zefie/minisrv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix http_pc pc services

Browse Source
This commit is contained in:
zefie
2022-10-01 23:29:59 -04:00
parent 1752bfed35
commit bac031bd4e
5 changed files with 61 additions and 109 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
zefie_wtvp_minisrv/ServiceVault/http_pc/get.js
View File

@@ -1,39 +0,0 @@
var minisrv_service_file = true;
if (request_headers.query.url) {
if (request_headers.query.url.indexOf(":/") > 0) {
var service_request = request_headers.query.url.split(":/")[0];
var service_port = 0;
Object.keys(minisrv_config.services).forEach(function (k) {
if (minisrv_config.services[k].disabled) return;
if (k == service_request) service_port = minisrv_config.services[k].port;
});
if (service_port > 0) {
request_is_async = true;
var request_headers_out = new Array()
request_headers_out.request = "GET " + request_headers.query.url;
request_headers_out.request_url = request_headers.query.url;
request_headers_out['wtv-client-serial-number'] = socket.id + "HTTPPCReq";
processURL(socket, request_headers_out);
/*
var s = require('net').Socket();
var outdata = "";
s.connect(service_port);
s.setTimeout(1, function () {
outdata = outdata.split()
sendToClient(socket,outdata);
});
s.on('data', function (data) {
outdata += data;
});
s.write()
*/
}
}
}
if (!headers) {
var errpage = wtvshared.doErrorPage(500)
headers = errpage[0];
data = errpage[1];
}

24
zefie_wtvp_minisrv/ServiceVault/http_pc/index.js
View File

@@ -3,31 +3,13 @@ var minisrv_service_file = true;
headers = `200 OK headers = `200 OK
Content-Type: text/html` Content-Type: text/html`
var splash_logo = minisrv_config.config.service_splash_logo;
if (splash_logo.substring(0, 4) == "file") splash_logo = "wtv-star:/ROMCache/splash_logo_hacktv.gif";
data = `<html> data = `<html>
<head> <head>
<display hideoptions nostatus showwhencomplete skipback clearback fontsize=medium>
<title>zefie minisrv ${minisrv_config.version}</title> <title>zefie minisrv ${minisrv_config.version}</title>
<meta http-equiv=Refresh content="4; url=wtv-home:/home?">
</head> </head>
<body bgcolor="#000000" text="#449944"> <body bgcolor="#000000" text="#449944">
<center> <p>
<spacer type=block height=88 width=21> Welcome to the zefie minisrv ${minisrv_config.version} PC Services
<img src="/get?url=${escape('wtv-star:/ROMCache/spacer.gif')}" height=4><br> </p>
<img src="/get?url=${escape(splash_logo)}">
<br><br><br>
<p><br>
<p><br>
<table border>
<tr><td width=150>
Mini service
<tr><td>
zefie minisrv v${minisrv_config.version}`;
if (minisrv_config.config.git_commit) data += " (git " + minisrv_config.config.git_commit + ")";
data += `
</table>
</center>
</body> </body>
</html>`; </html>`;

88
zefie_wtvp_minisrv/app.js
View File

@@ -432,8 +432,10 @@ async function processPath(socket, service_vault_file_path, request_headers = ne
} }
async function processURL(socket, request_headers) { async function processURL(socket, request_headers) {
console.log(request_headers)
var shortURL, headers, data = ""; var shortURL, headers, data = "";
var enable_multi_query = false; var enable_multi_query = false;
socket.minisrv_pc_mode = false;
request_headers.query = new Array(); request_headers.query = new Array();
if (request_headers.request_url) { if (request_headers.request_url) {
if (request_headers.request_url.indexOf('?') >= 0) { if (request_headers.request_url.indexOf('?') >= 0) {
@@ -517,7 +519,6 @@ async function processURL(socket, request_headers) {
console.log("error:",e) console.log("error:",e)
} }
} }
if ((shortURL.indexOf("http") != 0 && shortURL.indexOf("ftp") != 0 && shortURL.indexOf(":") > 0 && shortURL.indexOf(":/") == -1)) { if ((shortURL.indexOf("http") != 0 && shortURL.indexOf("ftp") != 0 && shortURL.indexOf(":") > 0 && shortURL.indexOf(":/") == -1)) {
// Apparently it is within WTVP spec to accept urls without a slash (eg wtv-home:home) // Apparently it is within WTVP spec to accept urls without a slash (eg wtv-home:home)
// Here, we just reassemble the request URL as if it was a proper URL (eg wtv-home:/home) // Here, we just reassemble the request URL as if it was a proper URL (eg wtv-home:/home)
@@ -549,48 +550,52 @@ async function processURL(socket, request_headers) {
} }
} }
} }
// check security if (!socket.minisrv_pc_mode) {
if (!ssid_sessions[socket.ssid].isAuthorized(shortURL)) { // skip box auth tests for pc mode
// lockdown mode and URL not authorized
headers = "300 Unauthorized\n";
headers += "Location: " + minisrv_config.config.unauthorized_url + "\n";
headers += "minisrv-no-mail-count: true\n";
data = "";
sendToClient(socket, headers, data);
console.log(" * Lockdown rejected request for " + shortURL + " on socket ID", socket.id);
return;
}
if (ssid_sessions[socket.ssid].isRegistered() && !ssid_sessions[socket.ssid].isUserLoggedIn()) { // check security
if (!ssid_sessions[socket.ssid].isAuthorized(shortURL,'login')) { if (!ssid_sessions[socket.ssid].isAuthorized(shortURL)) {
// user is not fully logged in, and URL not authorized // lockdown mode and URL not authorized
headers = "300 Unauthorized\n"; headers = "300 Unauthorized\n";
headers += "Location: client:relogin\n"; headers += "Location: " + minisrv_config.config.unauthorized_url + "\n";
headers += "minisrv-no-mail-count: true\n"; headers += "minisrv-no-mail-count: true\n";
data = ""; data = "";
sendToClient(socket, headers, data); sendToClient(socket, headers, data);
console.log(" * Incomplete login rejected request for " + shortURL + " on socket ID", socket.id); console.log(" * Lockdown rejected request for " + shortURL + " on socket ID", socket.id);
return; return;
}
}
if (ssid_sessions[socket.ssid].get("wtv-my-disk-sucks-sucks-sucks")) {
if (!ssid_sessions[socket.ssid].baddisk) {
// psuedo lockdown, will unlock on the disk warning page, but prevents minisrv access until they read the error
ssid_sessions[socket.ssid].lockdown = true;
ssid_sessions[socket.ssid].baddisk = true;
} }
}
if (!ssid_sessions[socket.ssid].isUserLoggedIn() && !ssid_sessions[socket.ssid].isAuthorized(shortURL, 'login')) { if (ssid_sessions[socket.ssid].isRegistered() && !ssid_sessions[socket.ssid].isUserLoggedIn()) {
// lockdown mode and URL not authorized if (!ssid_sessions[socket.ssid].isAuthorized(shortURL, 'login')) {
headers = `300 Unauthorized // user is not fully logged in, and URL not authorized
headers = "300 Unauthorized\n";
headers += "Location: client:relogin\n";
headers += "minisrv-no-mail-count: true\n";
data = "";
sendToClient(socket, headers, data);
console.log(" * Incomplete login rejected request for " + shortURL + " on socket ID", socket.id);
return;
}
}
if (ssid_sessions[socket.ssid].get("wtv-my-disk-sucks-sucks-sucks")) {
if (!ssid_sessions[socket.ssid].baddisk) {
// psuedo lockdown, will unlock on the disk warning page, but prevents minisrv access until they read the error
ssid_sessions[socket.ssid].lockdown = true;
ssid_sessions[socket.ssid].baddisk = true;
}
}
if (!ssid_sessions[socket.ssid].isUserLoggedIn() && !ssid_sessions[socket.ssid].isAuthorized(shortURL, 'login')) {
// lockdown mode and URL not authorized
headers = `300 Unauthorized
Location: ${minisrv_config.config.unauthorized_url} Location: ${minisrv_config.config.unauthorized_url}
minisrv-no-mail-count: true`; minisrv-no-mail-count: true`;
data = ""; data = "";
sendToClient(socket, headers, data); sendToClient(socket, headers, data);
console.log(" * Rejected login bypass request for " + shortURL + " on socket ID", socket.id); console.log(" * Rejected login bypass request for " + shortURL + " on socket ID", socket.id);
return; return;
}
} }
// Check URL for :/, but not :// (to differentiate wtv urls) // Check URL for :/, but not :// (to differentiate wtv urls)
@@ -1228,6 +1233,12 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq
} }
} }
if (!socket.ssid) {
// process as pc service
processURL(socket, headers);
return;
}
if (!ssid_sessions[socket.ssid] || !socket.ssid) return headers; if (!ssid_sessions[socket.ssid] || !socket.ssid) return headers;
if (!ssid_sessions[socket.ssid].getClientAddress()) ssid_sessions[socket.ssid].setClientAddress(socket.remoteAddress); if (!ssid_sessions[socket.ssid].getClientAddress()) ssid_sessions[socket.ssid].setClientAddress(socket.remoteAddress);
ssid_sessions[socket.ssid].checkSecurity(); ssid_sessions[socket.ssid].checkSecurity();
@@ -1366,7 +1377,6 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq
return; return;
} }
} }
// handle POST // handle POST
if (headers['request'] && !socket_sessions[socket.id].expecting_post_data) { if (headers['request'] && !socket_sessions[socket.id].expecting_post_data) {
if (headers['request'].substring(0, 4) == "POST") { if (headers['request'].substring(0, 4) == "POST") {

16
zefie_wtvp_minisrv/package-lock.json generated
View File

@@ -1,12 +1,12 @@
{ {
"name": "zefie_wtvp_minisrv", "name": "zefie_wtvp_minisrv",
"version": "0.9.26", "version": "0.9.30",
"lockfileVersion": 2, "lockfileVersion": 2,
"requires": true, "requires": true,
"packages": { "packages": {
"": { "": {
"name": "zefie_wtvp_minisrv", "name": "zefie_wtvp_minisrv",
"version": "0.9.26", "version": "0.9.30",
"license": "GPL3", "license": "GPL3",
"dependencies": { "dependencies": {
"crypto-js": "^4.1.1", "crypto-js": "^4.1.1",
@@ -592,9 +592,9 @@
"integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==" "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ=="
}, },
"node_modules/postcss": { "node_modules/postcss": {
"version": "8.4.16", "version": "8.4.17",
"resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.16.tgz", "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.17.tgz",
"integrity": "sha512-ipHE1XBvKzm5xI7hiHCZJCSugxvsdq2mPnsq5+UF+VHCjiBvtDrlxJfMBToWaP9D5XlgNmcFGqoHmUn0EYEaRQ==", "integrity": "sha512-UNxNOLQydcOFi41yHNMcKRZ39NeXlr8AxGuZJsdub8vIb12fHzcq37DTU/QtbI6WLxNg2gF9Z+8qtRwTj1UI1Q==",
"funding": [ "funding": [
{ {
"type": "opencollective", "type": "opencollective",
@@ -1288,9 +1288,9 @@
"integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==" "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ=="
}, },
"postcss": { "postcss": {
"version": "8.4.16", "version": "8.4.17",
"resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.16.tgz", "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.17.tgz",
"integrity": "sha512-ipHE1XBvKzm5xI7hiHCZJCSugxvsdq2mPnsq5+UF+VHCjiBvtDrlxJfMBToWaP9D5XlgNmcFGqoHmUn0EYEaRQ==", "integrity": "sha512-UNxNOLQydcOFi41yHNMcKRZ39NeXlr8AxGuZJsdub8vIb12fHzcq37DTU/QtbI6WLxNg2gF9Z+8qtRwTj1UI1Q==",
"requires": { "requires": {
"nanoid": "^3.3.4", "nanoid": "^3.3.4",
"picocolors": "^1.0.0", "picocolors": "^1.0.0",

1
zefie_wtvp_minisrv/zefie_wtvp_minisrv.njsproj
View File

@@ -38,7 +38,6 @@
<Content Include="ServiceDeps\premade_tellyscripts\LC2\LC2_OpenISP_56k.tok" /> <Content Include="ServiceDeps\premade_tellyscripts\LC2\LC2_OpenISP_56k.tok" />
<Content Include="ServiceDeps\premade_tellyscripts\LC2\LC2_WTV_18006138199.detok.txt" /> <Content Include="ServiceDeps\premade_tellyscripts\LC2\LC2_WTV_18006138199.detok.txt" />
<Content Include="ServiceDeps\premade_tellyscripts\LC2\LC2_WTV_18006138199.tok" /> <Content Include="ServiceDeps\premade_tellyscripts\LC2\LC2_WTV_18006138199.tok" />
<Content Include="ServiceVault\http_pc\get.js" />
<Content Include="ServiceVault\http_pc\index.js" /> <Content Include="ServiceVault\http_pc\index.js" />
<Content Include="ServiceVault\wtv-1800\noflash.js" /> <Content Include="ServiceVault\wtv-1800\noflash.js" />
<Content Include="ServiceVault\wtv-1800\offer-open-isp-suggest.js" /> <Content Include="ServiceVault\wtv-1800\offer-open-isp-suggest.js" />