npm - stfca - Versions diffs - 1.0.27 → 1.2.27 - Mend

stfca 1.0.27 → 1.2.27

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

package/README.md +226 -2
package/checkUpdate.js +53 -49
package/index.js +151 -15
package/package.json +13 -12
package/src/OldMessage.js +2 -2
package/src/editMessage.js +14 -1
package/src/listenMqtt.js +407 -395
package/src/sendMessage.js +390 -278
package/src/sendMessageMqtt.js +0 -1
package/src/sendTypingIndicator.js +54 -45
package/src/setMessageReaction.js +25 -0
package/src/unsendMessage.js +21 -0
package/src/uploadAttachment.js +99 -77
package/utils.js +75 -13

package/src/sendMessageMqtt.js CHANGED Viewed

@@ -209,7 +209,6 @@ module.exports = function (defaultFuncs, api, ctx) {
       task.payload = JSON.stringify(task.payload);
     });
     form.payload = JSON.stringify(form.payload);
-    console.log(global.jsonStringifyColor(form, null, 2));
     return mqttClient.publish(
       "/ls_req",

package/src/sendTypingIndicator.js CHANGED Viewed

@@ -1,45 +1,54 @@
-"use strict";
-var utils = require("../utils");
-// @NethWs3Dev
-module.exports = function (defaultFuncs, api, ctx) {
-	return async function sendTypingIndicatorV2(sendTyping, threadID, callback) {
-		const mqttClient = ctx.mqttClient || global.mqttClient;
-		if (!mqttClient) {
-			if (typeof callback === 'function') callback(new Error('No MQTT client available for typing indicator'));
-			return;
-		}
-		let count_req = 0;
-		var wsContent = {
-			app_id: 2220391788200892,
-			payload: JSON.stringify({
-				label: 3,
-				payload: JSON.stringify({
-					thread_key: threadID.toString(),
-					is_group_thread: +(threadID.toString().length >= 16),
-					is_typing: +sendTyping,
-					attribution: 0
-				}),
-				version: 5849951561777440
-			}),
-			request_id: ++count_req,
-			type: 4
-		};
-		return new Promise((resolve, reject) => {
-			mqttClient.publish('/ls_req', JSON.stringify(wsContent), {}, (err, _packet) => {
-				if (err) {
-					if (typeof callback === 'function') callback(err);
-					reject(err);
-				} else {
-					if (typeof callback === 'function') callback(null, _packet);
-					resolve(_packet);
-				}
-			});
-		});
-	};
-};
+"use strict";
+var utils = require("../utils");
+// @NethWs3Dev
+module.exports = function (defaultFuncs, api, ctx) {
+	return async function sendTypingIndicatorV2(sendTyping, threadID, callback) {
+		// ── sendTypingE2EE: route E2EE typing indicator through the bridge ──────
+		if (ctx.globalOptions && ctx.globalOptions.enableE2EE) {
+			var _e2eeMod = require('../e2ee');
+			if (_e2eeMod.isE2EEChatJid(String(threadID))) {
+				return _e2eeMod.createBridge(ctx).sendTyping(threadID, sendTyping !== false)
+					.then(function (r) { if (typeof callback === 'function') callback(null, r); return r; })
+					.catch(function (e) { if (typeof callback === 'function') callback(e); });
+			}
+		}
+		// ── end sendTypingE2EE ────────────────────────────────────────────────────
+		const mqttClient = ctx.mqttClient || global.mqttClient;
+		if (!mqttClient) {
+			if (typeof callback === 'function') callback(new Error('No MQTT client available for typing indicator'));
+			return;
+		}
+		let count_req = 0;
+		var wsContent = {
+			app_id: 2220391788200892,
+			payload: JSON.stringify({
+				label: 3,
+				payload: JSON.stringify({
+					thread_key: threadID.toString(),
+					is_group_thread: +(threadID.toString().length >= 16),
+					is_typing: +sendTyping,
+					attribution: 0
+				}),
+				version: 5849951561777440
+			}),
+			request_id: ++count_req,
+			type: 4
+		};
+		return new Promise((resolve, reject) => {
+			mqttClient.publish('/ls_req', JSON.stringify(wsContent), {}, (err, _packet) => {
+				if (err) {
+					if (typeof callback === 'function') callback(err);
+					reject(err);
+				} else {
+					if (typeof callback === 'function') callback(null, _packet);
+					resolve(_packet);
+				}
+			});
+		});
+	};
+};

package/src/setMessageReaction.js CHANGED Viewed

@@ -26,6 +26,31 @@ module.exports = function (defaultFuncs, api, ctx) {
       };
     }
+    // ── sendReactionE2EE: route E2EE reactions through the bridge ─────────────
+    if (ctx.globalOptions && ctx.globalOptions.enableE2EE) {
+      var _e2eeMod = require('../e2ee');
+      var _jid = global._e2eeMessageMap && global._e2eeMessageMap.get(String(messageID));
+      if (_jid && _e2eeMod.isE2EEChatJid(_jid)) {
+        var _senderJid = (global._e2eeSenderJidMap && global._e2eeSenderJidMap.get(String(messageID))) || null;
+        // Always route through the bridge when the JID is confirmed E2EE —
+        // never fall through to the HTTP path which cannot reach E2EE threads.
+        // senderJid is required by the E2EE protocol; fall back to chatJid for DMs
+        // (in a DM the chatJid IS the other person's JID).
+        var _effectiveSender = _senderJid || _jid;
+        _e2eeMod.createBridge(ctx).sendReaction(_jid, messageID, _effectiveSender, reaction)
+          .then(function (r) { callback(null, r); resolveFunc(r); })
+          .catch(function (e) {
+            var log = require('../utils').log;
+            log.error("setMessageReaction", "E2EE sendReaction failed — jid:" + _jid +
+              " msgID:" + messageID + " sender:" + _effectiveSender + " emoji:" + reaction +
+              " err:" + (e && e.message ? e.message : String(e)));
+            callback(e); rejectFunc(e);
+          });
+        return returnPromise;
+      }
+    }
+    // ── end sendReactionE2EE ──────────────────────────────────────────────────
     switch (reaction) {
       case "\uD83D\uDE0D": //:heart_eyes:
       case "\uD83D\uDE06": //:laughing:

package/src/unsendMessage.js CHANGED Viewed

@@ -21,6 +21,27 @@ module.exports = function (defaultFuncs, api, ctx) {
       };
     }
+    // ── unsendMessageE2EE: route E2EE unsend through the bridge ─────────────
+    if (ctx.globalOptions && ctx.globalOptions.enableE2EE) {
+      var _e2eeMod = require('../e2ee');
+      var _jid = global._e2eeMessageMap && global._e2eeMessageMap.get(String(messageID));
+      // Fallback: if messageID not in map but a pending JID was set externally, use it
+      if (!_jid && global._e2eePendingUnsendJid) {
+        var _pjid = global._e2eePendingUnsendJid[String(messageID)];
+        if (_pjid) {
+          _jid = _pjid;
+          delete global._e2eePendingUnsendJid[String(messageID)];
+        }
+      }
+      if (_jid && _e2eeMod.isE2EEChatJid(_jid)) {
+        _e2eeMod.createBridge(ctx).unsendMessage(_jid, messageID)
+          .then(function (r) { callback(null, r); resolveFunc(r); })
+          .catch(function (e) { callback(e); rejectFunc(e); });
+        return returnPromise;
+      }
+    }
+    // ── end unsendMessageE2EE ─────────────────────────────────────────────────
     const form = {
       message_id: messageID,
     };

package/src/uploadAttachment.js CHANGED Viewed

@@ -1,93 +1,115 @@
-const utils = require("../utils");
+"use strict";
-module.exports = function (defaultFuncs, api, ctx) {
-  function upload(attachments, callback) {
-    callback = callback || function () {};
-    const uploads = [];
+const log = require("npmlog");
+const path = require("path");
+const mime = require("mime");
+const { parseAndCheckLogin, isReadableStream, getType } = require("../utils");
-    // create an array of promises
-    for (let i = 0; i < attachments.length; i++) {
-      if (!utils.isReadableStream(attachments[i])) {
-        throw {
-          error:
-            "Attachment should be a readable stream and not " +
-            utils.getType(attachments[i]) +
-            ".",
-        };
-      }
+const UPLOAD_URL = "https://www.facebook.com/ajax/mercury/upload.php";
+function _filenameFromStream(stream, fallback) {
+    try {
+        if (stream && typeof stream.path === "string" && stream.path.length) {
+            return path.basename(stream.path);
+        }
+        if (stream && stream.path && typeof stream.path.toString === "function") {
+            return path.basename(stream.path.toString());
+        }
+    } catch (_) { }
+    return fallback || "upload.bin";
+}
-      const form = {
-        upload_1024: attachments[i],
-        voice_clip: "true",
-      };
+function _contentTypeFor(filename, stream) {
+    try {
+        if (stream && typeof stream._contentType === "string" && stream._contentType.length) {
+            return stream._contentType;
+        }
+        if (stream && stream.headers && typeof stream.headers["content-type"] === "string") {
+            return stream.headers["content-type"];
+        }
+    } catch (_) { }
+    const t = mime.getType(filename);
+    return t || "application/octet-stream";
+}
-      uploads.push(
-        defaultFuncs
-          .postFormData(
-            "https://upload.facebook.com/ajax/mercury/upload.php",
-            ctx.jar,
-            form,
-            {},
-          )
-          .then(utils.parseAndCheckLogin(ctx, defaultFuncs))
-          .then(function (resData) {
-            if (resData.error) {
-              throw resData;
+module.exports = function (defaultFuncs, api, ctx) {
+    function uploadOne(stream) {
+        if (!isReadableStream(stream)) {
+            return Promise.reject({
+                error: "Attachment should be a readable stream and not " + getType(stream) + "."
+            });
+        }
+        const filename = _filenameFromStream(stream);
+        const contentType = _contentTypeFor(filename, stream);
+        const form = {
+            farr: {
+                value: stream,
+                options: {
+                    filename: filename,
+                    contentType: contentType
+                }
             }
+        };
-            // We have to return the data unformatted unless we want to change it
-            // back in sendMessage.
-            return resData.payload.metadata[0];
-          }),
-      );
+        return defaultFuncs
+            .postFormData(UPLOAD_URL, ctx.jar, form, {})
+            .then(parseAndCheckLogin(ctx, defaultFuncs))
+            .then(function (resData) {
+                if (resData.error) throw resData;
+                if (!resData.payload || !resData.payload.metadata) {
+                    throw { error: "Mercury upload returned no metadata", res: resData };
+                }
+                const md = resData.payload.metadata[0] || resData.payload.metadata["0"];
+                if (!md) {
+                    throw { error: "Mercury upload metadata[0] missing", res: resData };
+                }
+                return md;
+            });
     }
-    // resolve all promises
-    Promise.all(uploads)
-      .then(function (resData) {
-        callback(null, resData);
-      })
-      .catch(function (err) {
-        console.error("uploadAttachment", err);
-        return callback(err);
-      });
-  }
+    function upload(attachments, callback) {
+        callback = callback || function () { };
+        Promise.all(attachments.map(uploadOne))
+            .then(function (resData) { callback(null, resData); })
+            .catch(function (err) {
+                log.error("uploadAttachment", err);
+                return callback(err);
+            });
+    }
-  return function uploadAttachment(attachments, callback) {
-    if (
-      !attachments &&
-      !utils.isReadableStream(attachments) &&
-      !utils.getType(attachments) === "Array" &&
-      utils.getType(attachments) === "Array" &&
-      !attachments.length
-    )
-      throw { error: "Please pass an attachment or an array of attachments." };
+    return function uploadAttachment(attachments, callback) {
+        if (
+            !attachments &&
+            !isReadableStream(attachments) &&
+            !getType(attachments) === "Array" &&
+            getType(attachments) === "Array" && !attachments.length
+        ) {
+            throw { error: "Please pass an attachment or an array of attachments." };
+        }
-    let resolveFunc = function () {};
-    let rejectFunc = function () {};
-    const returnPromise = new Promise(function (resolve, reject) {
-      resolveFunc = resolve;
-      rejectFunc = reject;
-    });
+        let resolveFunc = function () { };
+        let rejectFunc = function () { };
+        const returnPromise = new Promise(function (resolve, reject) {
+            resolveFunc = resolve;
+            rejectFunc = reject;
+        });
-    if (!callback) {
-      callback = function (err, info) {
-        if (err) {
-          return rejectFunc(err);
+        if (!callback) {
+            callback = function (err, info) {
+                if (err) return rejectFunc(err);
+                resolveFunc(info);
+            };
         }
-        resolveFunc(info);
-      };
-    }
-    if (utils.getType(attachments) !== "Array") attachments = [attachments];
+        if (getType(attachments) !== "Array") attachments = [attachments];
-    upload(attachments, (err, info) => {
-      if (err) {
-        return callback(err);
-      }
-      callback(null, info);
-    });
+        upload(attachments, (err, info) => {
+            if (err) return callback(err);
+            callback(null, info);
+        });
-    return returnPromise;
-  };
+        return returnPromise;
+    };
 };

package/utils.js CHANGED Viewed

@@ -27,21 +27,83 @@ function setProxy(url) {
  * @param {undefined} [customHeader]
  */
+function sanitizeHeaderValue(value) {
+    if (value === null || value === undefined) return "";
+    var str = String(value);
+    if (str.trim().startsWith("[") && str.trim().endsWith("]")) {
+        try {
+            var parsed = JSON.parse(str);
+            if (Array.isArray(parsed)) return "";
+        } catch (_) { }
+    }
+    str = str.replace(/[\x00-\x08\x0B-\x0C\x0E-\x1F\x7F\r\n\[\]]/g, "").trim();
+    return str;
+}
+function sanitizeHeaderName(name) {
+    if (!name || typeof name !== "string") return "";
+    return name.replace(/[^\x21-\x7E]/g, "").trim();
+}
 function getHeaders(url, options, ctx, customHeader) {
+    options = options || {};
+    var host;
+    try { host = new URL(url).host; } catch (_) { host = url.replace("https://", "").split("/")[0]; }
+    var ua = options.userAgent ||
+        "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.4 Safari/605.1.15";
+    var referer = options.referer || "https://www.facebook.com/";
+    var origin = referer.replace(/\/+$/, "");
+    var contentType = options.contentType || "application/x-www-form-urlencoded";
+    var acceptLang = options.acceptLanguage || "en-US,en;q=0.9";
     var headers = {
-        "Content-Type": "application/x-www-form-urlencoded",
-        Referer: "https://www.facebook.com/",
-        Host: url.replace("https://", "").split("/")[0],
-        Origin: "https://www.facebook.com",
-        "user-agent": (options.userAgent || "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.114 Safari/537.36"),
+        Host: sanitizeHeaderValue(host),
+        Origin: sanitizeHeaderValue(origin),
+        Referer: sanitizeHeaderValue(referer),
+        "User-Agent": sanitizeHeaderValue(ua),
+        Accept: "text/html,application/xhtml+xml,application/xml;q=0.9,application/json;q=0.8,*/*;q=0.7",
+        "Accept-Language": sanitizeHeaderValue(acceptLang),
+        "Accept-Encoding": "gzip, deflate",
+        "Content-Type": sanitizeHeaderValue(contentType),
         Connection: "keep-alive",
-        "sec-fetch-site": 'same-origin',
-        "sec-fetch-mode": 'cors'
+        DNT: "1",
+        "Upgrade-Insecure-Requests": "1",
+        "sec-ch-ua": "\"Safari\";v=\"18\", \"Not;A=Brand\";v=\"24\"",
+        "sec-ch-ua-mobile": "?0",
+        "sec-ch-ua-platform": "\"macOS\"",
+        "Sec-Fetch-Site": "same-origin",
+        "Sec-Fetch-Mode": "cors",
+        "Sec-Fetch-Dest": "empty",
+        "X-Requested-With": "XMLHttpRequest",
+        Pragma: "no-cache",
+        "Cache-Control": "no-cache"
     };
-    if (customHeader) Object.assign(headers, customHeader);
-    if (ctx && ctx.region) headers["X-MSGR-Region"] = ctx.region;
-    return headers;
+    if (ctx && ctx.region) {
+        var regionVal = sanitizeHeaderValue(ctx.region);
+        if (regionVal) headers["X-MSGR-Region"] = regionVal;
+    }
+    if (customHeader && typeof customHeader === "object") {
+        for (var key in customHeader) {
+            if (!Object.prototype.hasOwnProperty.call(customHeader, key)) continue;
+            var val = customHeader[key];
+            if (val === null || val === undefined || typeof val === "function") continue;
+            if (typeof val === "object") continue;
+            var sk = sanitizeHeaderName(key);
+            var sv = sanitizeHeaderValue(val);
+            if (sk && sv !== "") headers[sk] = sv;
+        }
+    }
+    var sanitized = {};
+    for (var k in headers) {
+        if (!Object.prototype.hasOwnProperty.call(headers, k)) continue;
+        var sk2 = sanitizeHeaderName(k);
+        var sv2 = sanitizeHeaderValue(headers[k]);
+        if (sk2 && sv2 !== "") sanitized[sk2] = sv2;
+    }
+    return sanitized;
 }
 /**
@@ -2603,9 +2665,9 @@ function saveCookies(jar) {
     return function (/** @type {{ headers: { [x: string]: any[]; }; }} */res) {
         var cookies = res.headers["set-cookie"] || [];
         cookies.forEach(function (/** @type {string} */c) {
-            if (c.indexOf(".facebook.com") > -1) { // yo wtf is this?
-                jar.setCookie(c, "https://www.facebook.com");
-                jar.setCookie(c.replace(/domain=\.facebook\.com/, "domain=.messenger.com"), "https://www.messenger.com");
+            if (c.indexOf(".facebook.com") > -1) {
+                try { jar.setCookie(c, "https://www.facebook.com"); } catch (_) { }
+                try { jar.setCookie(c.replace(/domain=\.facebook\.com/, "domain=.messenger.com"), "https://www.messenger.com"); } catch (_) { }
             }
         });
         return res;