titaniumnet-mirror/Holy-Unblocker
1
0
Fork 0
mirror of https://github.com/QuiteAFancyEmerald/Holy-Unblocker.git synced 2025-05-13 03:50:02 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update app.js

Browse source
This commit is contained in:
TheEmeraldStarr 2020-09-18 13:34:52 -07:00 committed by GitHub
parent 2f9b050d48
commit 569a1b0020
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 16 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

23
app.js
View file

@ -105,7 +105,7 @@ function error(statusCode, info) {
} }
return (fs.readFileSync('public/assets/error.html', 'utf8').toString().replace('%ERROR%', `An error has occurred!`)) return (fs.readFileSync('public/assets/error.html', 'utf8').toString().replace('%ERROR%', `An error has occurred!`))
} }
// Post data to set URl's for reverse proxy URL's, or safer redirecting to proxied websites.
app.post('/createSession', async (req, res) => { app.post('/createSession', async (req, res) => {
if (req.body.url.startsWith('//')) { if (req.body.url.startsWith('//')) {
req.body.url = 'http:' + req.body.url; req.body.url = 'http:' + req.body.url;
@ -122,6 +122,7 @@ app.post('/createSession', async (req, res) => {
} }
}) })
// Custom prefix support will be in full effect soon!
var prefix = '/fetch'; var prefix = '/fetch';
app.use(prefix, async (req, res, next) => { app.use(prefix, async (req, res, next) => {
@ -146,18 +147,21 @@ app.use(prefix, async (req, res, next) => {
var httpsAgent = new https.Agent({ var httpsAgent = new https.Agent({
keepAlive: true keepAlive: true
}); });
// We are using the clients request headers as the headers to send the request so that headers such as Authorization will be passed through in a XML or fetch() request.
// The host header has to be set to the websites host and not the apps hostname so that there won't be issues.
var fetchHeaders = req.headers var fetchHeaders = req.headers
fetchHeaders['referer'] = location.href fetchHeaders['referer'] = location.href
fetchHeaders['origin'] = location.origin fetchHeaders['origin'] = location.origin
fetchHeaders['host'] = location.hostname fetchHeaders['host'] = location.hostname
// Cookie header causing issues sometimes :cursed:
if (fetchHeaders['cookie']) { if (fetchHeaders['cookie']) {
delete fetchHeaders['cookie'] delete fetchHeaders['cookie']
} }
var options = { var options = {
method: req.method, method: req.method,
headers: fetchHeaders, headers: fetchHeaders,
redirect: 'manual', redirect: 'manual',
agent: function(_parsedURL) { agent: function(_parsedURL) {
if (_parsedURL.protocol == 'http:') { if (_parsedURL.protocol == 'http:') {
return httpAgent; return httpAgent;
@ -168,7 +172,6 @@ app.use(prefix, async (req, res, next) => {
}; };
if (req.method == 'POST') { if (req.method == 'POST') {
// Have to do try catch for this POST data parser until we create our own one that won't have a syntax error sometimes.
try { try {
// str_body is a string containing the requests body // str_body is a string containing the requests body
options['body'] = req.str_body; options['body'] = req.str_body;
@ -176,6 +179,7 @@ app.use(prefix, async (req, res, next) => {
return; return;
} }
} }
// Makes sure to use the session URL that is contained so RV mode works.
if (req.url.startsWith('/rv')) { if (req.url.startsWith('/rv')) {
location.origin_encoded = 'rv' location.origin_encoded = 'rv'
} }
@ -186,6 +190,7 @@ app.use(prefix, async (req, res, next) => {
return; return;
} }
} }
// Custom fixes for websites such as Discord and Reddit.
if (location.href == 'https://discord.com' || location.href == 'https://discord.com/new') { if (location.href == 'https://discord.com' || location.href == 'https://discord.com/new') {
return res.redirect(307, `/fetch/${location.origin_encoded}/login`) return res.redirect(307, `/fetch/${location.origin_encoded}/login`)
} }
@ -195,7 +200,8 @@ app.use(prefix, async (req, res, next) => {
return res.redirect(307, '/fetch/rv' + location.path) return res.redirect(307, '/fetch/rv' + location.path)
} }
return res.redirect(307, '/fetch/' + base64Encode('https://old.reddit.com') + location.path) return res.redirect(307, '/fetch/' + base64Encode('https://old.reddit.com') + location.path)
} }
// This is where I am making the request, and getting the buffer and headers.
const response = await fetch(location.href, options).catch(err => res.send(error('404', `"${xss(location.href)}" was not found!`))); const response = await fetch(location.href, options).catch(err => res.send(error('404', `"${xss(location.href)}" was not found!`)));
if(typeof response.buffer != 'function')return; if(typeof response.buffer != 'function')return;
var resbody = await response.buffer(); var resbody = await response.buffer();
@ -209,17 +215,21 @@ app.use(prefix, async (req, res, next) => {
Object.entries(JSON.parse(JSON.stringify(response.headers.raw()))) Object.entries(JSON.parse(JSON.stringify(response.headers.raw())))
.map(([key, val]) => [key, val[0]]) .map(([key, val]) => [key, val[0]])
); );
// Making sure redirects are proxied.
if (serverHeaders['location']) { if (serverHeaders['location']) {
if (req.url.startsWith('/rv') && req.session.rvURL) { if (req.url.startsWith('/rv') && req.session.rvURL) {
req.session.rvURL = String(serverHeaders['location']).split('/').splice(0, 3).join('/') req.session.rvURL = String(serverHeaders['location']).split('/').splice(0, 3).join('/')
return res.redirect(307, '/fetch/rv/' + String(serverHeaders['location']).split('/').splice(3).join('/')) return res.redirect(307, '/fetch/rv/' + String(serverHeaders['location']).split('/').splice(3).join('/'))
} else return res.redirect(307, '/fetch/' + rewriteURL(String(serverHeaders['location']))) } else return res.redirect(307, '/fetch/' + rewriteURL(String(serverHeaders['location'])))
} }
// These headers can be conflicting.
delete serverHeaders['content-encoding'] delete serverHeaders['content-encoding']
delete serverHeaders['x-frame-options'] delete serverHeaders['x-frame-options']
delete serverHeaders['strict-transport-security'] delete serverHeaders['strict-transport-security']
delete serverHeaders['content-security-policy'] delete serverHeaders['content-security-policy']
delete serverHeaders['location'] delete serverHeaders['location']
// Setting status, headers, and content-type.
res.status(response.status) res.status(response.status)
res.set(serverHeaders) res.set(serverHeaders)
res.contentType(contentType) res.contentType(contentType)
@ -300,7 +310,7 @@ app.use('/alloy/url/',function (req, res, next) {
res.redirect(307, '/fetch/' + fullURL) res.redirect(307, '/fetch/' + fullURL)
}) })
// Utils section. Where stuff such as inject scripts are found!
app.use('/alloy/',function (req, res, next) { app.use('/alloy/',function (req, res, next) {
if (req.query.url) { if (req.query.url) {
@ -325,7 +335,6 @@ res.sendFile(__dirname + '/alloy' + req.url, function (err) {
}) })
app.use(function (req, res, next) { app.use(function (req, res, next) {
res.sendFile(__dirname + '/public' + req.url, function (err) { res.sendFile(__dirname + '/public' + req.url, function (err) {
if (err) { if (err) {