CFC-Servers/cfc_cl_http_whitelist
1
0
Fork 0
mirror of https://github.com/CFC-Servers/cfc_cl_http_whitelist.git synced 2025-03-04 03:03:18 -05:00
Code Issues Projects Releases Activity

readd noisy domain functionality

Browse Source
This commit is contained in:
Pierce 2022-08-20 16:15:19 -04:00
parent cd881d762d
commit 1e0264c600
No known key found for this signature in database
GPG Key ID: EC79465B0E865E47
4 changed files with 72 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -1,7 +1,9 @@
# cfc_cl_http_whitelist
## Configuring
Configuration is loaded from lua files in files in the data folder on the client
You can create files in lua/cfc_http_restrictions/configs to add your own default domains to your server
Configuration is loaded from lua files and a data file on in the clients data folder
Each config thats loaded will overwrite values in the previous config, unless permanent=true is set on that config option
Configuration load order on client

61
lua/cfc_http_restrictions/client/list_manager.lua
View File

@ -1,42 +1,47 @@
CFCHTTP = CFCHTTP or {}
AddressCache = {}
ParsedAddressCache = {}
local parsedAddressCache = {}
function CFCHTTP.getAddress( url )
local cached = ParsedAddressCache[url]
local cached = parsedAddressCache[url]
if cached then return cached end
local pattern = "(%a+)://([%a%d%.-]+):?(%d*)/?.*"
local _, _, protocol, addr, port = string.find( url, pattern )
ParsedAddressCache[url] = addr
parsedAddressCache[url] = addr
return addr
end
function CFCHTTP.isAssetURI(url)
return string.StartWith(url, "asset://")
end
-- escapes all lua pattern characters and allows the use of * as a wildcard
local escaped = {}
local escapedCache = {}
local function escapeAddr( addr )
if escaped[addr] then return escaped[addr] end
if escapedCache[addr] then return escapedCache[addr] end
local split = string.Split( addr, "*" )
for i=1, #split do
split[i] = string.PatternSafe( split[i] )
end
escaped[addr] = table.concat( split, ".*" )
return escaped[addr]
escapedCache[addr] = table.concat( split, ".*" )
return escapedCache[addr]
end
function CFCHTTP.checkAllowed( url )
function CFCHTTP.getOptionsForURI(url)
if not url then return end
if CFCHTTP.isAssetURI(url) then return CFCHTTP.config.defaultAssetURIConfig end
local address = CFCHTTP.getAddress( url )
if not address then return end
local options = CFCHTTP.config.addresses[address]
if options and not options.pattern then
return options.allowed
return options
end
for allowedAddr, options in pairs( CFCHTTP.config.addresses) do
@ -45,19 +50,36 @@ function CFCHTTP.checkAllowed( url )
end
if string.match( address, "^"..allowedAddr.."$" ) then
return options.allowed
return options
end
end
end
function CFCHTTP.isAllowed( url )
local cached = AddressCache[url]
if cached ~= nil then return cached end
-- TODO reimmplement caching
function CFCHTTP.getOptionsForURI(url)
if not url then return CFCHTTP.config.defaultOptions end
local isAllowed = CFCHTTP.checkAllowed( url )
AddressCache[url] = isAllowed
if CFCHTTP.isAssetURI(url) then return CFCHTTP.config.defaultAssetURIOptions end
return isAllowed
local address = CFCHTTP.getAddress( url )
if not address then return CFCHTTP.config.defaultOptions end
local options = CFCHTTP.config.addresses[address]
if options and not options.pattern then
return options
end
for allowedAddr, options in pairs( CFCHTTP.config.addresses) do
if not options.pattern then
options = escapeAddr( allowedAddr )
end
if string.match( address, "^"..allowedAddr.."$" ) then
return options
end
end
return CFCHTTP.config.defaultOptions
end
-- file based config functions
@ -72,8 +94,6 @@ function CFCHTTP.allowAddress( addr )
allowed=true,
}
AddressCache = {}
return true
end
@ -88,8 +108,6 @@ function CFCHTTP.blockAddress( addr )
allowed=false,
}
AddressCache = {}
return true
end
@ -100,7 +118,6 @@ function CFCHTTP.removeAddress( addr )
end
CFCHTTP.config.addresses[addr] = nil
AddressCache = {}
return true
end

36
lua/cfc_http_restrictions/client/wrap_functions.lua
View File

@ -1,8 +1,6 @@
local shouldLogAllows = CreateConVar( "cfc_http_restrictions_log_allows", 1, FCVAR_ARCHIVE, "Should the HTTP restrictions log allowed HTTP requests?", 0, 1 )
local shouldLogBlocks = CreateConVar( "cfc_http_restrictions_log_blocks", 1, FCVAR_ARCHIVE, "Should the HTTP restrictions log blocked HTTP requests?", 0, 1 )
local verboseLogging = CreateConVar( "cfc_http_restrictions_log_verbose", 0, FCVAR_ARCHIVE, "Should the HTTP restrictions log include verbose messages?", 0, 1 )
local getAddress = CFCHTTP.getAddress
local noisyDomains = CFCHTTP.noisyDomains
local COLORS = {
RED = Color( 255, 0, 0 ),
@ -11,7 +9,7 @@ local COLORS = {
YELLOW = Color( 235, 226, 52 )
}
local function logRequest( method, url, fileLocation, allowed )
local function logRequest( method, url, fileLocation, allowed, noisy )
if allowed and not shouldLogAllows:GetBool() then return end
if not shouldLogBlocks:GetBool() then return end
@ -20,8 +18,8 @@ local function logRequest( method, url, fileLocation, allowed )
local requestColor = allowed and COLORS.GREEN or COLORS.RED
if isVerbose == false then
local address = getAddress( url )
if noisyDomains[address] then return end
local address = CFCHTTP.getAddress( url )
if noisy then return end
url = address
end
@ -44,9 +42,12 @@ local function wrapHTTP()
print( "HTTP wrapped, original function at '_G._HTTP'" )
HTTP = function( req )
local isAllowed = CFCHTTP.isAllowed( req.url )
local options = CFCHTTP.getOptionsForURI(req.url)
local isAllowed = options and options.allowed
local noisy = options and options.noisy
local stack = string.Split(debug.traceback(), "\n")
logRequest( req.method, req.url, stack[3], isAllowed )
logRequest( req.method, req.url, stack[3], isAllowed, noisy)
local onFailure = req.failed
if not isAllowed then
if onFailure then onFailure( "URL is not whitelisted" ) end
@ -61,9 +62,12 @@ local function wrapFetch()
print( "http.Fetch wrapped, original function at '_http_Fetch'" )
http.Fetch = function( url, onSuccess, onFailure, headers )
local isAllowed = CFCHTTP.isAllowed( url )
local options = CFCHTTP.getOptionsForURI(url)
local isAllowed = options and options.allowed
local noisy = options and options.noisy
local stack = string.Split(debug.traceback(), "\n")
logRequest( "GET", url, stack[3], isAllowed )
logRequest( "GET", url, stack[3], isAllowed, noisy )
if not isAllowed then
if onFailure then onFailure( "URL is not whitelisted" ) end
return
@ -78,9 +82,12 @@ local function wrapPost()
print( "http.Post wrapped, original function at '_http_Post'" )
http.Post = function( url, params, onSuccess, onFailure, headers )
local isAllowed = CFCHTTP.isAllowed( url )
local options = CFCHTTP.getOptionsForURI(url)
local isAllowed = options and options.allowed
local noisy = options and options.noisy
local stack = string.Split(debug.traceback(), "\n")
logRequest( "POST", url, stack[3], isAllowed )
logRequest( "POST", url, stack[3], isAllowed, noisy )
if not isAllowed then
if onFailure then onFailure( "URL is not whitelisted" ) end
return
@ -96,9 +103,12 @@ local function wrapPlayURL()
print( "sound.PlayURL wrapped, original function at _sound_PlayUrl" )
sound.PlayURL = function( url, flags, callback )
local isAllowed = CFCHTTP.isAllowed( url )
local options = CFCHTTP.getOptionsForURI(url)
local isAllowed = options and options.allowed
local noisy = options and options.noisy
local stack = string.Split( debug.traceback(), "\n" )
logRequest( "GET", url, stack[3], isAllowed )
logRequest( "GET", url, stack[3], isAllowed, noisy )
if not isAllowed then
if callback then callback( nil, BASS_ERROR_ILLPARAM, "BASS_ERROR_ILLPARAM" ) end
return

8
lua/cfc_http_restrictions/default_config.lua
View File

@ -2,7 +2,13 @@ AddCSLuaFile()
return {
version="1", -- this field allows backwards compatibility if the config structure is ever updated
defaultAssetURIOptions = {
allowed=true
},
defaultOptions = {
allowed=false,
},
addresses = {
["google.com"] = {allowed=true, noisy=true},
["www.google.com"] = {allowed=true, noisy=true},