whistle 2.9.76 → 2.9.77

package/README.md

@@ -10,7 +10,7 @@
 [![Test coverage](https://codecov.io/gh/avwo/whistle/branch/master/graph/badge.svg?style=flat-square)](https://codecov.io/gh/avwo/whistle)
 [![npm download](https://img.shields.io/npm/dm/whistle.svg?style=flat-square)](https://npmjs.org/package/whistle)
 [![NPM count](https://img.shields.io/npm/dt/whistle.svg?style=flat-square)](https://www.npmjs.com/package/whistle)
-[![License](https://img.shields.io/npm/l/whistle.svg?style=flat-square)](https://www.npmjs.com/package/whistle)
+[![License](https://img.shields.io/aur/license/whistle?style=flat-square)](https://www.npmjs.com/package/whistle)
 
 **Mac 或 Windows 系统推荐使用客户端版本：https://github.com/avwo/whistle-client**
 
@@ -29,7 +29,8 @@ Whistle 是基于 Node 实现的跨平台抓包调试工具，其主要特点：
 	* 项目可以自带代理规则配置并一键设置到本地 Whistle 代理，也可以通过定制插件简化操作
 
 # 一键安装
-> 已安装 `brew` 的 PC，可以省略以下 1、2 步骤，直接通过以下方式一键安装：`brew install whistle && w2 start --init`（arm64 平台尝试用 `brew install node && npm i -g whistle && w2 start --init`）
+> 已安装 `brew` 的 PC，可以省略以下 1、2 步骤，直接通过以下方式一键安装：`brew install whistle && w2 start --init`
+
 1. 安装 Node（建议安装**最新的 LTS 版本**，如已安装忽略此步骤）：https://nodejs.org/
 2. 一键安装，在命令行执行以下命令：
 	``` sh

package/assets/js/log.js

@@ -220,6 +220,22 @@
 
     return obj === undefined ? 'undefined' : obj;
   }
+  var prefixPath;
+  function getPathPrefix() {
+    if (prefixPath) {
+      return prefixPath;
+    }
+    prefixPath = window.__WHISTLE_PATH_PREFIX__;
+    if (/^\/[\w./-]+$/.test(prefixPath) && prefixPath.length <= 128) {
+      var len = prefixPath.length - 1;
+      if (prefixPath[len] === '/') {
+        prefixPath = prefixPath.substring(0, len);
+      }
+    } else {
+      prefixPath = '';
+    }
+    return prefixPath;
+  }
 
   var index = 0;
   var MAX_LEN = 1024 * 56;
@@ -237,7 +253,8 @@
         logStr = logStr.substring(0, percIndex);
       }
     }
-    img.src ='$LOG_CGI?id=$LOG_ID&level=' + level + '&text=' + logStr
+    var baseUrl = '$BASE_URL' + getPathPrefix();
+    img.src = baseUrl + '$LOG_CGI?id=$LOG_ID&level=' + level + '&text=' + logStr
       + '&t=' + new Date().getTime() + '&' + ++index;
     var preventGC = function() {
       img.onload = img.onerror = null;

package/assets/js/weinre.js

@@ -3,12 +3,22 @@
   if (typeof window === 'undefined' || window.WeinreServerURL) {
     return;
   }
-  window.WeinreServerURL = '$WEINRE_PATH';
+  var prefixPath = window.__WHISTLE_PATH_PREFIX__;
+  if (/^\/[\w./-]+$/.test(prefixPath) && prefixPath.length <= 128) {
+    var len = prefixPath.length - 1;
+    if (prefixPath[len] === '/') {
+      prefixPath = prefixPath.substring(0, len);
+    }
+  } else {
+    prefixPath = '';
+  }
+  var baseUrl = '$BASE_URL' + prefixPath;
+  window.WeinreServerURL = baseUrl + '$WEINRE_PATH';
   var head = document.head || document.getElementsByTagName('head')[0] || document.documentElement;
   var script = document.createElement('script');
   script.async = true;
   script.charset = 'utf8';
-  script.src = '$WEINRE_URL';
+  script.src = baseUrl + '$WEINRE_URL';
   if (head.firstChild) {
     head.insertBefore(script, head.firstChild);
   } else {

package/lib/handlers/file-proxy.js

@@ -22,6 +22,7 @@ var QUOTE_RE = /"/g;
 var JS_RE = /^js:/i;
 var HTML_RE = /^html:/i;
 var BLANK_RE = /\s/g;
+var HASH_RE = /#.*$/;
 
 function urlToStr(url) {
   return url.replace(SLASH_RE, '').replace(QUOTE_RE, '\\$&').replace(BLANK_RE, ' ');
@@ -198,7 +199,11 @@ function handleLocHref(req, rule, handleRes) {
   }
   var type = isJs ? 'application/javascript' : 'text/html';
   if (body) {
-    body = 'window.location.href = "' + urlToStr(body) + '";';
+    body = urlToStr(body);
+    if (util.compareUrl(body.replace(HASH_RE, ''), req.fullUrl)) {
+      return false;
+    }
+    body = 'window.location.href = "' + body + '";';
     if (!isJs) {
       body = '<script>' + body + '</script>';
     }
@@ -211,6 +216,7 @@ function handleLocHref(req, rule, handleRes) {
       'content-type': type + '; charset=utf-8'
     }
   });
+  return true;
 }
 
 module.exports = function (req, res, next) {
@@ -223,7 +229,12 @@ module.exports = function (req, res, next) {
   var rules = req.rules;
   var rule = rules.rule;
   if (protoMgr.isLocHref(protocol)) {
-    return handleLocHref(req, rule, render);
+    if (handleLocHref(req, rule, render)) {
+      return;
+    }
+    req.isWebProtocol = true;
+    req.options = util.parseUrl(req.fullUrl);
+    return next();
   }
   if (isAutoCors(req, rule) && req.method === 'OPTIONS') {
     var optsRes = util.wrapResponse({ statusCode: 200  });

package/lib/inspectors/log.js

@@ -19,8 +19,8 @@ function getScript(host, isHtml, req) {
   var logCgiPath =
     config.WEBUI_PATH + 'log.' + config.port + '/cgi-bin/log/set';
   var result = isHtml ? logHtmlScript : logScript;
-  logCgiPath = (req.isHttps ? 'https://' : 'http://') + host + logCgiPath;
-  return result.replace('$LOG_CGI', logCgiPath);
+  var baseUrl = (req.isHttps ? 'https://' : 'http://') + host;
+  return result.replace('$BASE_URL', baseUrl).replace('$LOG_CGI', logCgiPath);
 }
 
 module.exports = function (req, res, next) {

package/lib/inspectors/res.js

@@ -1338,7 +1338,7 @@ module.exports = function (req, res, next) {
     });
   };
   var resHeaders = {};
-  var svRes = util.getStatusCodeFromRule(resRules);
+  var svRes = util.getStatusCodeFromRule(resRules, req);
   if (svRes) {
     req.hostIp = LOCALHOST;
     resHeaders.Connection = 'close';

package/lib/inspectors/weinre.js

@@ -10,16 +10,12 @@ var weinreHtmlScript = '\r\n<script>' + weinreScript + '</script>\r\n';
 
 function getScript(host, name, isHtml, req) {
   host = util.getInternalHost(req, host);
-  var weinrePath =
-    (req.isHttps ? 'https://' : 'http://') +
-    host +
-    config.WEBUI_PATH +
-    'weinre.' +
-    config.port;
+  var baseUrl = (req.isHttps ? 'https://' : 'http://') + host;
+  var weinrePath = config.WEBUI_PATH + 'weinre.' + config.port;
   var result = isHtml ? weinreHtmlScript : weinreScript;
   var weinreUrl =
     weinrePath + '/target/target-script-min.js#' + (name || 'anonymous');
-  return result
+  return result.replace('$BASE_URL', baseUrl)
     .replace('$WEINRE_PATH', weinrePath)
     .replace('$WEINRE_URL', weinreUrl);
 }

package/lib/rules/rules.js

@@ -245,17 +245,6 @@ function formatShorthand(url) {
   return url;
 }
 
-function formatUrl(pattern) {
-  var queryString = '';
-  var queryIndex = pattern.indexOf('?');
-  if (queryIndex != -1) {
-    queryString = pattern.substring(queryIndex);
-    pattern = pattern.substring(0, queryIndex);
-  }
-  var index = pattern.indexOf('://');
-  index = pattern.indexOf('/', index == -1 ? 0 : index + 3);
-  return (index == -1 ? pattern + '/' : pattern) + queryString;
-}
 
 function getKey(url) {
   if (url.indexOf('{') == 0) {
@@ -354,7 +343,7 @@ function join(first, second) {
     }
   }
   var query = joinQuery(firstQuery, secondQuery);
-  return WEB_PROTOCOL_RE.test(first) ? formatUrl(first + query) : first + query;
+  return WEB_PROTOCOL_RE.test(first) ? util.formatUrl(first + query) : first + query;
 }
 
 function toLine(_, line) {
@@ -844,7 +833,7 @@ function replaceSubMatcher(url, regExp, req) {
 }
 
 function resolveRuleList(req, list, vals, index, isFilter, isEnableProxy, host) {
-  var curUrl = formatUrl(req.curUrl);
+  var curUrl = util.formatUrl(req.curUrl);
   var notHttp = list.isRuleProto && curUrl[0] !== 'h';
   //支持域名匹配
   var domainUrl = curUrl.replace(
@@ -1255,7 +1244,7 @@ function parseRule(rulesMgr, pattern, matcher, raw, root, options) {
     isRegExp: isRegExp,
     isExact: isExact,
     protocol: isRegExp ? null : util.getProtocol(pattern),
-    pattern: isRegExp ? pattern : formatUrl(pattern),
+    pattern: isRegExp ? pattern : util.formatUrl(pattern),
     matcher: matcher,
     port: port,
     raw: raw,
@@ -2021,7 +2010,7 @@ proto.resolveHost = function (
 };
 
 proto.lookupHost = function (req, callback) {
-  req.curUrl = formatUrl(util.setProtocol(req.curUrl));
+  req.curUrl = util.formatUrl(util.setProtocol(req.curUrl));
   var options = parseUrl(req.curUrl);
   lookup(
     options.hostname,
@@ -2060,7 +2049,7 @@ function getHostFromList(list, req, vals) {
 }
 
 proto.getHost = function (req, pluginRulesMgr, rulesFileMgr, headerRulesMgr) {
-  var curUrl = formatUrl(util.setProtocol(req.curUrl));
+  var curUrl = util.formatUrl(util.setProtocol(req.curUrl));
   req.curUrl = curUrl;
   var filter = {};
   var filterHost =

package/lib/util/common.js

@@ -254,11 +254,38 @@ function replaceProtocol(url, protocol) {
   return (protocol || 'http:') + removeProtocol(url);
 }
 
+function formatUrl(pattern) {
+  var queryString = '';
+  var queryIndex = pattern.indexOf('?');
+  if (queryIndex != -1) {
+    queryString = pattern.substring(queryIndex);
+    pattern = pattern.substring(0, queryIndex);
+  }
+  var index = pattern.indexOf('://');
+  index = pattern.indexOf('/', index == -1 ? 0 : index + 3);
+  return (index == -1 ? pattern + '/' : pattern) + queryString;
+}
+
 exports.hasProtocol = hasProtocol;
 exports.setProtocol = setProtocol;
 exports.getProtocol = getProtocol;
 exports.removeProtocol = removeProtocol;
 exports.replaceProtocol = replaceProtocol;
+exports.formatUrl = formatUrl;
+
+var QUERY_RE = /\/[^/]*(?:\?.*)?$/;
+exports.getAbsUrl = function(url, fullUrl) {
+  if (HTTP_RE.test(url)) {
+    return formatUrl(url);
+  }
+  if (url[0] === '/') {
+    var index = fullUrl.indexOf('/', 8);
+    url = fullUrl.substring(0, index) + url;
+    return formatUrl(url);
+  }
+  url = fullUrl.replace(QUERY_RE, '') + '/' + url;
+  return formatUrl(url);
+};
 
 function getHomedir() {
   //默认设置为`~`，防止Linux在开机启动时Node无法获取homedir

package/lib/util/index.js

@@ -607,6 +607,8 @@ function isEnable(req, name) {
 
 exports.isEnable = isEnable;
 
+exports.formatUrl = common.formatUrl;
+
 exports.isKeepClientId = function(req, proxyUrl) {
   if (isEnable(req, 'keepClientId')) {
     return true;
@@ -926,6 +928,18 @@ exports.encodeNonLatin1Char = function (str) {
 
 exports.encodeURIComponent = safeEncodeURIComponent;
 
+function compareUrl(url, fullUrl) {
+  url = common.getAbsUrl(url, fullUrl);
+  if (url === fullUrl) {
+    return true;
+  }
+  try {
+    return url === decodeURIComponent(fullUrl);
+  } catch (e) {}
+}
+
+exports.compareUrl = compareUrl;
+
 function getPath(url, noProtocol) {
   if (url) {
     url = url.replace(SEARCH_RE, '');
@@ -3780,19 +3794,26 @@ exports.setClientCert = function (options, key, cert, isPfx, cacheKey) {
   }
 };
 
-exports.getStatusCodeFromRule = function (rules) {
+exports.getStatusCodeFromRule = function (rules, req) {
   var rule = rules.rule;
   var isSpec = rule && rule.isSpec;
   if (!isSpec) {
     return;
   }
-  rule = getMatcherValue(rule) || 200;
-  var result = { statusCode: rule, headers: {} };
-  if (isSpec === 2) {
+  rule = getMatcherValue(rule) || '';
+  var isRedirect = isSpec === 2;
+  if (req && isRedirect && rule && compareUrl(rule, req.fullUrl)) {
+    req.isWebProtocol = true;
+    req.options = parseUrl(req.fullUrl);
+    return;
+  }
+  var code = rule || 200;
+  var result = { statusCode: code, headers: {} };
+  if (isRedirect) {
     result.statusCode = 302;
     result.headers.location = rule;
   } else {
-    handleStatusCode(rule, result.headers);
+    handleStatusCode(code, result.headers);
   }
   return result;
 };

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "whistle",
   "description": "HTTP, HTTP2, HTTPS, Websocket debugging proxy",
-  "version": "2.9.76",
+  "version": "2.9.77",
   "dataDirname": ".whistle",
   "localUIHost": "local.whistlejs.com",
   "port": 8899,
@@ -53,7 +53,7 @@
     "pfork": "^0.6.2",
     "pipestream": "^0.7.3",
     "safe-buffer": "^5.1.2",
-    "set-global-proxy": "^0.2.0",
+    "set-global-proxy": "^0.2.1",
     "sni": "1.0.0",
     "sockx": "^0.2.1",
     "starting": "^8.0.2",