ouyang/ghproxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

25w29a

Browse Source
This commit is contained in:
wjqserver
2025-04-17 22:20:06 +08:00
parent 7e5b12dff8
commit dd2f5b5a12
7 changed files with 50 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/ISSUE_TEMPLATE/features_request.md vendored
View File

@@ -2,7 +2,7 @@
name: Features request name: Features request
about: 提出新功能建议 about: 提出新功能建议
title: "[Features]" title: "[Features]"
labels: enhancement labels: 改进
assignees: '' assignees: ''
--- ---

8
CHANGELOG.md
View File

@@ -1,5 +1,13 @@
# 更新日志 # 更新日志
25w29a - 2025-04-27
---
- PRE-RELEASE: 此版本是v3.0.3预发布版本,请勿在生产环境中使用;
- CHANGE: 增加移除部分header的处置, 避免向服务端/客户端透露过多信息
- FIX: 修正非预期的header操作行为
- CHANGE: 合并header相关逻辑, 避免多次操作
- CHANGE: 对editor模式下的input进行处置, 增加隐式关闭处理
3.0.2 - 2025-04-15 3.0.2 - 2025-04-15
--- ---
- CHANGE: 避免重复的re编译操作 - CHANGE: 避免重复的re编译操作

2
DEV-VERSION
View File

@@ -1 +1 @@
25w29t-1 25w29a

18
proxy/chunkreq.go
View File

@@ -13,7 +13,7 @@ import (
) )
var ( var (
headersToRemove = map[string]struct{}{ respHeadersToRemove = map[string]struct{}{
"Content-Security-Policy": {}, "Content-Security-Policy": {},
"Referrer-Policy": {}, "Referrer-Policy": {},
"Strict-Transport-Security": {}, "Strict-Transport-Security": {},
@@ -22,6 +22,17 @@ var (
"X-Served-By": {}, "X-Served-By": {},
"X-Fastly-Request-Id": {}, "X-Fastly-Request-Id": {},
} }
reqHeadersToRemove = map[string]struct{}{
"CF-IPCountry": {},
"CF-RAY": {},
"CF-Visitor": {},
"CF-Connecting-IP": {},
"CF-EW-Via": {},
"CDN-Loop": {},
"Upgrade": {},
"Connection": {},
}
) )
func ChunkedProxyRequest(ctx context.Context, c *app.RequestContext, u string, cfg *config.Config, matcher string) { func ChunkedProxyRequest(ctx context.Context, c *app.RequestContext, u string, cfg *config.Config, matcher string) {
@@ -42,8 +53,9 @@ func ChunkedProxyRequest(ctx context.Context, c *app.RequestContext, u string, c
HandleError(c, fmt.Sprintf("Failed to create request: %v", err)) HandleError(c, fmt.Sprintf("Failed to create request: %v", err))
return return
} }
setRequestHeaders(c, req) setRequestHeaders(c, req)
removeWSHeader(req) // 删除Conection Upgrade头, 避免与HTTP/2冲突(检查是否存在Upgrade头) //removeWSHeader(req) // 删除Conection Upgrade头, 避免与HTTP/2冲突(检查是否存在Upgrade头)
AuthPassThrough(c, cfg, req) AuthPassThrough(c, cfg, req)
resp, err = client.Do(req) resp, err = client.Do(req)
@@ -101,7 +113,7 @@ func ChunkedProxyRequest(ctx context.Context, c *app.RequestContext, u string, c
// 复制响应头,排除需要移除的 header // 复制响应头,排除需要移除的 header
for key, values := range resp.Header { for key, values := range resp.Header {
if _, shouldRemove := headersToRemove[key]; !shouldRemove { if _, shouldRemove := respHeadersToRemove[key]; !shouldRemove {
for _, value := range values { for _, value := range values {
c.Header(key, value) c.Header(key, value)
} }

4
proxy/gitreq.go
View File

@@ -43,7 +43,7 @@ func GitReq(ctx context.Context, c *app.RequestContext, u string, cfg *config.Co
return return
} }
setRequestHeaders(c, req) setRequestHeaders(c, req)
removeWSHeader(req) //removeWSHeader(req)
AuthPassThrough(c, cfg, req) AuthPassThrough(c, cfg, req)
resp, err = gitclient.Do(req) resp, err = gitclient.Do(req)
@@ -58,7 +58,7 @@ func GitReq(ctx context.Context, c *app.RequestContext, u string, cfg *config.Co
return return
} }
setRequestHeaders(c, req) setRequestHeaders(c, req)
removeWSHeader(req) //removeWSHeader(req)
AuthPassThrough(c, cfg, req) AuthPassThrough(c, cfg, req)
resp, err = client.Do(req) resp, err = client.Do(req)

9
proxy/match.go
View File

@@ -246,7 +246,7 @@ func extractParts(rawURL string) (string, string, string, url.Values, error) {
var urlPattern = regexp.MustCompile(`https?://[^\s'"]+`) var urlPattern = regexp.MustCompile(`https?://[^\s'"]+`)
// processLinks 处理链接,返回包含处理后数据的 io.Reader // processLinks 处理链接,返回包含处理后数据的 io.Reader
func processLinks(input io.Reader, compress string, host string, cfg *config.Config) (readerOut io.Reader, written int64, err error) { func processLinks(input io.ReadCloser, compress string, host string, cfg *config.Config) (readerOut io.Reader, written int64, err error) {
pipeReader, pipeWriter := io.Pipe() // 创建 io.Pipe pipeReader, pipeWriter := io.Pipe() // 创建 io.Pipe
readerOut = pipeReader readerOut = pipeReader
@@ -268,6 +268,13 @@ func processLinks(input io.Reader, compress string, host string, cfg *config.Con
} }
}() }()
defer func() {
if err := input.Close(); err != nil {
logError("input close failed: %v", err)
}
}()
var bufReader *bufio.Reader var bufReader *bufio.Reader
if compress == "gzip" { if compress == "gzip" {

15
proxy/reqheader.go
View File

@@ -6,13 +6,27 @@ import (
"github.com/cloudwego/hertz/pkg/app" "github.com/cloudwego/hertz/pkg/app"
) )
/*
// 设置请求头 // 设置请求头
func setRequestHeaders(c *app.RequestContext, req *http.Request) { func setRequestHeaders(c *app.RequestContext, req *http.Request) {
c.Request.Header.VisitAll(func(key, value []byte) { c.Request.Header.VisitAll(func(key, value []byte) {
req.Header.Set(string(key), string(value)) req.Header.Set(string(key), string(value))
}) })
} }
*/
func setRequestHeaders(c *app.RequestContext, req *http.Request) {
c.Request.Header.VisitAll(func(key, value []byte) {
headerKey := string(key)
headerValue := string(value)
if _, shouldRemove := reqHeadersToRemove[headerKey]; !shouldRemove {
req.Header.Set(headerKey, headerValue)
}
})
}
/*
// removeWSHeader removes the "Upgrade" and "Connection" headers from the given // removeWSHeader removes the "Upgrade" and "Connection" headers from the given
// Request, which are added by the client when it wants to upgrade the // Request, which are added by the client when it wants to upgrade the
// connection to a WebSocket connection. // connection to a WebSocket connection.
@@ -20,3 +34,4 @@ func removeWSHeader(req *http.Request) {
req.Header.Del("Upgrade") req.Header.Del("Upgrade")
req.Header.Del("Connection") req.Header.Del("Connection")
} }
*/