zefie/minisrv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

manual optimizations

Browse Source
This commit is contained in:
zefie
2025-08-11 14:52:12 -04:00
parent 1ddae93b07
commit 6c32fc4190
1 changed files with 66 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

142
zefie_wtvp_minisrv/app.js
View File

@@ -211,7 +211,7 @@ async function sendRawFile(socket, path) {
}); });
} }
var runScriptInVM = function (script_data, user_contextObj = {}, privileged = false, filename = null, debug_name = null) { const runScriptInVM = function (script_data, user_contextObj = {}, privileged = false, filename = null, debug_name = null) {
// Here we define the ServiceVault Script Context Object // Here we define the ServiceVault Script Context Object
// The ServiceVault scripts will only be allowed to access the following functions/variables. // The ServiceVault scripts will only be allowed to access the following functions/variables.
// Furthermore, only modifications to variables in `updateFromVM` will be saved. // Furthermore, only modifications to variables in `updateFromVM` will be saved.
@@ -350,7 +350,7 @@ async function handleCGI(executable, cgi_file, socket, request_headers, vault, s
vault = path.resolve(vault); vault = path.resolve(vault);
if (!vault.startsWith(SAFE_ROOT)) { if (!vault.startsWith(SAFE_ROOT)) {
console.error("Invalid vault path:", vault); console.error("Invalid vault path:", vault);
var errpage = wtvshared.doErrorPage(403); const errpage = wtvshared.doErrorPage(403);
sendToClient(socket, errpage[0], errpage[1]); sendToClient(socket, errpage[0], errpage[1]);
return; return;
} }
@@ -427,7 +427,7 @@ async function handleCGI(executable, cgi_file, socket, request_headers, vault, s
if (request_headers['content-length']) env.CONTENT_LENGTH = request_headers['content-length']; if (request_headers['content-length']) env.CONTENT_LENGTH = request_headers['content-length'];
else delete env['CONTENT_LENGTH']; else delete env['CONTENT_LENGTH'];
var post_data = (request_headers['post_data']) ? request_headers['post_data'] : ""; const post_data = (request_headers['post_data']) ? request_headers['post_data'] : "";
env.MINISRV_SESSION_STORE = serialize((session_data) ? session_data.getSessionData() : null); env.MINISRV_SESSION_STORE = serialize((session_data) ? session_data.getSessionData() : null);
env.MINISRV_DATA_STORE = serialize((session_data) ? session_data.get() : null); env.MINISRV_DATA_STORE = serialize((session_data) ? session_data.get() : null);
@@ -480,7 +480,7 @@ async function handlePHP(socket, request_headers, php_file, vault, service_name,
} }
async function processPath(socket, service_vault_file_path, request_headers = [], service_name, shared_romcache = null, pc_services = false) { async function processPath(socket, service_vault_file_path, request_headers = [], service_name, shared_romcache = null, pc_services = false) {
var headers, data = null; let headers, data = null;
let request_is_async = false; let request_is_async = false;
let service_vault_found = false; let service_vault_found = false;
let service_path = decodeURIComponent(service_vault_file_path); let service_path = decodeURIComponent(service_vault_file_path);
@@ -559,7 +559,7 @@ async function processPath(socket, service_vault_file_path, request_headers = []
if (minisrv_catchall) { if (minisrv_catchall) {
if (service_path_request_file == minisrv_catchall) { if (service_path_request_file == minisrv_catchall) {
request_is_async = true; request_is_async = true;
var errpage = wtvshared.doErrorPage(401, null, null, pc_services); const errpage = wtvshared.doErrorPage(401, null, null, pc_services);
sendToClient(socket, errpage[0], errpage[1]); sendToClient(socket, errpage[0], errpage[1]);
return; return;
} }
@@ -746,7 +746,7 @@ async function processPath(socket, service_vault_file_path, request_headers = []
if (!status) { if (!status) {
if (line.match(/minisrv\_service\_file.*true/i)) { if (line.match(/minisrv\_service\_file.*true/i)) {
request_is_async = true; request_is_async = true;
var errpage = wtvshared.doErrorPage(403, null, null, pc_services); const errpage = wtvshared.doErrorPage(403, null, null, pc_services);
sendToClient(socket, errpage[0], errpage[1]); sendToClient(socket, errpage[0], errpage[1]);
return; return;
} else { } else {
@@ -754,7 +754,7 @@ async function processPath(socket, service_vault_file_path, request_headers = []
} }
} else { } else {
request_is_async = true; request_is_async = true;
var errpage = wtvshared.doErrorPage(400, null, null, pc_services); const errpage = wtvshared.doErrorPage(400, null, null, pc_services);
sendToClient(socket, errpage[0], errpage[1]); sendToClient(socket, errpage[0], errpage[1]);
return; return;
} }
@@ -766,7 +766,7 @@ async function processPath(socket, service_vault_file_path, request_headers = []
if (!status) { if (!status) {
if (line.match(/^#!minisrv/i)) { if (line.match(/^#!minisrv/i)) {
request_is_async = true; request_is_async = true;
var errpage = wtvshared.doErrorPage(403, null, null, pc_services); const errpage = wtvshared.doErrorPage(403, null, null, pc_services);
sendToClient(socket, errpage[0], errpage[1]); sendToClient(socket, errpage[0], errpage[1]);
return; return;
} else { } else {
@@ -774,7 +774,7 @@ async function processPath(socket, service_vault_file_path, request_headers = []
} }
} else { } else {
request_is_async = true; request_is_async = true;
var errpage = wtvshared.doErrorPage(400, null, null, pc_services); const errpage = wtvshared.doErrorPage(400, null, null, pc_services);
sendToClient(socket, errpage[0], errpage[1]); sendToClient(socket, errpage[0], errpage[1]);
return; return;
} }
@@ -906,6 +906,7 @@ function getDirectoryIndex(svpath) {
async function processURL(socket, request_headers, pc_services = false) { async function processURL(socket, request_headers, pc_services = false) {
let shortURL, headers, data, service_name; let shortURL, headers, data, service_name;
let original_service_name = ""; let original_service_name = "";
let shared_romcache = null;
let allow_double_slash = false, enable_multi_query = false, use_external_proxy = false; let allow_double_slash = false, enable_multi_query = false, use_external_proxy = false;
request_headers.query = {}; request_headers.query = {};
@@ -1099,7 +1100,7 @@ minisrv-no-mail-count: true`;
} }
} }
const urlToPath = wtvshared.fixPathSlashes(service_name + path.sep + shortURL.split(':/')[1]); const urlToPath = wtvshared.fixPathSlashes(service_name + path.sep + shortURL.split(':/')[1]);
let shared_romcache = null;
if ((shortURL.includes(":/ROMCache/") || shortURL.includes("://ROMCache/")) && minisrv_config.config.enable_shared_romcache) { if ((shortURL.includes(":/ROMCache/") || shortURL.includes("://ROMCache/")) && minisrv_config.config.enable_shared_romcache) {
shared_romcache = wtvshared.fixPathSlashes(minisrv_config.config.SharedROMCache + path.sep + shortURL.split(':/')[1]); shared_romcache = wtvshared.fixPathSlashes(minisrv_config.config.SharedROMCache + path.sep + shortURL.split(':/')[1]);
} }
@@ -1294,7 +1295,7 @@ async function doHTTPProxy(socket, request_headers) {
if (request_type === "https") request_data.port = 443; if (request_type === "https") request_data.port = 443;
else request_data.port = 80; else request_data.port = 80;
} }
for (var i = 0; i < 3; i++) request_url_split.shift(); for (let i = 0; i < 3; i++) request_url_split.shift();
request_data.path = "/" + request_url_split.join('/'); request_data.path = "/" + request_url_split.join('/');
if (request_data.method && request_data.host && request_data.path) { if (request_data.method && request_data.host && request_data.path) {
@@ -1479,13 +1480,14 @@ async function sendToClient(socket, headers_obj, data = null) {
wtvshared.getFileExt(socket_sessions[socket.id].request_headers.service_file_path).toLowerCase() !== "php" || wtvshared.getFileExt(socket_sessions[socket.id].request_headers.service_file_path).toLowerCase() !== "php" ||
wtvshared.getFileExt(socket_sessions[socket.id].request_headers.service_file_path).toLowerCase() !== "cgi" || wtvshared.getFileExt(socket_sessions[socket.id].request_headers.service_file_path).toLowerCase() !== "cgi" ||
socket_sessions[socket.id].request_headers.raw_file === true) { socket_sessions[socket.id].request_headers.raw_file === true) {
let last_modified_formatted = null;
if (socket.res) { if (socket.res) {
var last_modified_formatted = wtvshared.getFileLastModifiedUTCString(socket_sessions[socket.id].request_headers.service_file_path); last_modified_formatted = wtvshared.getFileLastModifiedUTCString(socket_sessions[socket.id].request_headers.service_file_path);
} else { } else {
var last_modified = wtvshared.getFileLastModifiedUTCObj(socket_sessions[socket.id].request_headers.service_file_path); const last_modified = wtvshared.getFileLastModifiedUTCObj(socket_sessions[socket.id].request_headers.service_file_path);
var strftime = require('strftime'); const strftime = require('strftime');
var strf = strftime.timezone(timezone); const strf = strftime.timezone(timezone);
var last_modified_formatted = strf("%a, %d %b %Y %H:%M:%S", last_modified); last_modified_formatted = strf("%a, %d %b %Y %H:%M:%S", last_modified);
} }
if (last_modified_formatted) headers_obj["Last-Modified"] = last_modified_formatted; if (last_modified_formatted) headers_obj["Last-Modified"] = last_modified_formatted;
} }
@@ -1561,8 +1563,7 @@ async function sendToClient(socket, headers_obj, data = null) {
headers_obj = wtvshared.moveObjectKey('wtv-encrypted', 'Connection', headers_obj); headers_obj = wtvshared.moveObjectKey('wtv-encrypted', 'Connection', headers_obj);
if (content_length > 0 && socket_sessions[socket.id].wtvsec) { if (content_length > 0 && socket_sessions[socket.id].wtvsec) {
if (!minisrv_config.config.debug_flags.quiet) console.debug(" * Encrypting response to client ...") if (!minisrv_config.config.debug_flags.quiet) console.debug(" * Encrypting response to client ...")
var enc_data = socket_sessions[socket.id].wtvsec.Encrypt(1, data); data = socket_sessions[socket.id].wtvsec.Encrypt(1, data);
data = enc_data;
} }
} }
@@ -1646,7 +1647,7 @@ async function sendToClient(socket, headers_obj, data = null) {
headers += headers_obj[k] + eol; headers += headers_obj[k] + eol;
} else { } else {
if (k.indexOf('_') >= 0) { if (k.indexOf('_') >= 0) {
var j = k.split('_')[0]; let j = k.split('_')[0];
headers += j + ": " + headers_obj[k] + eol; headers += j + ": " + headers_obj[k] + eol;
} else { } else {
headers += k + ": " + headers_obj[k] + eol; headers += k + ": " + headers_obj[k] + eol;
@@ -1683,11 +1684,11 @@ async function sendToClient(socket, headers_obj, data = null) {
toClient = headers + eol + data; toClient = headers + eol + data;
sendToSocket(socket, Buffer.from(toClient)); sendToSocket(socket, Buffer.from(toClient));
} else if (typeof data === 'object') { } else if (typeof data === 'object') {
if (minisrv_config.config.debug_flags.quiet) var verbosity_mod = (headers_obj["wtv-encrypted"] == 'true') ? " encrypted response" : ""; const verbosity_mod = (headers_obj["wtv-encrypted"] == 'true') ? " encrypted response" : "";
if (socket_sessions[socket.id].secure_headers == true) { if (socket_sessions[socket.id].secure_headers == true) {
// encrypt headers // encrypt headers
if (minisrv_config.config.debug_flags.quiet) verbosity_mod += " with encrypted headers"; if (minisrv_config.config.debug_flags.quiet) verbosity_mod += " with encrypted headers";
var enc_headers = socket_sessions[socket.id].wtvsec.Encrypt(1, headers + eol); const enc_headers = socket_sessions[socket.id].wtvsec.Encrypt(1, headers + eol);
sendToSocket(socket, new Buffer.from(concatArrayBuffer(enc_headers, data))); sendToSocket(socket, new Buffer.from(concatArrayBuffer(enc_headers, data)));
} else { } else {
sendToSocket(socket, new Buffer.from(concatArrayBuffer(Buffer.from(headers + eol), data))); sendToSocket(socket, new Buffer.from(concatArrayBuffer(Buffer.from(headers + eol), data)));
@@ -1764,6 +1765,7 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq
// This function sucks and needs to be rewritten // This function sucks and needs to be rewritten
let headers = []; let headers = [];
let header_length = 0;
if (socket_sessions[socket.id]) { if (socket_sessions[socket.id]) {
if (socket_sessions[socket.id].headers) { if (socket_sessions[socket.id].headers) {
headers = socket_sessions[socket.id].headers; headers = socket_sessions[socket.id].headers;
@@ -1783,7 +1785,7 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq
} }
if (isUnencryptedString(data)) { if (isUnencryptedString(data)) {
if (headers.length != 0) { if (headers.length != 0) {
var new_header_obj = wtvshared.headerStringToObj(data); const new_header_obj = wtvshared.headerStringToObj(data);
Object.keys(new_header_obj).forEach(function (k, v) { Object.keys(new_header_obj).forEach(function (k, v) {
headers[k] = new_header_obj[k]; headers[k] = new_header_obj[k];
}); });
@@ -1801,18 +1803,15 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq
socket_sessions[socket.id].wtvsec.SecureOn(); socket_sessions[socket.id].wtvsec.SecureOn();
socket_sessions[socket.id].secure = true; socket_sessions[socket.id].secure = true;
} }
var enc_data = CryptoJS.enc.Hex.parse(data_hex.slice(header_length * 2)); const enc_data = CryptoJS.enc.Hex.parse(data_hex.slice(header_length * 2));
if (enc_data.sigBytes > 0) { if (enc_data.sigBytes > 0) {
if (!socket_sessions[socket.id].wtvsec) { if (!socket_sessions[socket.id].wtvsec) {
var errpage = wtvshared.doErrorPage(400); const errpage = wtvshared.doErrorPage(400);
headers = errpage[0]; sendToClient(socket, errpage[0] + "wtv-visit: client:relog\n", errpage[1]);
headers += "wtv-visit: client:relog\n";
data = errpage[1];
sendToClient(socket, headers, data);
return; return;
} }
var dec_data = CryptoJS.lib.WordArray.create(socket_sessions[socket.id].wtvsec.Decrypt(0, enc_data)); const dec_data = CryptoJS.lib.WordArray.create(socket_sessions[socket.id].wtvsec.Decrypt(0, enc_data));
var secure_headers = await processRequest(socket, dec_data.toString(CryptoJS.enc.Hex), true, true); const secure_headers = await processRequest(socket, dec_data.toString(CryptoJS.enc.Hex), true, true);
if (secure_headers) { if (secure_headers) {
headers = []; headers = [];
headers.encrypted = true; headers.encrypted = true;
@@ -1832,11 +1831,9 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq
if (!wtvshared.checkSSID(socket.ssid)) { if (!wtvshared.checkSSID(socket.ssid)) {
if (!socket.ssid.startsWith("1SEGA") && !socket.ssid.startsWith("MSTVSIMU")) { if (!socket.ssid.startsWith("1SEGA") && !socket.ssid.startsWith("MSTVSIMU")) {
// reject invalid SSIDs, but let Dreamcast and MSTV Sim through for now until we figure out their checksumming method. // reject invalid SSIDs, but let Dreamcast and MSTV Sim through for now until we figure out their checksumming method.
var errpage = wtvshared.doErrorPage(400, "minisrv ran into a technical problem. Reason: Your SSID is not valid."); const errpage = wtvshared.doErrorPage(400, "minisrv ran into a technical problem. Reason: Your SSID is not valid.");
headers = errpage[0];
data = errpage[1];
socket.close_me = true; socket.close_me = true;
sendToClient(socket, headers, data); sendToClient(socket, errpage[0], errpage[1]);
return; return;
} }
} }
@@ -1926,7 +1923,6 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq
socket_sessions[socket.id].secure = true; socket_sessions[socket.id].secure = true;
} }
if (!headers.request_url) { if (!headers.request_url) {
var header_length = 0;
if (data_hex.includes("0d0a0d0a")) { if (data_hex.includes("0d0a0d0a")) {
// \r\n\r\n // \r\n\r\n
header_length = data.length + 4; header_length = data.length + 4;
@@ -1934,11 +1930,11 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq
// \n\n // \n\n
header_length = data.length + 2; header_length = data.length + 2;
} }
var enc_data = CryptoJS.enc.Hex.parse(data_hex.slice(header_length * 2)); const enc_data = CryptoJS.enc.Hex.parse(data_hex.slice(header_length * 2));
if (enc_data.sigBytes > 0) { if (enc_data.sigBytes > 0) {
// SECURE ON and detected encrypted data // SECURE ON and detected encrypted data
var dec_data = CryptoJS.lib.WordArray.create(socket_sessions[socket.id].wtvsec.Decrypt(0, enc_data)) const dec_data = CryptoJS.lib.WordArray.create(socket_sessions[socket.id].wtvsec.Decrypt(0, enc_data))
if (!socket_sessions[socket.id].secure_buffer) socket_sessions[socket.id].secure_buffer = ""; if (!socket_sessions[socket.id].secure_buffer) socket_sessions[socket.id].secure_buffer = "";
socket_sessions[socket.id].secure_buffer += dec_data.toString(CryptoJS.enc.Hex); socket_sessions[socket.id].secure_buffer += dec_data.toString(CryptoJS.enc.Hex);
let secure_headers = null; let secure_headers = null;
@@ -1959,10 +1955,8 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq
if (minisrv_config.config.debug_flags.debug) console.debug(" # Encrypted Request (SECURE ON)", "on", socket.id); if (minisrv_config.config.debug_flags.debug) console.debug(" # Encrypted Request (SECURE ON)", "on", socket.id);
if (!secure_headers.request) { if (!secure_headers.request) {
socket_sessions[socket.id].secure = false; socket_sessions[socket.id].secure = false;
var errpage = wtvshared.doErrorPage(400); const errpage = wtvshared.doErrorPage(400);
headers = errpage[0]; sendToClient(socket, errpage[0], errpage[1]);
data = errpage[1];
sendToClient(socket, headers, data);
return; return;
} }
@@ -1993,13 +1987,14 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq
// handle POST // handle POST
if (headers['request'] && !socket_sessions[socket.id].expecting_post_data) { if (headers['request'] && !socket_sessions[socket.id].expecting_post_data) {
if (headers['request'].slice(0, 4) == "POST") { if (headers['request'].slice(0, 4) == "POST") {
let post_string = "POST";
socket.setTimeout(minisrv_config.config.post_data_socket_timeout * 1000); socket.setTimeout(minisrv_config.config.post_data_socket_timeout * 1000);
if (typeof socket_sessions[socket.id].post_data == "undefined") { if (typeof socket_sessions[socket.id].post_data == "undefined") {
if (socket_sessions[socket.id].post_data_percents_shown) delete socket_sessions[socket.id].post_data_percents_shown; if (socket_sessions[socket.id].post_data_percents_shown) delete socket_sessions[socket.id].post_data_percents_shown;
socket_sessions[socket.id].post_data_length = parseInt(headers['Content-length'] || headers['Content-Length'] || 0); socket_sessions[socket.id].post_data_length = parseInt(headers['Content-length'] || headers['Content-Length'] || 0);
socket_sessions[socket.id].post_data = ""; socket_sessions[socket.id].post_data = "";
socket_sessions[socket.id].headers = headers; socket_sessions[socket.id].headers = headers;
var post_string = "POST";
if (socket_sessions[socket.id].secure) post_string = "Encrypted " + post_string; if (socket_sessions[socket.id].secure) post_string = "Encrypted " + post_string;
// the client may have just sent the data with the primary headers, so lets look for that. // the client may have just sent the data with the primary headers, so lets look for that.
@@ -2023,10 +2018,8 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq
processURL(socket, headers); processURL(socket, headers);
} else if (socket_sessions[socket.id].post_data.length > (socket_sessions[socket.id].post_data_length * 2)) { } else if (socket_sessions[socket.id].post_data.length > (socket_sessions[socket.id].post_data_length * 2)) {
// got too much data ? ... should not ever reach this code (section 2) // got too much data ? ... should not ever reach this code (section 2)
var errpage = wtvshared.doErrorPage(400, null, "Received too much data in POST request<br>Got " + (socket_sessions[socket.id].post_data.length / 2) + ", expected " + socket_sessions[socket.id].post_data_length) + " (2)"; const errpage = wtvshared.doErrorPage(400, null, "Received too much data in POST request<br>Got " + (socket_sessions[socket.id].post_data.length / 2) + ", expected " + socket_sessions[socket.id].post_data_length) + " (2)";
headers = errpage[0]; sendToClient(socket, errpage[0], errpage[1]);
data = errpage[1];
sendToClient(socket, headers, data);
return; return;
} else { } else {
// expecting more data (see below) // expecting more data (see below)
@@ -2060,17 +2053,18 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq
} }
if (socket_sessions[socket.id].post_data.length < (socket_sessions[socket.id].post_data_length * 2)) { if (socket_sessions[socket.id].post_data.length < (socket_sessions[socket.id].post_data_length * 2)) {
const enc_data = CryptoJS.enc.Hex.parse(data_hex); const enc_data = CryptoJS.enc.Hex.parse(data_hex);
let dec_data;
if (socket_sessions[socket.id].secure) { if (socket_sessions[socket.id].secure) {
// decrypt if encrypted // decrypt if encrypted
var dec_data = CryptoJS.lib.WordArray.create(socket_sessions[socket.id].wtvsec.Decrypt(0, enc_data)) dec_data = CryptoJS.lib.WordArray.create(socket_sessions[socket.id].wtvsec.Decrypt(0, enc_data));
} else { } else {
// just pass it over // just pass it over
var dec_data = enc_data; dec_data = enc_data;
} }
socket_sessions[socket.id].post_data += dec_data.toString(CryptoJS.enc.Hex); socket_sessions[socket.id].post_data += dec_data.toString(CryptoJS.enc.Hex);
var post_string = "POST"; let post_string = "POST";
if (socket_sessions[socket.id].secure == true) post_string = "Encrypted " + post_string; if (socket_sessions[socket.id].secure == true) post_string = "Encrypted " + post_string;
if (minisrv_config.config.post_debug) { if (minisrv_config.config.post_debug) {
@@ -2078,7 +2072,7 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq
console.debug(" * ", Math.floor(new Date().getTime() / 1000), "Receiving", post_string, "data on", socket.id, "[", socket_sessions[socket.id].post_data.length / 2, "of", socket_sessions[socket.id].post_data_length, "bytes ]"); console.debug(" * ", Math.floor(new Date().getTime() / 1000), "Receiving", post_string, "data on", socket.id, "[", socket_sessions[socket.id].post_data.length / 2, "of", socket_sessions[socket.id].post_data_length, "bytes ]");
} else { } else {
// calculate and display percentage of data received // calculate and display percentage of data received
var postPercent = wtvshared.getPercentage(socket_sessions[socket.id].post_data.length, (socket_sessions[socket.id].post_data_length * 2)); const postPercent = wtvshared.getPercentage(socket_sessions[socket.id].post_data.length, (socket_sessions[socket.id].post_data_length * 2));
if (minisrv_config.config.post_percentages) { if (minisrv_config.config.post_percentages) {
if (minisrv_config.config.post_percentages.includes(postPercent)) { if (minisrv_config.config.post_percentages.includes(postPercent)) {
if (!socket_sessions[socket.id].post_data_percents_shown) socket_sessions[socket.id].post_data_percents_shown = new Array(); if (!socket_sessions[socket.id].post_data_percents_shown) socket_sessions[socket.id].post_data_percents_shown = new Array();
@@ -2097,10 +2091,8 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq
if (socket_sessions[socket.id].expecting_post_data) delete socket_sessions[socket.id].expecting_post_data; if (socket_sessions[socket.id].expecting_post_data) delete socket_sessions[socket.id].expecting_post_data;
socket.setTimeout(minisrv_config.config.socket_timeout * 1000); socket.setTimeout(minisrv_config.config.socket_timeout * 1000);
if (headers.length == 0) { if (headers.length == 0) {
var errpage = wtvshared.doErrorPage(400, `${minisrv_config.config.service_name} ran into a technical problem, please try again.`); const errpage = wtvshared.doErrorPage(400, `${minisrv_config.config.service_name} ran into a technical problem, please try again.`);
headers = errpage[0]; sendToClient(socket, errpage[0], errpage[1]);
data = errpage[1];
sendToClient(socket, headers, data);
return; return;
} }
headers.post_data = CryptoJS.enc.Hex.parse(socket_sessions[socket.id].post_data); headers.post_data = CryptoJS.enc.Hex.parse(socket_sessions[socket.id].post_data);
@@ -2118,12 +2110,10 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq
if (socket_sessions[socket.id].expecting_post_data) delete socket_sessions[socket.id].expecting_post_data; if (socket_sessions[socket.id].expecting_post_data) delete socket_sessions[socket.id].expecting_post_data;
socket.setTimeout(minisrv_config.config.socket_timeout * 1000); socket.setTimeout(minisrv_config.config.socket_timeout * 1000);
// got too much data ? ... should not ever reach this code // got too much data ? ... should not ever reach this code
var errmsg = "Received too much data in POST request<br>Got " + (socket_sessions[socket.id].post_data.length / 2) + ", expected " + socket_sessions[socket.id].post_data_length; const errmsg = "Received too much data in POST request<br>Got " + (socket_sessions[socket.id].post_data.length / 2) + ", expected " + socket_sessions[socket.id].post_data_length;
console.error(errmsg); console.error(errmsg);
var errpage = wtvshared.doErrorPage(400, null, errmsg); const errpage = wtvshared.doErrorPage(400, null, errmsg);
headers = errpage[0]; sendToClient(socket, errpage[0], errpage[1]);
data = errpage[1];
sendToClient(socket, headers, data);
return; return;
} }
} }
@@ -2140,8 +2130,7 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq
if (enc_data.sigBytes > 0) { if (enc_data.sigBytes > 0) {
if (!socket_sessions[socket.id].wtvsec) { if (!socket_sessions[socket.id].wtvsec) {
const errpage = wtvshared.doErrorPage(400); const errpage = wtvshared.doErrorPage(400);
const head = errpage[0] + "wtv-visit: client:relog\n"; sendToClient(socket, errpage[0] + "wtv-visit: client:relog\n", errpage[1]);
sendToClient(socket, head, errpage[1]);
return; return;
} }
const str_test = enc_data.toString(CryptoJS.enc.Latin1); const str_test = enc_data.toString(CryptoJS.enc.Latin1);
@@ -2476,7 +2465,7 @@ const bind_ports = [...new Set(ports)]
if (!minisrv_config.config.bind_ip) minisrv_config.config.bind_ip = "0.0.0.0"; if (!minisrv_config.config.bind_ip) minisrv_config.config.bind_ip = "0.0.0.0";
bind_ports.every(function (v) { bind_ports.every(function (v) {
try { try {
var server = net.createServer(handleSocket); const server = net.createServer(handleSocket);
server.listen(v, minisrv_config.config.bind_ip); server.listen(v, minisrv_config.config.bind_ip);
return true; return true;
} catch (e) { } catch (e) {
@@ -2491,12 +2480,12 @@ const pc_bind_ports = [...new Set(pc_ports)]
if (!minisrv_config.config.bind_ip) minisrv_config.config.bind_ip = "0.0.0.0"; if (!minisrv_config.config.bind_ip) minisrv_config.config.bind_ip = "0.0.0.0";
pc_bind_ports.every(function (v) { pc_bind_ports.every(function (v) {
try { try {
var server = express(); const server = express();
server.use(express.raw({ type: '*/*' })) server.use(express.raw({ type: '*/*' }))
var service_name = getServiceByPort(v); const service_name = getServiceByPort(v);
var service_handler = http; let service_handler = http;
var server_opts = {}; let server_opts = {};
var using_tls = (minisrv_config.services[service_name].https_cert && minisrv_config.services[service_name].use_https) ? true : false; const using_tls = (minisrv_config.services[service_name].https_cert && minisrv_config.services[service_name].use_https) ? true : false;
if (using_tls) { if (using_tls) {
service_handler = httpx; service_handler = httpx;
@@ -2515,9 +2504,9 @@ pc_bind_ports.every(function (v) {
service_handler.createServer(server_opts, server).listen(v, minisrv_config.config.bind_ip); service_handler.createServer(server_opts, server).listen(v, minisrv_config.config.bind_ip);
server.get('*', (req, res) => { server.get('*', (req, res) => {
var ssl = (req.socket.ssl) ? true : false; const ssl = (req.socket.ssl) ? true : false;
var service_name = getServiceByPort(v); let service_name = getServiceByPort(v);
var request_headers = {}; const request_headers = {};
request_headers['request'] = "GET " + req.originalUrl + " HTTP/1.1"; request_headers['request'] = "GET " + req.originalUrl + " HTTP/1.1";
request_headers.request_url = req.originalUrl; request_headers.request_url = req.originalUrl;
@@ -2528,7 +2517,7 @@ pc_bind_ports.every(function (v) {
}); });
request_headers.query = req.query; request_headers.query = req.query;
var host_name = (request_headers['host']) ? request_headers['host'] : null; let host_name = (request_headers['host']) ? request_headers['host'] : null;
if (host_name) { if (host_name) {
if (host_name.includes(":")) host_name = host_name.slice(0, host_name.indexOf(":")); if (host_name.includes(":")) host_name = host_name.slice(0, host_name.indexOf(":"));
@@ -2546,7 +2535,7 @@ pc_bind_ports.every(function (v) {
else debug(" * Incoming " + ((ssl) ? "HTTPS" : "HTTP") + " PC GET Headers on", service_name, "socket ID", req.socket.id, wtvshared.filterRequestLog(request_headers)); else debug(" * Incoming " + ((ssl) ? "HTTPS" : "HTTP") + " PC GET Headers on", service_name, "socket ID", req.socket.id, wtvshared.filterRequestLog(request_headers));
if (!ssl && minisrv_config.services[service_name].force_https && minisrv_config.services[service_name].https_cert) { if (!ssl && minisrv_config.services[service_name].force_https && minisrv_config.services[service_name].https_cert) {
var headers = `302 Moved const headers = `302 Moved
Location: https://${(minisrv_config.services[service_name].https_cert.domain) ? minisrv_config.services[service_name].https_cert.domain : minisrv_config.services[service_name].host}:${minisrv_config.services[service_name].port}${req.originalUrl} Location: https://${(minisrv_config.services[service_name].https_cert.domain) ? minisrv_config.services[service_name].https_cert.domain : minisrv_config.services[service_name].host}:${minisrv_config.services[service_name].port}${req.originalUrl}
Content-type: text/html`; Content-type: text/html`;
sendToClient(req.socket, headers); sendToClient(req.socket, headers);
@@ -2554,7 +2543,7 @@ Content-type: text/html`;
processURL(req.socket, request_headers, true) processURL(req.socket, request_headers, true)
} }
} else { } else {
var errpage = wtvshared.doErrorPage(404, "Service Not Found ("+service_name+")", null, true); const errpage = wtvshared.doErrorPage(404, "Service Not Found ("+service_name+")", null, true);
sendToClient(req.socket, errpage[0], errpage[1]); sendToClient(req.socket, errpage[0], errpage[1]);
} }
}) })
@@ -2595,11 +2584,10 @@ Content-type: text/html`;
if (req.body.length > (minisrv_config.config.max_post_length * 1024 * 1024)) { if (req.body.length > (minisrv_config.config.max_post_length * 1024 * 1024)) {
errpage = wtvshared.doErrorPage("400", "POST size too large", null, true); errpage = wtvshared.doErrorPage("400", "POST size too large", null, true);
} else { } else {
var data = ""; request_headers.post_data = "";
for (var i = 0; i < req.body.length; i++) { for (let i = 0; i < req.body.length; i++) {
data += String.fromCharCode(req.body[i]); request_headers.post_data += String.fromCharCode(req.body[i]);
} }
request_headers.post_data = data;
} }
} else { } else {
request_headers.post_data = ""; request_headers.post_data = "";