zefie/minisrv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

more optimizations

Browse Source
This commit is contained in:
zefie
2025-08-06 15:21:33 -04:00
parent 931e96108b
commit f51c0b712f
4 changed files with 189 additions and 184 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
zefie_wtvp_minisrv/includes/classes/HTTPX.js
View File

@@ -1,13 +1,12 @@
// From https://stackoverflow.com/a/42019773
'use strict';
let net = require('net');
let http = require('http');
let https = require('https');
const net = require('net');
const http = require('http');
const https = require('https');
exports.createServer = (opts, handler) => {
let server = net.createServer(socket => {
const server = net.createServer(socket => {
socket.once('data', buffer => {
// Pause the socket
socket.pause();

74
zefie_wtvp_minisrv/includes/classes/WTVClientSessionData.js
View File

@@ -42,7 +42,7 @@ class WTVClientSessionData {
this.wtvmime = new WTVMime(minisrv_config);
this.lockdown = false;
this.ssid = ssid;
this.data_store = new Array();
this.data_store = [];
this.session_store = {};
this.lockdownWhitelist = minisrv_config.config.lockdownWhitelist;
this.lockdownWhitelist.push(minisrv_config.config.unauthorized_url);
@@ -90,7 +90,7 @@ class WTVClientSessionData {
clearUserSessionMemory() {
this.setUserLoggedIn(false);
this.data_store = new Array();
this.data_store = [];
this.session_store = {};
this.assignFavoriteStore();
this.assignMailStore()
@@ -98,7 +98,7 @@ class WTVClientSessionData {
switchUserID(user_id, update_mail = true, update_ticket = true, update_favorite = true) {
this.user_id = parseInt(user_id);
if (user_id != null) {
if (user_id !== null) {
this.loadSessionData();
if (this.isRegistered() && update_mail) this.assignMailStore();
if (this.isRegistered() && update_favorite) this.assignMailStore();
@@ -189,7 +189,7 @@ class WTVClientSessionData {
var self = this;
this.fs.readdirSync(master_directory).forEach(f => {
if (self.fs.lstatSync(master_directory + self.path.sep + f).isDirectory()) {
if (f.substr(0, 4) == "user") {
if (f.startsWith("user")) {
var user_file = this.path.resolve(master_directory + self.path.sep + f + self.path.sep + f + ".json");
if (self.fs.existsSync(user_file)) {
if (f == "user0") {
@@ -230,7 +230,7 @@ class WTVClientSessionData {
* @returns {string|boolean} Absolute path to the user's file store, or false if unregistered
*/
getUserStoreDirectory(subscriber = false, user_id = null) {
if (user_id == null) user_id = this.user_id;
if (user_id === null) user_id = this.user_id;
var userstore = this.getAccountStoreDirectory() + this.path.sep + this.ssid + this.path.sep;
if (!subscriber) userstore += "user" + user_id + this.path.sep;
return this.wtvshared.getAbsolutePath(userstore) + this.path.sep;
@@ -340,7 +340,7 @@ class WTVClientSessionData {
} catch (e) {
console.error(" # User File Store failed", e);
}
return (result === false) ? false : true;
return result !== false;
}
scrapbookExists() {
@@ -355,7 +355,7 @@ class WTVClientSessionData {
}
createScrapbook() {
if (this.scrapbookExists() === false) {
if (!this.scrapbookExists()) {
try {
if (!this.fs.existsSync(this.scrapbook_dir)) this.fs.mkdirSync(this.scrapbook_dir, { recursive: true });
return true;
@@ -365,18 +365,18 @@ class WTVClientSessionData {
}
scrapbookDir() {
if (this.scrapbookExists() === false) {
if (!this.scrapbookExists()) {
this.createScrapbook();
}
return this.scrapbook_dir;
}
listScrapbook() {
if (this.scrapbookExists() === false) {
if (!this.scrapbookExists()) {
this.createScrapbook();
}
const files = this.fs.readdirSync(this.scrapbook_dir);
const filteredFiles = files.sort(function(a, b) {
const filteredFiles = files.sort((a, b) => {
return a.localeCompare(b, undefined, {
numeric: true,
sensitivity: 'base'
@@ -386,15 +386,15 @@ class WTVClientSessionData {
}
getFreeScrapbookID() {
if (this.scrapbookExists() === false) {
if (!this.scrapbookExists()) {
this.createScrapbook();
}
var id = 1;
var files = this.fs.readdirSync(this.scrapbook_dir);
if (files.length == 0) {
if (files.length === 0) {
return id;
}
files = files.map(file => parseInt(file.substr(0, file.indexOf('.'))));
files = files.map(file => parseInt(file.slice(0, file.indexOf('.'))));
while (files.includes(id)) {
id++;
}
@@ -402,7 +402,7 @@ class WTVClientSessionData {
}
getScrapbookUsage() {
if (this.scrapbookExists() === false) {
if (!this.scrapbookExists()) {
this.createScrapbook();
}
var total_size = 0;
@@ -419,7 +419,7 @@ class WTVClientSessionData {
}
getScrapbookUsagePercent() {
if (this.scrapbookExists() === false) {
if (!this.scrapbookExists()) {
this.createScrapbook();
}
var total_size = this.getScrapbookUsage();
@@ -430,7 +430,7 @@ class WTVClientSessionData {
}
getScrapbookImage(id) {
if (this.scrapbookExists() === false) {
if (!this.scrapbookExists()) {
this.createScrapbook();
}
var file = this.scrapbook_dir + id;
@@ -441,7 +441,7 @@ class WTVClientSessionData {
}
getScrapbookImageType(id) {
if (this.scrapbookExists() === false) {
if (!this.scrapbookExists()) {
this.createScrapbook();
}
var file = this.scrapbook_dir + id + ".meta";
@@ -459,7 +459,7 @@ class WTVClientSessionData {
addToScrapbook(filename, contentType, data) {
try {
if (this.scrapbookExists() === false) {
if (!this.scrapbookExists()) {
this.createScrapbook();
}
var fileout = this.scrapbook_dir + filename;
@@ -546,7 +546,7 @@ class WTVClientSessionData {
else return false;
} else {
if (path && expires && data) {
var cookie_data = new Array();
var cookie_data = {};
cookie_data['cookie'] = unescape(data);
cookie_data['expires'] = unescape(expires);
cookie_data['path'] = unescape(path);
@@ -564,7 +564,7 @@ class WTVClientSessionData {
if (domain == self.session_store.cookies[k].domain && path == self.session_store.cookies[k].path) cookie_index = k;
});
// otherwise add a new one
if (cookie_index == -1) cookie_index = this.countCookies();
if (cookie_index === -1) cookie_index = this.countCookies();
this.session_store.cookies[cookie_index] = Object.assign({}, cookie_data);
@@ -582,7 +582,7 @@ class WTVClientSessionData {
var self = this;
var result = false;
Object.keys(this.session_store['cookies']).forEach(function (k) {
if (result != false) return;
if (result !== false) return;
if (self.session_store['cookies'][k].domain == domain &&
self.session_store['cookies'][k].path == path) {
@@ -728,7 +728,7 @@ class WTVClientSessionData {
getUserPasswordEnabled() {
if (!this.minisrv_config.config.passwords.enabled) return false; // master config override
var enabled = this.getSessionData("subscriber_password");
return (enabled != null && typeof enabled != undefined); // true if set, false if null/disabled
return (enabled !== null && typeof enabled !== 'undefined'); // true if set, false if null/disabled
}
validateUserPassword(passwd) {
@@ -846,7 +846,7 @@ class WTVClientSessionData {
nick = nick.replace(/[^a-zA-Z0-9\-\_\`\^]/g, "");
// limit nick length based on build support
nick = nick.substring(0, this.getMaxUsernameLength());
nick = nick.slice(0, this.getMaxUsernameLength());
// returns headers to send to client, while storing the new data in our session data.
this.data_store['wtv-user-name'] = nick;
@@ -877,7 +877,7 @@ class WTVClientSessionData {
setSessionData(key, value) {
if (key === null) throw ("ClientSessionData.setSessionData(): invalid key provided");
if (typeof (this.session_store) === 'undefined') this.session_store = new Array();
if (typeof (this.session_store) === 'undefined') this.session_store = {};
this.session_store[key] = value;
this.SaveIfRegistered();
}
@@ -898,7 +898,7 @@ class WTVClientSessionData {
set(key, value) {
if (key === null) throw ("ClientSessionData.set(): invalid key provided");
if (typeof (this.data_store) === 'undefined') this.data_store = new Array();
if (typeof (this.data_store) === 'undefined') this.data_store = [];
this.data_store[key] = value;
this.SaveIfRegistered();
}
@@ -957,7 +957,7 @@ class WTVClientSessionData {
};
var isInSubnet = function (ip, subnet) {
if (subnet.indexOf('/') == -1) {
if (!subnet.includes('/')) {
var mask, base_ip, long_ip = this.ip2long(ip);
var mask2, base_ip2, long_ip2 = this.ip2long(ip);
return (long_ip == long_ip2);
@@ -986,7 +986,7 @@ class WTVClientSessionData {
if (self.minisrv_config.config.ssid_ip_allow_list) {
if (self.minisrv_config.config.ssid_ip_allow_list[self.ssid]) {
Object.keys(self.minisrv_config.config.ssid_ip_allow_list[self.ssid]).forEach(function (k) {
if (self.minisrv_config.config.ssid_ip_allow_list[self.ssid][k].indexOf('/') > 0) {
if (self.minisrv_config.config.ssid_ip_allow_list[self.ssid][k].includes('/')) {
if (isInSubnet(self.clientAddress, self.minisrv_config.config.ssid_ip_allow_list[self.ssid][k])) {
// remoteAddr is in allowed subnet
ssid_access_list_ip_override = true;
@@ -1011,7 +1011,7 @@ class WTVClientSessionData {
// process whitelist first
if (self.ssid && self.minisrv_config.config.ssid_allow_list) {
var ssid_is_in_whitelist = self.minisrv_config.config.ssid_allow_list.findIndex(element => element == self.ssid);
if (ssid_is_in_whitelist == -1) {
if (ssid_is_in_whitelist === -1) {
// no whitelist match, but lets see if the remoteAddress is allowed
checkSSIDIPWhitelist(self.ssid, false);
}
@@ -1020,7 +1020,7 @@ class WTVClientSessionData {
// now check blacklist
if (self.ssid && self.minisrv_config.config.ssid_block_list) {
var ssid_is_in_blacklist = self.minisrv_config.config.ssid_block_list.findIndex(element => element == self.ssid);
if (ssid_is_in_blacklist != -1) {
if (ssid_is_in_blacklist !== -1) {
// blacklist match, but lets see if the remoteAddress is allowed
checkSSIDIPWhitelist(self.ssid, true);
}
@@ -1046,19 +1046,21 @@ class WTVClientSessionData {
switch (whitelist) {
case "lockdown":
Object.keys(this.lockdownWhitelist).forEach(function (k) {
if (self.lockdownWhitelist[k].charAt(self.lockdownWhitelist[k].length - 1) == '*') {
if (self.lockdownWhitelist[k].substring(0, self.lockdownWhitelist[k].length - 1) == url.substring(0, self.lockdownWhitelist[k].length - 1)) authorized = true;
if (self.lockdownWhitelist[k].endsWith('*')) {
const prefix = self.lockdownWhitelist[k].slice(0, -1);
if (url.startsWith(prefix)) authorized = true;
} else {
if (self.lockdownWhitelist[k].substring(0, url.length) == url) authorized = true;
if (url.startsWith(self.lockdownWhitelist[k])) authorized = true;
}
});
break;
case "login":
Object.keys(this.loginWhitelist).forEach(function (k) {
if (self.loginWhitelist[k].charAt(self.loginWhitelist[k].length - 1) == '*') {
if (self.loginWhitelist[k].substring(0, self.loginWhitelist[k].length - 1) == url.substring(0, self.loginWhitelist[k].length - 1)) authorized = true;
if (self.loginWhitelist[k].endsWith('*')) {
const prefix = self.loginWhitelist[k].slice(0, -1);
if (url.startsWith(prefix)) authorized = true;
} else {
if (self.loginWhitelist[k].substring(0, url.length) == url) authorized = true;
if (url.startsWith(self.loginWhitelist[k])) authorized = true;
}
});
break;
@@ -1099,7 +1101,7 @@ class WTVClientSessionData {
else
return "Sony";
else if (brandId == 1)
if (url && isPlus == true)
if (url && isPlus === true)
return "Philips-Plus";
else
return "Philips";

78
zefie_wtvp_minisrv/includes/classes/WTVSec.js
View File

@@ -1,8 +1,8 @@
const CryptoJS = require('crypto-js');
const endianness = require('endianness');
var RC4 = require('rc4-crypto');
var crypto = require('crypto');
var WTVShared = require("./WTVShared.js")['WTVShared'];
const RC4 = require('rc4-crypto');
const crypto = require('crypto');
const WTVShared = require("./WTVShared.js")['WTVShared'];
/**
* Javascript implementation of WTVP Security
@@ -26,7 +26,7 @@ class WTVSec {
session_key2 = null;
hRC4_Key1 = null;
hRC4_Key2 = null;
RC4Session = new Array();
RC4Session = [];
minisrv_config = [];
update_ticket = false;
wtvshared = null;
@@ -49,7 +49,7 @@ class WTVSec {
this.incarnation = wtv_incarnation;
this.current_shared_key = this.initial_shared_key;
} else {
throw ("Invalid initial key length");
throw new Error("Invalid initial key length");
}
}
@@ -58,7 +58,7 @@ class WTVSec {
* @param {Number} wtv_incarnation
*/
set_incarnation(wtv_incarnation) {
if (this.incarnation != wtv_incarnation) {
if (this.incarnation !== wtv_incarnation) {
this.incarnation = wtv_incarnation;
this.SecureOn();
}
@@ -68,7 +68,7 @@ class WTVSec {
* Increments the wtv-incaration for this instance by 1
*/
increment_incarnation() {
this.set_incarnation(parseInt(this.incarnation) + 1);
this.set_incarnation(Number(this.incarnation) + 1);
}
/**
@@ -86,21 +86,21 @@ class WTVSec {
*/
PrepareTicket() {
// store last challenge response in ticket
if (this.minisrv_config.config.debug_flags.debug) console.log(" * Preparing a new ticket with ticket_store:", this.ticket_store)
var ticket_data_raw = this.challenge_raw;
if (this.minisrv_config.config.debug_flags.debug) console.log(" * Preparing a new ticket with ticket_store:", this.ticket_store);
let ticket_data_raw = this.challenge_raw;
try {
var ticket_data = ticket_data_raw.toString(CryptoJS.enc.Hex) + CryptoJS.enc.Utf8.parse(JSON.stringify(this.ticket_store)).toString(CryptoJS.enc.Hex);
const ticket_data = ticket_data_raw.toString(CryptoJS.enc.Hex) + CryptoJS.enc.Utf8.parse(JSON.stringify(this.ticket_store)).toString(CryptoJS.enc.Hex);
ticket_data_raw = CryptoJS.enc.Hex.parse(ticket_data);
var ticket_data_enc = CryptoJS.DES.encrypt(ticket_data_raw, this.initial_shared_key, {
const ticket_data_enc = CryptoJS.DES.encrypt(ticket_data_raw, this.initial_shared_key, {
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.Pkcs7
});
// create a copy of WordArray since concat modifies the original
var challenge_signed_key = this.DuplicateWordArray(this.challenge_signed_key);
const challenge_signed_key = this.DuplicateWordArray(this.challenge_signed_key);
this.ticket_b64 = challenge_signed_key.concat(ticket_data_enc.ciphertext).toString(CryptoJS.enc.Base64);
} catch (e) {
console.log("Error encrypting ticket: " + e.toString());
console.log(`Error encrypting ticket: ${e}`);
return null;
}
return this.ticket_b64;
@@ -111,11 +111,11 @@ class WTVSec {
* @param {Base64} ticket_b64
*/
DecodeTicket(ticket_b64) {
var ticket_hex = CryptoJS.enc.Base64.parse(ticket_b64).toString(CryptoJS.enc.Hex);
var challenge_key = CryptoJS.enc.Hex.parse(ticket_hex.substring(0, 16));
var challenge_enc = CryptoJS.enc.Hex.parse(ticket_hex.substring(16));
const ticket_hex = CryptoJS.enc.Base64.parse(ticket_b64).toString(CryptoJS.enc.Hex);
const challenge_key = CryptoJS.enc.Hex.parse(ticket_hex.slice(0, 16));
const challenge_enc = CryptoJS.enc.Hex.parse(ticket_hex.slice(16));
var ticket_dec = CryptoJS.DES.decrypt(
const ticket_dec = CryptoJS.DES.decrypt(
{
ciphertext: challenge_enc
},
@@ -125,11 +125,11 @@ class WTVSec {
padding: CryptoJS.pad.Pkcs7
}
);
var data_offset = 216; // (108 * 2);
var challenge_code = ticket_dec.toString().substring(0, data_offset);
var challenge_code_b64 = CryptoJS.enc.Hex.parse(challenge_code).toString(CryptoJS.enc.Base64);
const data_offset = 216; // (108 * 2);
const challenge_code = ticket_dec.toString().slice(0, data_offset);
const challenge_code_b64 = CryptoJS.enc.Hex.parse(challenge_code).toString(CryptoJS.enc.Base64);
if ((ticket_dec.sigBytes * 2) >= challenge_code.length) {
var ticket_data_dec = CryptoJS.enc.Hex.parse(ticket_dec.toString().substring(data_offset)).toString(CryptoJS.enc.Utf8);
const ticket_data_dec = CryptoJS.enc.Hex.parse(ticket_dec.toString().slice(data_offset)).toString(CryptoJS.enc.Utf8);
this.ticket_store = this.wtvshared.tryDecodeJSON(ticket_data_dec);
} else {
this.ticket_store = {};
@@ -145,9 +145,9 @@ class WTVSec {
* @returns {any} The ticket data for the specified key, or null if not found
*/
getTicketData(key = null) {
if (typeof (this.ticket_store) === 'session_store') return null;
if (typeof this.ticket_store === 'session_store') return null;
else if (key === null) return this.ticket_store;
else if (typeof this.ticket_store[key] !== 'undefined') return this.ticket_store[key];
else if (key in this.ticket_store) return this.ticket_store[key];
else return null;
}
@@ -157,8 +157,8 @@ class WTVSec {
* @param {any} value The value to set for the specified key
*/
setTicketData(key, value) {
if (key === null) throw ("WTVSec.setTicketData(): invalid key provided");
if (typeof (this.ticket_store) === 'undefined') this.ticket_store = {};
if (!key) throw new Error("WTVSec.setTicketData(): invalid key provided");
if (!this.ticket_store) this.ticket_store = {};
this.ticket_store[key] = value;
if (this.ticket_b64) this.PrepareTicket();
this.update_ticket = true;
@@ -169,8 +169,8 @@ class WTVSec {
* @param {string} key The key of the ticket data to delete
*/
deleteTicketData(key) {
if (key === null) throw ("WTVSec.deleteTicketData(): invalid key provided");
if (typeof (this.ticket_store) === 'undefined') {
if (!key) throw new Error("WTVSec.deleteTicketData(): invalid key provided");
if (!this.ticket_store) {
this.ticket_store = {};
return;
}
@@ -194,8 +194,8 @@ class WTVSec {
}
const challenge_raw_hex = challenge_raw.toString(CryptoJS.enc.Hex);
const challenge_id_hex = challenge_raw_hex.substring(0, 16); // 8 bytes * 2
const challenge_enc = CryptoJS.enc.Hex.parse(challenge_raw_hex.substring(16));
const challenge_id_hex = challenge_raw_hex.slice(0, 16); // 8 bytes * 2
const challenge_enc = CryptoJS.enc.Hex.parse(challenge_raw_hex.slice(16));
const challenge_decrypted = CryptoJS.DES.decrypt(
{ ciphertext: challenge_enc },
@@ -204,18 +204,18 @@ class WTVSec {
);
const challenge_dec_hex = challenge_decrypted.toString(CryptoJS.enc.Hex);
const challenge_md5_challenge = CryptoJS.MD5(CryptoJS.enc.Hex.parse(challenge_dec_hex.substring(0, 160))).toString(CryptoJS.enc.Hex); // 80 bytes * 2
const challenge_md5_challenge = CryptoJS.MD5(CryptoJS.enc.Hex.parse(challenge_dec_hex.slice(0, 160))).toString(CryptoJS.enc.Hex); // 80 bytes * 2
if (challenge_dec_hex.substring(160, 192) !== challenge_md5_challenge) { // 96 bytes * 2
if (challenge_dec_hex.slice(160, 192) !== challenge_md5_challenge) { // 96 bytes * 2
return "";
}
this.current_shared_key = CryptoJS.enc.Hex.parse(challenge_dec_hex.substring(144, 160)); // 72 bytes * 2, 80 bytes * 2
const challenge_echo = CryptoJS.enc.Hex.parse(challenge_dec_hex.substr(0, 80)); // 40 bytes * 2
this.current_shared_key = CryptoJS.enc.Hex.parse(challenge_dec_hex.slice(144, 160)); // 72 bytes * 2, 80 bytes * 2
const challenge_echo = CryptoJS.enc.Hex.parse(challenge_dec_hex.slice(0, 80)); // 40 bytes * 2
// RC4 encryption keys. Stored in the wtv-ticket on the server side.
this.session_key1 = CryptoJS.enc.Hex.parse(challenge_dec_hex.substring(80, 112)); // 40 bytes * 2, 56 bytes * 2
this.session_key2 = CryptoJS.enc.Hex.parse(challenge_dec_hex.substring(112, 144)); // 56 bytes * 2, 72 bytes * 2
this.session_key1 = CryptoJS.enc.Hex.parse(challenge_dec_hex.slice(80, 112)); // 40 bytes * 2, 56 bytes * 2
this.session_key2 = CryptoJS.enc.Hex.parse(challenge_dec_hex.slice(112, 144)); // 56 bytes * 2, 72 bytes * 2
const echo_encrypted = CryptoJS.DES.encrypt(
CryptoJS.MD5(challenge_echo).concat(challenge_echo).concat(CryptoJS.enc.Utf8.parse("\x08".repeat(8))),
@@ -279,14 +279,14 @@ class WTVSec {
* @param {Number} rc4session Session Type (0 = enc k1, 1 = dec k1, 2 = enc k2, 3 = dec k2, default: all)
*/
SecureOn(rc4session = null) {
if (this.minisrv_config.config.debug_flags.debug) console.log(" # Generating RC4 sessions with wtv-incarnation: " + this.incarnation);
if (this.minisrv_config.config.debug_flags.debug) console.log(` # Generating RC4 sessions with wtv-incarnation: ${this.incarnation}`);
var buf = new Uint8Array([0xff & this.incarnation, 0xff & (this.incarnation >> 8), 0xff & (this.incarnation >> 16), 0xff & (this.incarnation >> 24)]);
const buf = new Uint8Array([0xff & this.incarnation, 0xff & (this.incarnation >> 8), 0xff & (this.incarnation >> 16), 0xff & (this.incarnation >> 24)]);
endianness(buf, 4);
this.hRC4_Key1 = CryptoJS.MD5(this.DuplicateWordArray(this.session_key1).concat(CryptoJS.lib.WordArray.create(buf).concat(this.DuplicateWordArray(this.session_key1))));
this.hRC4_Key2 = CryptoJS.MD5(this.DuplicateWordArray(this.session_key2).concat(CryptoJS.lib.WordArray.create(buf).concat(this.DuplicateWordArray(this.session_key2))));
var key1 = this.wtvshared.wordArrayToBuffer(this.hRC4_Key1);
var key2 = this.wtvshared.wordArrayToBuffer(this.hRC4_Key2);
const key1 = this.wtvshared.wordArrayToBuffer(this.hRC4_Key1);
const key2 = this.wtvshared.wordArrayToBuffer(this.hRC4_Key2);
const setRC4Session = (sessionIndex, key) => {
this.RC4Session[sessionIndex] = new RC4.RC4(key);
};

212
zefie_wtvp_minisrv/includes/classes/WTVShared.js
View File

@@ -30,22 +30,22 @@ class WTVShared {
* @notice If minisrv_config is null, it will attempt to read the configuration from the minisrv_config.json file
* */
constructor(minisrv_config, quiet = false) {
if (minisrv_config == null) this.minisrv_config = this.readMiniSrvConfig(true, !quiet);
if (minisrv_config === null || typeof minisrv_config === 'undefined') this.minisrv_config = this.readMiniSrvConfig(true, !quiet);
else this.minisrv_config = minisrv_config;
this.shenanigans = new WTVShenanigans(this.minisrv_config);
if (!String.prototype.reverse) {
String.prototype.reverse = function () {
var splitString = this.split("");
var reverseArray = splitString.reverse();
const splitString = this.split("");
const reverseArray = splitString.reverse();
return reverseArray.join("");
}
}
if (!String.prototype.hexEncode) {
String.prototype.hexEncode = function () {
var result = '';
for (var i = 0; i < this.length; i++) {
let result = '';
for (let i = 0; i < this.length; i++) {
result += this.charCodeAt(i).toString(16);
}
return result;
@@ -59,7 +59,7 @@ class WTVShared {
* @returns {Buffer} JS Buffer object
*/
wordArrayToBuffer(wordArray) {
if (wordArray) return new Buffer.from(wordArray.toString(CryptoJS.enc.Hex), 'hex');
if (wordArray) return Buffer.from(wordArray.toString(CryptoJS.enc.Hex), 'hex');
else return null;
}
@@ -92,12 +92,12 @@ class WTVShared {
* @returns {number} The long integer representation of the IP address, or -1 if the IP address is invalid
*/
ip2long(ip) {
var components;
let components;
if (components = ip.match(/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/)) {
var iplong = 0;
var power = 1;
for (var i = 4; i >= 1; i -= 1) {
iplong += power * parseInt(components[i]);
let iplong = 0;
let power = 1;
for (let i = 4; i >= 1; i -= 1) {
iplong += power * parseInt(components[i], 10);
power *= 256;
}
return iplong;
@@ -112,15 +112,19 @@ class WTVShared {
* @returns {boolean} True if the IP address is in the subnet, false otherwise
*/
isInSubnet(ip, subnet) {
if (subnet.indexOf('/') == -1) {
var mask, base_ip, long_ip = this.ip2long(ip);
var mask2, base_ip2, long_ip2 = this.ip2long(ip);
return (long_ip == long_ip2);
if (!subnet.includes('/')) {
const long_ip = this.ip2long(ip);
const long_subnet = this.ip2long(subnet);
return long_ip === long_subnet;
} else {
var mask, base_ip, long_ip = this.ip2long(ip);
if ((mask = subnet.match(/^(.*?)\/(\d{1,2})$/)) && ((base_ip = this.ip2long(mask[1])) >= 0)) {
var freedom = Math.pow(2, 32 - parseInt(mask[2]));
return (long_ip > base_ip) && (long_ip < base_ip + freedom - 1);
const long_ip = this.ip2long(ip);
const mask = subnet.match(/^(.*?)\/(\d{1,2})$/);
if (mask && mask[1]) {
const base_ip = this.ip2long(mask[1]);
if (base_ip >= 0) {
const freedom = 2 ** (32 - parseInt(mask[2], 10));
return (long_ip >= base_ip) && (long_ip <= base_ip + freedom - 1);
}
}
}
return false;
@@ -162,7 +166,7 @@ class WTVShared {
* @returns {Object} The decoded JSON object, or an empty object if decoding fails.
*/
tryDecodeJSON(json_string) {
var out;
let out;
try {
out = JSON.parse(json_string);
} catch (e) {
@@ -209,7 +213,7 @@ class WTVShared {
let crc = 0;
for (let i = 0; i < 14; i += 2) {
let inbyte = parseInt(ssid.substring(i, i + 2), 16);
let inbyte = parseInt(ssid.slice(i, i + 2), 16);
if (isNaN(inbyte)) return '00';
for (let ii = 0; ii < 8; ii++) {
@@ -240,7 +244,7 @@ class WTVShared {
* @returns {string} The parsed string
*/
parseConfigVars(s) {
if (s.indexOf("%ServiceDeps%") >= 0)
if (s.includes("%ServiceDeps%"))
return this.getServiceDep(s.replace("%ServiceDeps%", ""), true);
else
return s;
@@ -279,11 +283,11 @@ class WTVShared {
} else if (src instanceof Date) {
return new Date(src.getTime());
} else if (typeof src === 'object' && src !== null) {
var clone = null;
let clone = null;
if (Array.isArray(src)) clone = [];
else clone = {};
var self = this;
const self = this;
Object.keys(src).forEach((k) => {
clone[k] = self.cloneObj(src[k]);
});
@@ -298,10 +302,9 @@ class WTVShared {
* @param {string} service_name (optional) Service to check
*/
isAdmin(wtvclient, service_name = "wtv-admin") {
var WTVAdmin = require("./WTVAdmin.js");
var wtva = new WTVAdmin(this.minisrv_config, wtvclient, service_name);
var result = wtva.isAuthorized(true);
wtva, WTVAdmin = null;
const WTVAdmin = require("./WTVAdmin.js");
const wtva = new WTVAdmin(this.minisrv_config, wtvclient, service_name);
const result = wtva.isAuthorized(true);
return result;
}
@@ -360,7 +363,7 @@ class WTVShared {
// for easy retrofitting old code to work with the webtvism of allowing multiple of the same query name
// pass it the query, and it will return a string regardless. if its a string it just sends it back
// if its an array we just pull the last object
if (typeof (query) === "object")
if (typeof query === "object")
return query[(Object.keys(query).length - 1)];
else
return query
@@ -379,7 +382,7 @@ class WTVShared {
}
// Directly replace &, <, >, ", and ' characters
let entitized = string.replace(/[&<>"]/g, function (match) {
let entitized = string.replace(/[&<>"]/g, (match) => {
switch (match) {
case '&': return '&amp;';
case '<': return '&lt;';
@@ -404,11 +407,11 @@ class WTVShared {
* @returns {string} Sanitized string
*/
sanitizeSignature(string) {
var allowedSchemes = ['http', 'https', 'ftp', 'mailto'];
var self = this;
const allowedSchemes = ['http', 'https', 'ftp', 'mailto'];
const self = this;
// allow links to services flagged as "wideopen"
Object.keys(this.minisrv_config.services).forEach((k) => {
var flag = parseInt(this.minisrv_config.services[k].flags, 16);
const flag = parseInt(this.minisrv_config.services[k].flags, 16);
if (flag === 4 || flag === 7) {
if (!allowedSchemes.includes(k)) allowedSchemes.push(k);
}
@@ -434,12 +437,12 @@ class WTVShared {
allowedSchemes: allowedSchemes,
allowedSchemesByTag: {},
allowedSchemesAppliedToAttributes: ['href', 'src', 'cite'],
exclusiveFilter: function (frame) {
var allowed = true;
exclusiveFilter: (frame) => {
let allowed = true;
Object.keys(frame.attribs).forEach((k) => {
if (k == "href" || k == "background" || k == "src") {
allowed = false;
var value = frame.attribs[k];
const value = frame.attribs[k];
if (frame.tag !== "a") {
// check everything except normal links
@@ -473,33 +476,33 @@ class WTVShared {
* @return {object} Headers object
*/
headerStringToObj(headers, response = false) {
var inc_headers = 0;
var headers_obj = {};
let inc_headers = 0;
const headers_obj = {};
headers_obj.raw_headers = headers;
var headers_obj_pre = headers.split("\n");
headers_obj_pre.forEach(function (d) {
const headers_obj_pre = headers.split("\n");
headers_obj_pre.forEach((d) => {
if (/^SECURE ON/.test(d) && !response) {
headers_obj.secure = true;
} else if (/^([0-9]{3}) $/.test(d.substring(0, 4)) && response && !headers_obj.Status) {
} else if (/^([0-9]{3}) $/.test(d.slice(0, 4)) && response && !headers_obj.Status) {
d.s
headers_obj.Status = d.trim("\r");
} else if (/^(GET |PUT |POST)$/.test(d.substring(0, 4)) && !response) {
} else if (/^(GET |PUT |POST)$/.test(d.slice(0, 4)) && !response) {
headers_obj.request = d.trim("\r");
var request_url = d.split(' ');
let request_url = d.split(' ');
if (request_url.length > 2) {
request_url.shift();
request_url = request_url.join(" ");
if (request_url.indexOf("HTTP/") > 0) {
var index = request_url.indexOf(" HTTP/");
request_url = request_url.substring(0, index);
const index = request_url.indexOf(" HTTP/");
request_url = request_url.slice(0, index);
}
} else {
request_url = request_url[1];
}
headers_obj.request_url = decodeURI(request_url).trim("\r");
} else if (d.indexOf(":") > 0) {
var d_split = d.split(':');
var header_name = d_split[0];
const d_split = d.split(':');
let header_name = d_split[0];
if (headers_obj[header_name] != null) {
header_name = header_name + "_" + inc_headers;
inc_headers++;
@@ -507,8 +510,8 @@ class WTVShared {
d_split.shift();
d = d_split.join(':');
headers_obj[header_name] = (d).trim("\r");
if (headers_obj[header_name].substring(0, 1) == " ") {
headers_obj[header_name] = headers_obj[header_name].substring(1);
if (headers_obj[header_name].startsWith(" ")) {
headers_obj[header_name] = headers_obj[header_name].slice(1);
}
}
});
@@ -522,17 +525,17 @@ class WTVShared {
* @returns {object} // Headers object with only whitelisted headers
*/
stripHeaders(headers_obj, whitelist) {
var whitelisted_headers = new Array();
var out_headers = new Array();
const whitelisted_headers = [];
const out_headers = [];
out_headers.Status = headers_obj.Status;
if (headers_obj['wtv-connection-close']) out_headers['wtv-connection-close'] = headers_obj['wtv-connection-close'];
// compare regardless of case
Object.keys(whitelist).forEach(function (k) {
Object.keys(headers_obj).forEach(function (j) {
if (whitelist[k].toLowerCase() == j.toLowerCase()) {
Object.keys(whitelist).forEach((k) => {
Object.keys(headers_obj).forEach((j) => {
if (whitelist[k].toLowerCase() === j.toLowerCase()) {
// if header = connection, strip 'upgrade'
if (j.toLowerCase() == "connection") {
if (j.toLowerCase() === "connection") {
headers_obj[j] = headers_obj[j].replace("Upgrade", "").replace(",", "").trim();
}
whitelisted_headers[j.toLowerCase()] = [whitelist[k], j, headers_obj[j]];
@@ -541,9 +544,9 @@ class WTVShared {
});
// restore original header order
Object.keys(headers_obj).forEach(function (k) {
Object.keys(headers_obj).forEach((k) => {
if (whitelisted_headers[k.toLowerCase()]) {
if (whitelisted_headers[k.toLowerCase()][1] == k) out_headers[whitelisted_headers[k.toLowerCase()][0]] = whitelisted_headers[k.toLowerCase()][2];
if (whitelisted_headers[k.toLowerCase()][1] === k) out_headers[whitelisted_headers[k.toLowerCase()][0]] = whitelisted_headers[k.toLowerCase()][2];
}
});
@@ -712,15 +715,15 @@ class WTVShared {
};
const ssid_obj = {
boxType: boxTypeMapping[ssid.substring(0, 2)],
unique_id: ssid.substring(2, 8),
region: regionMapping[ssid.substring(10, 14).toUpperCase()],
manufacturer: manufacturerMapping[ssid.substring(8, 10).toUpperCase()],
crc: ssid.substring(14)
boxType: boxTypeMapping[ssid.slice(0, 2)],
unique_id: ssid.slice(2, 8),
region: regionMapping[ssid.slice(10, 14).toUpperCase()],
manufacturer: manufacturerMapping[ssid.slice(8, 10).toUpperCase()],
crc: ssid.slice(14)
};
// Special case for manufacturer based on region
if (ssid_obj.region === "Japan" && ssid.substring(8, 10).toUpperCase() === "00") {
if (ssid_obj.region === "Japan" && ssid.slice(8, 10).toUpperCase() === "00") {
ssid_obj.manufacturer = "Panasonic";
}
@@ -734,7 +737,7 @@ class WTVShared {
* @return {string}
*/
getManufacturer(ssid, bit = false) {
if (bit) return ssid.substring(8, 10).toUpperCase();
if (bit) return ssid.slice(8, 10).toUpperCase();
else return this.parseSSID(ssid).manufacturer || null;
}
@@ -930,7 +933,7 @@ class WTVShared {
* @param {string} file Path to a file
*/
getFileLastModified(file) {
var stats = this.fs.lstatSync(file);
const stats = this.fs.lstatSync(file);
if (stats) return new Date(stats.mtimeMs);
return false;
}
@@ -1026,7 +1029,7 @@ class WTVShared {
for (let i = 0; i < encoded.length; i++) {
if (encoded[i] === '%') {
decoded[bufferIndex++] = parseInt(encoded.substr(i + 1, 2), 16);
decoded[bufferIndex++] = parseInt(encoded.slice(i + 1, i + 3), 16);
i += 2; // Skip the next two characters
} else {
decoded[bufferIndex++] = encoded.charCodeAt(i);
@@ -1059,7 +1062,7 @@ class WTVShared {
* @param {string|Array} obj SSID String or Headers Object
*/
filterSSID(obj) {
var new_obj = false;
let new_obj = false;
if (this.minisrv_config.config.hide_ssid_in_logs) {
if (typeof obj === "string") {
return this.censorSSID(obj);
@@ -1081,7 +1084,7 @@ class WTVShared {
* */
filterRequestLog(obj) {
const passwordRegex = /(^pass$|passw(or)?d)/i;
var newobj = this.cloneObj(obj); // Clone the object once at the beginning
const newobj = this.cloneObj(obj); // Clone the object once at the beginning
if (newobj.query) {
Object.keys(newobj.query).forEach((k) => {
@@ -1151,7 +1154,7 @@ class WTVShared {
* @param {string} directory Root directory
*/
getAbsolutePath(path = '', directory = '.') {
if (directory[0] == "/" || directory.substr(1, 2) == ":" + this.path.sep) {
if (directory[0] == "/" || directory.slice(1, 3) == ":" + this.path.sep) {
return this.path.resolve(directory + this.path.sep + path);
}
try {
@@ -1196,7 +1199,7 @@ class WTVShared {
* @return {string} path without gz, or unmodified path if it isnt a gz
*/
getFilePath(path) {
var path_split = path.split(this.path.sep);
const path_split = path.split(this.path.sep);
path_split.pop();
return path_split.join(this.path.sep);
}
@@ -1266,14 +1269,14 @@ class WTVShared {
getServiceString(service, overrides = {}) {
// used externally by service scripts
if (service === "all") {
var self = this;
var out = "";
Object.keys(this.minisrv_config.services).sort().forEach(function (k) {
const self = this;
let out = "";
Object.keys(this.minisrv_config.services).sort().forEach((k) => {
if (!self.isConfiguredService(k)) return true;
if (self.minisrv_config.services[k].pc_services) return true;
if (overrides.exceptions) {
Object.keys(overrides.exceptions).forEach(function (j) {
Object.keys(overrides.exceptions).forEach((j) => {
if (k != overrides.exceptions[j]) out += self.minisrv_config.services[k].toString(overrides) + "\n";
});
} else {
@@ -1283,7 +1286,7 @@ class WTVShared {
return out;
} else {
if (!this.minisrv_config.services[service]) {
throw ("SERVICE ERROR: Attempted to provision unconfigured service: " + service)
throw new Error("SERVICE ERROR: Attempted to provision unconfigured service: " + service);
} else {
return this.minisrv_config.services[service].toString(overrides);
}
@@ -1296,12 +1299,12 @@ class WTVShared {
* @returns [headers, data]
*/
doRedirect(url) {
var headers = []
const headers = [];
headers['Status'] = "302 Moved";
headers["Location"] = url;
headers["wtv-visit"] = url;
var data = ''
return [headers, data]
const data = '';
return [headers, data];
}
/**
@@ -1318,7 +1321,7 @@ class WTVShared {
const message = data || errorMessage.replace(/\$\{(\w+)\}/g, (match, p1) => minisrv_config.config[p1] || '');
if (details && [400, 500].includes(code)) {
data += "<br>Details:<br>" + details;
data += `<br>Details:<br>${details}`;
}
let headers = `Status: ${(pc_mode) ? 'HTTP/1.1' : ''} ${code} ${message}\n`;
@@ -1342,14 +1345,15 @@ class WTVShared {
* @param {string} target Sub path
*/
makeSafePath(base, target = null, force_forward_slash = false) {
let output = null;
if (target) {
target.replace(/[\|\&\;\$\%\@\"\<\>\+\,\\]/g, "");
var targetPath = this.path.posix.normalize(target)
var output = this.fixPathSlashes(base + this.path.sep + targetPath);
const targetPath = this.path.posix.normalize(target)
output = this.fixPathSlashes(base + this.path.sep + targetPath);
} else {
base.replace(/[\|\&\;\$\%\@\"\<\>\+\,\\]/g, "");
var targetPath = this.path.posix.normalize(base)
var output = this.fixPathSlashes(targetPath);
const targetPath = this.path.posix.normalize(base)
output = this.fixPathSlashes(targetPath);
}
return (force_forward_slash) ? output.replace(this.path.sep, '/') : output;
}
@@ -1384,7 +1388,7 @@ class WTVShared {
*/
makeSafeSSID(ssid = "") {
ssid = ssid.replace(/[^a-zA-Z0-9]/g, "");
if (ssid.length == 0) ssid = null;
if (ssid.length === 0) ssid = null;
return ssid;
}
@@ -1395,7 +1399,7 @@ class WTVShared {
* */
makeSafeStringPath(path = "") {
path = path.replace(/[^\w]/g, "").replace(/\.\./g, "");
if (path.length == 0) path = null;
if (path.length === 0) path = null;
return path;
}
@@ -1405,7 +1409,7 @@ class WTVShared {
* @returns {string} Uncompressed string
* */
unpackCompressedB64(data) {
var data_buf = (typeof data === 'object') ? Buffer.from(data.toString('ascii'), 'base64') : Buffer.from(data, 'base64');
const data_buf = (typeof data === 'object') ? Buffer.from(data.toString('ascii'), 'base64') : Buffer.from(data, 'base64');
return this.zlib.inflateSync(data_buf, { finishFlush: this.zlib.Z_SYNC_FLUSH }).toString('ascii');
}
@@ -1425,14 +1429,14 @@ class WTVShared {
* @param {boolean} template If true, looks under templates subdir.
*/
getServiceDep(file, path_only = false, template = false) {
var self = this;
var outdata = null;
var found = false
this.minisrv_config.config.ServiceDeps.forEach(function (dep_vault_dir) {
const self = this;
let outdata = null;
let found = false
this.minisrv_config.config.ServiceDeps.forEach((dep_vault_dir) => {
if (found) return;
if (template) dep_vault_dir += self.path.sep + "templates";
var search = self.getAbsolutePath(file, dep_vault_dir);
const search = self.getAbsolutePath(file, dep_vault_dir);
if (self.fs.existsSync(search)) {
if (path_only) outdata = search;
else outdata = self.fs.readFileSync(search);
@@ -1482,10 +1486,10 @@ class WTVShared {
let keys = Object.keys(obj);
let values = Object.values(obj);
const currentIndex = typeof currentKey === 'string' ? this.findObjectKeyIndex(currentKey, obj, case_insensitive) : parseInt(currentKey);
const currentIndex = typeof currentKey === 'string' ? this.findObjectKeyIndex(currentKey, obj, case_insensitive) : +currentKey;
if (currentIndex === -1) return obj;
var destIndex = typeof destKey === 'string' ? this.findObjectKeyIndex(destKey, obj, case_insensitive) : parseInt(destKey);
let destIndex = typeof destKey === 'string' ? this.findObjectKeyIndex(destKey, obj, case_insensitive) : +destKey;
// Bump by one if the destKey is a string (put after the key)
if (typeof destKey === 'string' && destIndex !== -1) destIndex++;
@@ -1555,9 +1559,9 @@ class clientShowAlert {
if (typeof image === 'object') {
this.image = null;
Object.keys(image).forEach(function (k) {
Object.keys(image).forEach((k) => {
if (this[k] === null) this[k] = image[k];
}, this);
});
} else {
this.image = image;
}
@@ -1568,16 +1572,16 @@ class clientShowAlert {
* @returns {string} client:showalert URL
*/
getURL() {
var url = "client:ShowAlert?";
if (this.message) url += "message=" + escape(this.message) + "&";
if (this.buttonlabel1) url += "buttonlabel1=" + escape(this.buttonlabel1) + "&";
if (this.buttonaction1) url += "buttonaction1=" + escape(this.buttonaction1) + "&";
if (this.buttonlabel2) url += "buttonlabel2=" + escape(this.buttonlabel2) + "&";
if (this.buttonaction2) url += "buttonaction2=" + escape(this.buttonaction2) + "&";
if (this.image) url += "image=" + escape(this.image) + "&";
if (this.sound) url += "sound=" + escape(this.sound) + "&";
let url = "client:ShowAlert?";
if (this.message) url += `message=${escape(this.message)}&`;
if (this.buttonlabel1) url += `buttonlabel1=${escape(this.buttonlabel1)}&`;
if (this.buttonaction1) url += `buttonaction1=${escape(this.buttonaction1)}&`;
if (this.buttonlabel2) url += `buttonlabel2=${escape(this.buttonlabel2)}&`;
if (this.buttonaction2) url += `buttonaction2=${escape(this.buttonaction2)}&`;
if (this.image) url += `image=${escape(this.image)}&`;
if (this.sound) url += `sound=${escape(this.sound)}&`;
if (this.noback) url += "noback=true&";
return url.substring(0, url.length - 1);
return url.slice(0, -1);
}
}