CFC-Servers/cfc_cl_http_whitelist
1
0
Fork 0
mirror of https://github.com/CFC-Servers/cfc_cl_http_whitelist.git synced 2025-03-04 03:03:18 -05:00
Code Issues Projects Releases Activity

Add workflow and fix style (#16)

Browse Source 
* Add workflow

* Style, remove shadow bindings

* Style, shadow bindings

* Style

* Style
This commit is contained in:
Redox 2022-09-07 03:06:34 +02:00 committed by GitHub
parent b01f62a8fc
commit f96cc1c991
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 132 additions and 123 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
.github/workflows/glua_lint.yml vendored Normal file
View File

@ -0,0 +1,10 @@
name: GLuaFixer
on:
pull_request:
jobs:
Lint:
uses: CFC-Servers/github_action_workflows/.github/workflows/lint_glua.yml@feature/shareable
with:
config: "https://cfc.gg/configs/gluafixer/glualint.json"

4
lua/autorun/cfc_http_whitelist_init.lua
View File

@ -8,8 +8,8 @@ local function includeClient( f )
end
end
include("cfc_http_restrictions/config_loader.lua")
includeClient("cfc_http_restrictions/config_loader.lua")
include( "cfc_http_restrictions/config_loader.lua" )
includeClient( "cfc_http_restrictions/config_loader.lua" )
includeClient( "cfc_http_restrictions/client/list_manager.lua" )
includeClient( "cfc_http_restrictions/client/list_view.lua" )

44
lua/cfc_http_restrictions/client/list_manager.lua
View File

@ -7,14 +7,14 @@ function CFCHTTP.getAddress( url )
if cached then return cached end
local pattern = "(%a+)://([%a%d%.-]+):?(%d*)/?.*"
local _, _, protocol, addr, port = string.find( url, pattern )
local _, _, _, addr, _ = string.find( url, pattern )
parsedAddressCache[url] = addr
return addr
end
function CFCHTTP.isAssetURI(url)
return string.StartWith(url, "asset://")
function CFCHTTP.isAssetURI( url )
return string.StartWith( url, "asset://" )
end
-- escapes all lua pattern characters and allows the use of * as a wildcard
@ -23,7 +23,7 @@ local function escapeAddr( addr )
if escapedCache[addr] then return escapedCache[addr] end
local split = string.Split( addr, "*" )
for i=1, #split do
for i = 1, #split do
split[i] = string.PatternSafe( split[i] )
end
@ -32,10 +32,10 @@ local function escapeAddr( addr )
end
-- TODO reimmplement caching
function CFCHTTP.getOptionsForURI(url)
function CFCHTTP.getOptionsForURI( url )
if not url then return CFCHTTP.config.defaultOptions end
if CFCHTTP.isAssetURI(url) then return CFCHTTP.config.defaultAssetURIOptions end
if CFCHTTP.isAssetURI( url ) then return CFCHTTP.config.defaultAssetURIOptions end
local address = CFCHTTP.getAddress( url )
if not address then return CFCHTTP.config.defaultOptions end
@ -45,25 +45,25 @@ function CFCHTTP.getOptionsForURI(url)
return options
end
for allowedAddr, options in pairs( CFCHTTP.config.addresses ) do
if not options.pattern then
for allowedAddr, optionsAddr in pairs( CFCHTTP.config.addresses ) do
if not optionsAddr.pattern then
allowedAddr = escapeAddr( allowedAddr )
end
if string.match( address, "^"..allowedAddr.."$" ) then
return options
if string.match( address, "^" .. allowedAddr .. "$" ) then
return optionsAddr
end
end
return CFCHTTP.config.defaultOptions
return CFCHTTP.config.defaultOptions
end
local function getUrlsInHTML( html )
local pattern = "%a+://[%a%d%.-]+:?%d*/?[a-zA-Z0-9%.]*"
local urls = {}
for url in string.gmatch(html, pattern) do
table.insert(urls, url)
for url in string.gmatch( html, pattern ) do
table.insert( urls, url )
end
return urls
@ -71,10 +71,10 @@ end
function CFCHTTP.isHTMLAllowed( html )
local urls = getUrlsInHTML( html )
for _, url in pairs(urls) do
local options = CFCHTTP.getOptionsForURI(url)
if options and not options.allowed then
for _, url in pairs( urls ) do
local options = CFCHTTP.getOptionsForURI( url )
if options and not options.allowed then
return false, url
end
end
@ -91,8 +91,8 @@ function CFCHTTP.allowAddress( addr )
end
CFCHTTP.config.addresses[addr] = {
_edited=true,
allowed=true,
_edited = true,
allowed = true,
}
return true
@ -105,8 +105,8 @@ function CFCHTTP.blockAddress( addr )
end
CFCHTTP.config.addresses[addr] = {
_edited=true,
allowed=false,
_edited = true,
allowed = false,
}
return true
@ -121,4 +121,4 @@ function CFCHTTP.removeAddress( addr )
CFCHTTP.config.addresses[addr] = nil
return true
end
end

32
lua/cfc_http_restrictions/client/list_view.lua
View File

@ -7,13 +7,13 @@ local function removeByValue( listView, value )
end
end
local function populatePanel( form )
local function populatePanel( form )
local warning = vgui.Create( "DLabel" )
warning:SetText( "Adding a domain here could expose your ip to other players (and other vulnerabilities)" )
warning:SetColor( Color(255, 0, 0) )
warning:SetFont("GModToolHelp")
warning:SetColor( Color( 255, 0, 0 ) )
warning:SetFont( "GModToolHelp" )
warning:SetWrap( true )
warning:SetSize(300, 100)
warning:SetSize( 300, 100 )
form:AddItem( warning )
@ -21,25 +21,25 @@ local function populatePanel( form )
form:CheckBox( "Log blocked requests", "cfc_http_restrictions_log_blocks" )
form:CheckBox( "Detailed logging", "cfc_http_restrictions_log_verbose" )
local list = vgui.Create( "DListView")
local list = vgui.Create( "DListView" )
list:Dock( TOP )
list:SetMultiSelect( false )
list:AddColumn( "Address" )
list:AddColumn( "Allowed" )
list:SetTall(300)
list:SetTall( 300 )
form:AddItem( list )
for k, v in pairs( CFCHTTP.config.addresses ) do
list:AddLine( k, (v and v.allowed) and "yes" or "no" )
list:AddLine( k, ( v and v.allowed ) and "yes" or "no" )
end
local textEntry, _ = form:TextEntry( "Address" )
list.OnRowSelected = function( self, index, pnl )
list.OnRowSelected = function( _, _, pnl )
textEntry:SetValue( pnl:GetColumnText( 1 ) )
end
local allow = form:Button("Allow")
local allow = form:Button( "Allow" )
allow.DoClick = function()
local v = textEntry:GetValue()
if not CFCHTTP.allowAddress( v ) then return end
@ -48,7 +48,7 @@ local function populatePanel( form )
list:AddLine( v, "yes" )
end
local block = form:Button("Block")
local block = form:Button( "Block" )
block.DoClick = function()
local v = textEntry:GetValue()
if not CFCHTTP.blockAddress( v ) then return end
@ -58,25 +58,25 @@ local function populatePanel( form )
end
-- TODO when a config is removed we should reload the default values from the lua based configs instead of just removing it from the entire list
local remove = form:Button("Remove")
local remove = form:Button( "Remove" )
remove.DoClick = function()
local v = textEntry:GetValue()
if not CFCHTTP.removeAddress( v ) then return end
removeByValue( list, v )
end
local save = form:Button("Save")
local save = form:Button( "Save" )
save.DoClick = function()
local conf = CFCHTTP.copyConfig(CFCHTTP.config)
for addr, options in pairs(conf.addresses) do
local conf = CFCHTTP.copyConfig( CFCHTTP.config )
for addr, options in pairs( conf.addresses ) do
if not options._edited then
conf.addresses[addr] = nil
end
end
CFCHTTP.saveFileConfig({
CFCHTTP.saveFileConfig( {
version = "1",
addresses = conf.addresses
})
} )
end
end

39
lua/cfc_http_restrictions/client/wrap_functions.lua
View File

@ -42,12 +42,12 @@ local function wrapHTTP()
print( "HTTP wrapped, original function at '_G._HTTP'" )
HTTP = function( req )
local options = CFCHTTP.getOptionsForURI(req.url)
local options = CFCHTTP.getOptionsForURI( req.url )
local isAllowed = options and options.allowed
local noisy = options and options.noisy
local stack = string.Split(debug.traceback(), "\n")
logRequest( req.method, req.url, stack[3], isAllowed, noisy)
local stack = string.Split( debug.traceback(), "\n" )
logRequest( req.method, req.url, stack[3], isAllowed, noisy )
local onFailure = req.failed
if not isAllowed then
if onFailure then onFailure( "URL is not whitelisted" ) end
@ -62,11 +62,11 @@ local function wrapFetch()
print( "http.Fetch wrapped, original function at '_http_Fetch'" )
http.Fetch = function( url, onSuccess, onFailure, headers )
local options = CFCHTTP.getOptionsForURI(url)
local options = CFCHTTP.getOptionsForURI( url )
local isAllowed = options and options.allowed
local noisy = options and options.noisy
local stack = string.Split(debug.traceback(), "\n")
local stack = string.Split( debug.traceback(), "\n" )
logRequest( "GET", url, stack[3], isAllowed, noisy )
if not isAllowed then
if onFailure then onFailure( "URL is not whitelisted" ) end
@ -82,11 +82,11 @@ local function wrapPost()
print( "http.Post wrapped, original function at '_http_Post'" )
http.Post = function( url, params, onSuccess, onFailure, headers )
local options = CFCHTTP.getOptionsForURI(url)
local options = CFCHTTP.getOptionsForURI( url )
local isAllowed = options and options.allowed
local noisy = options and options.noisy
local stack = string.Split(debug.traceback(), "\n")
local stack = string.Split( debug.traceback(), "\n" )
logRequest( "POST", url, stack[3], isAllowed, noisy )
if not isAllowed then
if onFailure then onFailure( "URL is not whitelisted" ) end
@ -103,7 +103,7 @@ local function wrapPlayURL()
print( "sound.PlayURL wrapped, original function at _sound_PlayUrl" )
sound.PlayURL = function( url, flags, callback )
local options = CFCHTTP.getOptionsForURI(url)
local options = CFCHTTP.getOptionsForURI( url )
local isAllowed = options and options.allowed
local noisy = options and options.noisy
@ -121,32 +121,32 @@ end
local function wrapHTMLPanel( panelName )
print( "Wrapping SetHTML and OpenURL for " .. panelName )
local funcName = function( functionName )
return "_"..panelName.."_"..functionName
return "_" .. panelName .. "_" .. functionName
end
local controlTable = vgui.GetControlTable( panelName )
local setHTML = funcName( "SetHTML" )
local openURL = funcName( "OpenURL" )
_G[setHTML] = _G[setHTML] or controlTable.SetHTML
_G[openURL] = _G[openURL] or controlTable.OpenURL
controlTable.SetHTML = function( self, html, ... )
local isAllowed, url = CFCHTTP.isHTMLAllowed( html )
local isAllowed, url = CFCHTTP.isHTMLAllowed( html )
local stack = string.Split( debug.traceback(), "\n" )
logRequest( "GET", url, stack[3], isAllowed )
if not isAllowed then
html = [[<h1> BLOCKED </h1>]]
html = [[<h1> BLOCKED </h1>]]
end
_G[setHTML]( self, html, ... )
end
controlTable.OpenURL = function( self, url, ... )
local options = CFCHTTP.getOptionsForURI(url)
local options = CFCHTTP.getOptionsForURI( url )
local isAllowed = options and options.allowed
local noisy = options and options.noisy
@ -157,14 +157,13 @@ local function wrapHTMLPanel( panelName )
_G[openURL]( self, url, ... )
end
end
hook.Add( "Initialize", "CFC_HttpWhitelist_WrapHTML", function()
if CFCHTTP.config.wrapHTMLPanels then
wrapHTMLPanel("DHTML")
wrapHTMLPanel("DPanel")
wrapHTMLPanel("DMediaPlayerHTML")
wrapHTMLPanel( "DHTML" )
wrapHTMLPanel( "DPanel" )
wrapHTMLPanel( "DMediaPlayerHTML" )
end
end )

34
lua/cfc_http_restrictions/config_loader.lua
View File

@ -1,54 +1,54 @@
CFCHTTP = CFCHTTP or {}
CFCHTTP.config = include("default_config.lua")
CFCHTTP.config = include( "default_config.lua" )
function CFCHTTP.LoadConfigs()
CFCHTTP.config = include("default_config.lua")
CFCHTTP.config = include( "default_config.lua" )
CFCHTTP.loadLuaConfigs()
if CLIENT then
local fileConfig = CFCHTTP.readFileConfig()
if fileConfig then
CFCHTTP.config = CFCHTTP.mergeConfigs(CFCHTTP.config, fileConfig)
CFCHTTP.config = CFCHTTP.mergeConfigs( CFCHTTP.config, fileConfig )
end
end
end
-- LoadLuaConfigs loads the default config and then any lua files in the cfc_http_restrictions/configs directory
function CFCHTTP.loadLuaConfigs()
local files = file.Find("cfc_http_restrictions/configs/*.lua", "LUA")
for _, file in pairs(files) do
AddCSLuaFile("cfc_http_restrictions/configs/" .. file)
local newConfig = include("cfc_http_restrictions/configs/" .. file)
CFCHTTP.config = CFCHTTP.mergeConfigs(CFCHTTP.config, newConfig)
function CFCHTTP.loadLuaConfigs()
local files = file.Find( "cfc_http_restrictions/configs/*.lua", "LUA" )
for _, fil in pairs( files ) do
AddCSLuaFile( "cfc_http_restrictions/configs/" .. fil )
local newConfig = include( "cfc_http_restrictions/configs/" .. fil )
CFCHTTP.config = CFCHTTP.mergeConfigs( CFCHTTP.config, newConfig )
end
end
function CFCHTTP.mergeConfigs(old, new)
function CFCHTTP.mergeConfigs( old, new )
if new.version == "1" then
if new.wrapHTMLPanels ~= nil then old.wrapHTMLPanels = new.wrapHTMLPanels end
if new.defaultOptions ~= nil then old.defaultOptions = new.defaultOptions end
if new.defaultAssetURIOption ~= nil then old.defaultAssetURIOption = new.defaultAssetURIOption end
for domain, options in pairs(new.addresses) do
for domain, options in pairs( new.addresses ) do
local currentOptions = old.addresses[domain]
if currentOptions and currentOptions.permanent then
print("[CFC HTTP Restrictions] Skipping " .. domain .. " because it is permanent")
print( "[CFC HTTP Restrictions] Skipping " .. domain .. " because it is permanent" )
else
old.addresses[domain] = options
end
end
else
ErrorNoHalt("[CFC HTTP Restrictions] Invalid config version: " .. tostring(new.version))
ErrorNoHalt( "[CFC HTTP Restrictions] Invalid config version: " .. tostring( new.version ) )
end
return old
end
function CFCHTTP.copyConfig(cfg)
return util.JSONToTable(util.TableToJSON(cfg))
function CFCHTTP.copyConfig( cfg )
return util.JSONToTable( util.TableToJSON( cfg ) )
end
function CFCHTTP.saveFileConfig(config)
function CFCHTTP.saveFileConfig( config )
file.Write( "cfc_cl_http_whitelist_config.json", util.TableToJSON( config, true ) )
notification.AddLegacy( "Saved http whitelist", NOTIFY_GENERIC, 5 )

92
lua/cfc_http_restrictions/default_config.lua
View File

@ -1,79 +1,79 @@
AddCSLuaFile()
return {
version="1", -- this field allows backwards compatibility if the config structure is ever updated
version = "1", -- this field allows backwards compatibility if the config structure is ever updated
wrapHTMLPanels = false,
defaultAssetURIOptions = {
allowed=true
allowed = true
},
defaultOptions = {
allowed=false,
allowed = false,
},
addresses = {
["google.com"] = {allowed=true, noisy=true},
["www.google.com"] = {allowed=true, noisy=true},
["google.com"] = { allowed = true, noisy = true },
["www.google.com"] = { allowed = true, noisy = true },
["steamcommunity.com"] = {allowed=true},
["api.github.com"] = {allowed=true},
["github.com"] = {allowed=true},
["thegrb93.github.io"] = {allowed=true},
["steamcommunity.com"] = { allowed = true },
["api.github.com"] = { allowed = true },
["github.com"] = { allowed = true },
["thegrb93.github.io"] = { allowed = true },
-- dropbox
["dl.dropboxusercontent.com"] = {allowed=true},
["dl.dropbox.com"] = {allowed=true},
["www.dropbox.com"] = {allowed=true},
["dl.dropboxusercontent.com"] = { allowed = true },
["dl.dropbox.com"] = { allowed = true },
["www.dropbox.com"] = { allowed = true },
-- onedrive
["onedrive.live.com"] = {allowed=true},
["api.onedrive.com"] = {allowed=true},
["onedrive.live.com"] = { allowed = true },
["api.onedrive.com"] = { allowed = true },
-- google drive
["docs.google.com"] = {allowed=true},
["drive.google.com"] = {allowed=true},
["docs.google.com"] = { allowed = true },
["drive.google.com"] = { allowed = true },
-- youtube
["youtube.com"] = {allowed=true},
["youtu.be"] = {allowed=true},
["youtube.com"] = { allowed = true },
["youtu.be"] = { allowed = true },
["raw.githubusercontent.com"] = {allowed=true},
["gist.githubusercontent.com"] = {allowed=true},
["raw.githubusercontent.com"] = { allowed = true },
["gist.githubusercontent.com"] = { allowed = true },
["gitlab.com"] = {allowed=true},
["gitlab.com"] = { allowed = true },
["bitbucket.org"] = {allowed=true},
["bitbucket.org"] = { allowed = true },
["u.teknik.io"] = {allowed=true},
["u.teknik.io"] = { allowed = true },
["i.imgur.com"] = {allowed=true},
["i.imgur.com"] = { allowed = true },
["pastebin.com"] = {allowed=true},
["pastebin.com"] = { allowed = true },
["p.teknik.io"] = {allowed=true},
["p.teknik.io"] = { allowed = true },
["paste.ee"] = {allowed=true},
["paste.ee"] = { allowed = true },
["hastebin.com"] = {allowed=true},
["hastebin.nl"] = {allowed=true},
["hastebin.com"] = { allowed = true },
["hastebin.nl"] = { allowed = true },
["puu.sh"] = {allowed=true},
["puu.sh"] = { allowed = true },
["images.akamai.steamusercontent.com"] = {allowed=true},
["images.akamai.steamusercontent.com"] = { allowed = true },
["steamcdn-a.akamaihd.net"] = {allowed=true},
["facepunch.com"] = {allowed=true},
["*.facepunch.com"] = {allowed=true},
["steamcdn-a.akamaihd.net"] = { allowed = true },
["i.redditmedia.com"] = {allowed=true},
["i.redd.it"] = {allowed=true},
["api.wolframalpha.com"] = {allowed=true},
["text-to-speech-demo.ng.bluemix.net"] = {allowed=true},
["translate.google.com"] = {allowed=true},
["facepunch.com"] = { allowed = true },
["*.facepunch.com"] = { allowed = true },
["cdn[%w-_]*.discordapp%.com"] = {allowed=true, pattern=true},
["images-([%w%-]+)%.discordapp%.net"] = {allowed=true, pattern=true},
["i([%w-_]+)%.tinypic%.com"] = {allowed=true, pattern=true}
["i.redditmedia.com"] = { allowed = true },
["i.redd.it"] = { allowed = true },
["api.wolframalpha.com"] = { allowed = true },
["text-to-speech-demo.ng.bluemix.net"] = { allowed = true },
["translate.google.com"] = { allowed = true },
["cdn[%w-_]*.discordapp%.com"] = { allowed = true, pattern = true },
["images-([%w%-]+)%.discordapp%.net"] = { allowed = true, pattern = true },
["i([%w-_]+)%.tinypic%.com"] = { allowed = true, pattern = true }
}
}
}