) + " ms)", warn);
1065
+ req.log(m, warn);
1028
1066
  }));
1029
1067
 
1030
1068
  // set up CORS allowances