zefie/minisrv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test wildcard whitelist entries for http(s) proxy

Browse Source
This commit is contained in:
zefie
2022-03-18 15:16:00 -04:00
parent a91b57764d
commit e19d8892f8
1 changed files with 14 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
zefie_wtvp_minisrv/WTVClientSessionData.js
View File

@@ -49,7 +49,7 @@ class WTVClientSessionData {
"wtv-head-waiter:/ROMCache/UtilityBullet.gif", "wtv-head-waiter:/ROMCache/UtilityBullet.gif",
"wtv-head-waiter:/images/NameBanner.gif", "wtv-head-waiter:/images/NameBanner.gif",
"wtv-head-waiter:/bad-disk", "wtv-head-waiter:/bad-disk",
"wtv-log:/log", "wtv-log:/log"
]; ];
this.lockdownWhitelist.push(minisrv_config.config.unauthorized_url); this.lockdownWhitelist.push(minisrv_config.config.unauthorized_url);
this.lockdownWhitelist.push(minisrv_config.config.service_logo); this.lockdownWhitelist.push(minisrv_config.config.service_logo);
@@ -57,6 +57,8 @@ class WTVClientSessionData {
this.loginWhitelist = Object.assign([], this.lockdownWhitelist); // clone lockdown whitelist into login whitelist this.loginWhitelist = Object.assign([], this.lockdownWhitelist); // clone lockdown whitelist into login whitelist
this.loginWhitelist.push("wtv-head-waiter:/choose-user"); this.loginWhitelist.push("wtv-head-waiter:/choose-user");
this.loginWhitelist.push("wtv-head-waiter:/password"); this.loginWhitelist.push("wtv-head-waiter:/password");
this.loginWhitelist.push("http://*"); // allow http proxy without login
this.loginWhitelist.push("https://*"); // allow https proxy without login
} }
assignMailStore() { assignMailStore() {
@@ -721,12 +723,20 @@ class WTVClientSessionData {
switch (whitelist) { switch (whitelist) {
case "lockdown": case "lockdown":
Object.keys(this.lockdownWhitelist).forEach(function (k) { Object.keys(this.lockdownWhitelist).forEach(function (k) {
if (self.lockdownWhitelist[k].substring(0, url.length) == url) authorized = true; if (self.lockdownWhitelist[k].charAt(self.lockdownWhitelist[k].length - 1) == '*') {
if (self.lockdownWhitelist[k].substring(0, self.lockdownWhitelist[k].length - 1) == url.substring(0, self.lockdownWhitelist[k].length - 1)) authorized = true;
} else {
if (self.lockdownWhitelist[k].substring(0, url.length) == url) authorized = true;
}
}); });
break; break;
case "login": case "login":
Object.keys(this.loginWhitelist).forEach(function (k) { Object.keys(this.loginWhitelist).forEach(function (k) {
if (self.loginWhitelist[k].substring(0, url.length) == url) authorized = true; if (self.loginWhitelist[k].charAt(self.loginWhitelist[k].length - 1) == '*') {
if (self.loginWhitelist[k].substring(0, self.loginWhitelist[k].length - 1) == url.substring(0, self.loginWhitelist[k].length - 1)) authorized = true;
} else {
if (self.loginWhitelist[k].substring(0, url.length) == url) authorized = true;
}
}); });
break; break;
} }