CFC-Servers/cfc_cl_http_whitelist
1
0
Fork 0
mirror of https://github.com/CFC-Servers/cfc_cl_http_whitelist.git synced 2025-03-04 03:03:18 -05:00
Code Issues Projects Releases Activity

Replace html urls (#33)

Browse Source 
* replace urls in html and javascript with safe urls

* remove file

* remove temporary wrap functions

* remove most starfall domains

* apply CFCHTTP.RedirectURL to OpenURL wrap

* use concat and not string.format
This commit is contained in:
Pierce Lally 2023-08-23 18:15:44 -04:00 committed by GitHub
parent 05c24b719f
commit 609f7ea083
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 53 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
gluatest.yaml Normal file
View File

@ -0,0 +1,2 @@
config:
gamemode: sandbox

5
lua/.luarc.json
View File

@ -1,5 +0,0 @@
{
"diagnostics.globals": [
"expect"
]
}

56
lua/cfc_http_restrictions/client/wrap_functions.lua
View File

@ -168,44 +168,40 @@ local function wrapHTMLPanel( panelName )
_G[runJavascript] = _G[runJavascript] or controlTable.RunJavascript
controlTable.SetHTML = function( self, html, ... )
local urls, err = CFCHTTP.FileTypes.HTML.GetURLSFromData( html )
local options = CFCHTTP.GetOptionsForURLs( urls )
local isAllowed
if #urls == 0 then
isAllowed = true
else
isAllowed = err == nil and options.combined and options.combined.allowed
end
local stack = string.Split( debug.traceback(), "\n" )
logRequest( "GET", options.combinedUri, stack[3], isAllowed )
if not isAllowed then
html = [[<h1>BLOCKED By CFC HTTP Whitelist</h1>]]
end
html = CFCHTTP.ReplaceURLs( html, function( url )
local options = CFCHTTP.GetOptionsForURL( url )
local isAllowed = options and options.allowed
local noisy = true -- this will be really spammy so set it to noisy by default
logRequest( "GET", url, stack[3], isAllowed, noisy )
if not isAllowed then
return CFCHTTP.GetRedirectURL( url )
end
return url
end )
return _G[setHTML]( self, html, ... )
end
controlTable.RunJavascript = function( self, js )
local urls, err = CFCHTTP.FileTypes.HTML.GetURLSFromData( js )
local options = CFCHTTP.GetOptionsForURLs( urls )
local isAllowed
if #urls == 0 then
return _G[runJavascript]( self, js )
else
isAllowed = err == nil and options.combined and options.combined.allowed
end
local stack = string.Split( debug.traceback(), "\n" )
logRequest( "GET", options.combinedUri, stack[3], isAllowed )
js = CFCHTTP.ReplaceURLs( js, function( url )
local options = CFCHTTP.GetOptionsForURL( url )
local isAllowed = options and options.allowed
local noisy = true -- this will be really spammy so set it to noisy by default
if not isAllowed then
return
end
logRequest( "GET", url, stack[3], isAllowed, noisy )
if not isAllowed then
return CFCHTTP.GetRedirectURL( url )
end
return url
end )
return _G[runJavascript]( self, js )
end
@ -217,7 +213,9 @@ local function wrapHTMLPanel( panelName )
local stack = string.Split( debug.traceback(), "\n" )
logRequest( "GET", url, stack[3], isAllowed, noisy )
if not isAllowed then return end
if not isAllowed then
url = CFCHTTP.GetRedirectURL( url )
end
return _G[openURL]( self, url, ... )
end

12
lua/cfc_http_restrictions/default_config.lua
View File

@ -20,6 +20,9 @@ local config = {
allowed = false,
},
addresses = {
-- this is used internally by this addon, removing it could cause issues
["gmhttp.pages.dev"] = { allowed = true, noisy = true, permanent = true },
["google.com"] = { allowed = true, noisy = true },
["www.google.com"] = { allowed = true, noisy = true },
@ -92,18 +95,9 @@ local config = {
-- media player
["samuelmaddock.github.io"] = { allowed = true },
-- domains starfall docs have that get caught by the html whitelist
["npms.io"] = { allowed = true },
["fb.me"] = { allowed = true },
["reactjs.org"] = { allowed = true },
["www.w3.org"] = { allowed = true },
["www.cplusplus.com"] = { allowed = true },
["wiki.garrysmod.com"] = { allowed = true },
["en.wikipedia.org"] = { allowed = true },
["mydomain.com"] = { allowed = true },
["developer.mozilla.org"] = { allowed = true },
["w3.impa.br"] = { allowed = true },
}
}

19
lua/cfc_http_restrictions/shared/url.lua
View File

@ -6,7 +6,7 @@
CFCHTTP.URLPattern = "(%a+)://([^:/ \t]+):?(%d*)/?.*"
CFCHTTP.URLPatternNoGroups = "%a+://[^:/ \t\"]+:?%d*/?[^\n\" ]*"
CFCHTTP.URLPatternNoGroups = "%a+://[^:/ \t\"]+:?%d*/?[^\n\" \\]*"
---@param url string
---@return URLData
@ -34,8 +34,23 @@ function CFCHTTP.FindURLs( text )
return urls
end
function CFCHTTP.GetRedirectURL( url )
url = string.Replace( url, "\n", "" )
url = string.Trim( url )
local b64 = util.Base64Encode( url, true )
return "https://gmhttp.pages.dev/redirect?url=" .. b64
end
---@param text string
---@param f fun( url:string ):string
---@return string
function CFCHTTP.ReplaceURLs( text, f )
local html = string.gsub( text, CFCHTTP.URLPatternNoGroups, f )
return html
end
local parsedAddressCache = {}
---@parm url string
---@param url string
---@return string|nil
function CFCHTTP.GetAddress( url )
if not url then return end

9
lua/tests/cfc_cl_http_whitelist/url.lua
View File

@ -19,12 +19,11 @@ local htmlBlobs = [[
</html>
]]
return {
---@type GLuaTestTestGroup
local group = {
groupName = "CFC HTTP Whitelist Domains",
cases = {
{
timeout = 3,
async = false,
name = "Should get addresses from urls",
func = function()
for _, urlData in pairs( testUrls ) do
@ -40,8 +39,6 @@ return {
end
},
{
timeout = 3,
async = false,
name = "Get address should return expected data",
func = function()
for _, urlData in pairs( testUrls ) do
@ -52,3 +49,5 @@ return {
},
}
}
return group