DorianNiemiecSVRJS/svrjs
Archived
1
0
Fork 0
forked from svrjs/svrjs
Code Pull requests Activity

Update to SVR.JS 3.14.6

Browse source
This commit is contained in:
Dorian Niemiec 2024-03-17 21:49:23 +01:00
parent 0161b04e1f
commit 3abc31e2aa
6 changed files with 144 additions and 134 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
index.html
View file

@ -1,7 +1,7 @@
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<head> <head>
<title>SVR.JS 3.14.5</title> <title>SVR.JS 3.14.6</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta charset="UTF-8" /> <meta charset="UTF-8" />
<style> <style>
@ -12,7 +12,7 @@
</style> </style>
</head> </head>
<body> <body>
<h1>Welcome to SVR.JS 3.14.5</h1> <h1>Welcome to SVR.JS 3.14.6</h1>
<br/> <br/>
<img src="/logo.png" style="width: 256px; max-width: 100%;" /> <img src="/logo.png" style="width: 256px; max-width: 100%;" />
<br/> <br/>
@ -85,8 +85,13 @@
</code> </code>
<p>Changes:</p> <p>Changes:</p>
<ul style="display: inline-block; margin: 0;"> <ul style="display: inline-block; margin: 0;">
<li>Fixed "www." URL redirect functionality.</li> <li>Added CVE-2024-22019 Node.JS vulnerability warning.</li>
<li>Improved HTTP/1.x API compatibility with HTTP/2.</li> <li>Improved protection against user enumeration in HTTP authentication.</li>
<li>Replaced block list message with generic 403 Forbidden error.</li>
<li>Replaced some instances of "blacklist" with "block list".</li>
<li>Some terminal output is now bold.</li>
<li>Updated SVR.JS log viewer (<i>logviewer.js</i>) and log highlighter (<i>loghighlight.js</i>)</li>
<li>When "block localhost" CLI command is executed, SVR.JS now adds "localhost" to the block list instead of "::ffff:localhost".</li>
</ul> </ul>
<p> <p>
<a href="/tests.html">Tests</a><br/> <a href="/tests.html">Tests</a><br/>

8
licenses/index.html
View file

@ -1,7 +1,7 @@
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<head> <head>
<title>SVR.JS 3.14.5 Licenses</title> <title>SVR.JS 3.14.6 Licenses</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta charset="UTF-8" /> <meta charset="UTF-8" />
<style> <style>
@ -12,8 +12,8 @@
</style> </style>
</head> </head>
<body> <body>
<h1>SVR.JS 3.14.5 Licenses</h1> <h1>SVR.JS 3.14.6 Licenses</h1>
<h2>SVR.JS 3.14.5</h2> <h2>SVR.JS 3.14.6</h2>
<div style="display: inline-block; text-align: left; border-width: 2px; border-style: solid; border-color: gray; padding: 8px;"> <div style="display: inline-block; text-align: left; border-width: 2px; border-style: solid; border-color: gray; padding: 8px;">
MIT License<br/> MIT License<br/>
<br/> <br/>
@ -37,7 +37,7 @@
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE<br/> OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE<br/>
SOFTWARE.<br/> SOFTWARE.<br/>
</div> </div>
<h2>Packages used by SVR.JS 3.14.5</h2> <h2>Packages used by SVR.JS 3.14.6</h2>
<div style="width: 100%; max-width: 1280px; margin: auto"> <div style="width: 100%; max-width: 1280px; margin: auto">
<div style="width: 100%; background-color: #ccc; border: 1px solid green; text-align: left; margin: 10px 0;"> <div style="width: 100%; background-color: #ccc; border: 1px solid green; text-align: left; margin: 10px 0;">
<div style="float: right;">License: MIT</div> <div style="float: right;">License: MIT</div>

26
loghighlight.js
View file

@ -34,17 +34,19 @@ function viewLog(log) {
if(log[log.length-1] == "") log.pop(); if(log[log.length-1] == "") log.pop();
if(log[0] == "") log.shift(); if(log[0] == "") log.shift();
for(var i=0;i<log.length;i++) { for(var i=0;i<log.length;i++) {
if(log[i].indexOf("SERVER REQUEST MESSAGE") != -1) { if(log[i].indexOf("SERVER REQUEST MESSAGE") != -1) {
log[i] = log[i].replace("SERVER REQUEST MESSAGE","\x1b[34mSERVER REQUEST MESSAGE") + "\x1b[37m\x1b[0m"; log[i] = log[i].replace("SERVER REQUEST MESSAGE","\x1b[34m\x1b[1mSERVER REQUEST MESSAGE\x1b[22m") + "\x1b[37m\x1b[0m";
} else if(log[i].indexOf("SERVER RESPONSE MESSAGE") != -1) { } else if(log[i].indexOf("SERVER RESPONSE MESSAGE") != -1) {
log[i] = log[i].replace("SERVER RESPONSE MESSAGE","\x1b[32mSERVER RESPONSE MESSAGE") + "\x1b[37m\x1b[0m"; log[i] = log[i].replace("SERVER RESPONSE MESSAGE","\x1b[32m\x1b[1mSERVER RESPONSE MESSAGE\x1b[22m") + "\x1b[37m\x1b[0m";
} else if(log[i].indexOf("SERVER RESPONSE ERROR MESSAGE") != -1) { } else if(log[i].indexOf("SERVER RESPONSE ERROR MESSAGE") != -1) {
log[i] = log[i].replace("SERVER RESPONSE ERROR MESSAGE","\x1b[31mSERVER RESPONSE ERROR MESSAGE") + "\x1b[37m\x1b[0m"; log[i] = log[i].replace("SERVER RESPONSE ERROR MESSAGE","\x1b[31m\x1b[1mSERVER RESPONSE ERROR MESSAGE\x1b[22m") + "\x1b[37m\x1b[0m";
} else if(log[i].indexOf("SERVER ERROR MESSAGE") != -1) { } else if(log[i].indexOf("SERVER ERROR MESSAGE") != -1) {
log[i] = log[i].replace("SERVER ERROR MESSAGE","\x1b[41mSERVER ERROR MESSAGE") + "\x1b[40m\x1b[0m"; log[i] = log[i].replace("SERVER ERROR MESSAGE","\x1b[41m\x1b[1mSERVER ERROR MESSAGE\x1b[22m") + "\x1b[40m\x1b[0m";
} else if(log[i].indexOf("SERVER WARNING MESSAGE") != -1) { } else if(log[i].indexOf("SERVER WARNING MESSAGE") != -1) {
log[i] = log[i].replace("SERVER WARNING MESSAGE","\x1b[43mSERVER WARNING MESSAGE") + "\x1b[40m\x1b[0m"; log[i] = log[i].replace("SERVER WARNING MESSAGE","\x1b[43m\x1b[1mSERVER WARNING MESSAGE\x1b[22m") + "\x1b[40m\x1b[0m";
} } else if(log[i].indexOf("SERVER MESSAGE") != -1) {
console.log(log[i]); log[i] = log[i].replace("SERVER MESSAGE","\x1b[1mSERVER MESSAGE\x1b[22m");
}
console.log(log[i]);
} }
} }

26
logviewer.js
View file

@ -65,18 +65,20 @@ function viewLog(log) {
if(log[log.length-1] == "") log.pop(); if(log[log.length-1] == "") log.pop();
if(log[0] == "") log.shift(); if(log[0] == "") log.shift();
for(var i=0;i<log.length;i++) { for(var i=0;i<log.length;i++) {
if(log[i].indexOf("SERVER REQUEST MESSAGE") != -1) { if(log[i].indexOf("SERVER REQUEST MESSAGE") != -1) {
log[i] = log[i].replace("SERVER REQUEST MESSAGE","\x1b[34mSERVER REQUEST MESSAGE") + "\x1b[37m\x1b[0m"; log[i] = log[i].replace("SERVER REQUEST MESSAGE","\x1b[34m\x1b[1mSERVER REQUEST MESSAGE\x1b[22m") + "\x1b[37m\x1b[0m";
} else if(log[i].indexOf("SERVER RESPONSE MESSAGE") != -1) { } else if(log[i].indexOf("SERVER RESPONSE MESSAGE") != -1) {
log[i] = log[i].replace("SERVER RESPONSE MESSAGE","\x1b[32mSERVER RESPONSE MESSAGE") + "\x1b[37m\x1b[0m"; log[i] = log[i].replace("SERVER RESPONSE MESSAGE","\x1b[32m\x1b[1mSERVER RESPONSE MESSAGE\x1b[22m") + "\x1b[37m\x1b[0m";
} else if(log[i].indexOf("SERVER RESPONSE ERROR MESSAGE") != -1) { } else if(log[i].indexOf("SERVER RESPONSE ERROR MESSAGE") != -1) {
log[i] = log[i].replace("SERVER RESPONSE ERROR MESSAGE","\x1b[31mSERVER RESPONSE ERROR MESSAGE") + "\x1b[37m\x1b[0m"; log[i] = log[i].replace("SERVER RESPONSE ERROR MESSAGE","\x1b[31m\x1b[1mSERVER RESPONSE ERROR MESSAGE\x1b[22m") + "\x1b[37m\x1b[0m";
} else if(log[i].indexOf("SERVER ERROR MESSAGE") != -1) { } else if(log[i].indexOf("SERVER ERROR MESSAGE") != -1) {
log[i] = log[i].replace("SERVER ERROR MESSAGE","\x1b[41mSERVER ERROR MESSAGE") + "\x1b[40m\x1b[0m"; log[i] = log[i].replace("SERVER ERROR MESSAGE","\x1b[41m\x1b[1mSERVER ERROR MESSAGE\x1b[22m") + "\x1b[40m\x1b[0m";
} else if(log[i].indexOf("SERVER WARNING MESSAGE") != -1) { } else if(log[i].indexOf("SERVER WARNING MESSAGE") != -1) {
log[i] = log[i].replace("SERVER WARNING MESSAGE","\x1b[43mSERVER WARNING MESSAGE") + "\x1b[40m\x1b[0m"; log[i] = log[i].replace("SERVER WARNING MESSAGE","\x1b[43m\x1b[1mSERVER WARNING MESSAGE\x1b[22m") + "\x1b[40m\x1b[0m";
} } else if(log[i].indexOf("SERVER MESSAGE") != -1) {
console.log(log[i]); log[i] = log[i].replace("SERVER MESSAGE","\x1b[1mSERVER MESSAGE\x1b[22m");
}
console.log(log[i]);
} }
} }

201
svr.js
View file

@ -69,7 +69,7 @@ function deleteFolderRecursive(path) {
} }
var os = require("os"); var os = require("os");
var version = "3.14.5"; var version = "3.14.6";
var singlethreaded = false; var singlethreaded = false;
if (process.versions) process.versions.svrjs = version; // Inject SVR.JS into process.versions if (process.versions) process.versions.svrjs = version; // Inject SVR.JS into process.versions
@ -1153,7 +1153,7 @@ if (fs.existsSync(__dirname + "/config.json")) {
// Default server configuration properties // Default server configuration properties
var wwwredirect = false; var wwwredirect = false;
var rawBlackList = []; var rawBlockList = [];
var users = []; var users = [];
var page404 = "404.html"; var page404 = "404.html";
var serverAdmin = "[no contact information]"; var serverAdmin = "[no contact information]";
@ -1180,7 +1180,7 @@ var allowDoubleSlashes = false;
var allowPostfixDoubleSlashes = false; var allowPostfixDoubleSlashes = false;
// Get properties from config.json // Get properties from config.json
if (configJSON.blacklist != undefined) rawBlackList = configJSON.blacklist; if (configJSON.blacklist != undefined) rawBlockList = configJSON.blacklist;
if (configJSON.wwwredirect != undefined) wwwredirect = configJSON.wwwredirect; if (configJSON.wwwredirect != undefined) wwwredirect = configJSON.wwwredirect;
if (configJSON.port != undefined) port = configJSON.port; if (configJSON.port != undefined) port = configJSON.port;
if (configJSON.pubport != undefined) pubport = configJSON.pubport; if (configJSON.pubport != undefined) pubport = configJSON.pubport;
@ -1255,7 +1255,7 @@ try {
configJSON.version = version; configJSON.version = version;
configJSON.productName = "SVR.JS"; configJSON.productName = "SVR.JS";
var blacklist = ipBlockList(rawBlackList); var blocklist = ipBlockList(rawBlockList);
var nonStandardCodes = []; var nonStandardCodes = [];
nonStandardCodesRaw.forEach(function (nonStandardCodeRaw) { nonStandardCodesRaw.forEach(function (nonStandardCodeRaw) {
@ -1425,7 +1425,7 @@ var serverconsole = {
}); });
return; return;
} }
console.log("SERVER CLI MESSAGE: " + msg); console.log("\x1b[1mSERVER CLI MESSAGE\x1b[22m: " + msg);
LOG("SERVER CLI MESSAGE: " + msg); LOG("SERVER CLI MESSAGE: " + msg);
return; return;
}, },
@ -1436,7 +1436,7 @@ var serverconsole = {
}); });
return; return;
} }
console.log("\x1b[34mSERVER REQUEST MESSAGE: " + msg + "\x1b[37m\x1b[0m"); console.log("\x1b[34m\x1b[1mSERVER REQUEST MESSAGE\x1b[22m: " + msg + "\x1b[37m\x1b[0m");
LOG("SERVER REQUEST MESSAGE: " + msg); LOG("SERVER REQUEST MESSAGE: " + msg);
return; return;
}, },
@ -1447,7 +1447,7 @@ var serverconsole = {
}); });
return; return;
} }
console.log("\x1b[32mSERVER RESPONSE MESSAGE: " + msg + "\x1b[37m\x1b[0m"); console.log("\x1b[32m\x1b[1mSERVER RESPONSE MESSAGE\x1b[22m: " + msg + "\x1b[37m\x1b[0m");
LOG("SERVER RESPONSE MESSAGE: " + msg); LOG("SERVER RESPONSE MESSAGE: " + msg);
return; return;
}, },
@ -1458,7 +1458,7 @@ var serverconsole = {
}); });
return; return;
} }
console.log("\x1b[31mSERVER RESPONSE ERROR MESSAGE: " + msg + "\x1b[37m\x1b[0m"); console.log("\x1b[31m\x1b[1mSERVER RESPONSE ERROR MESSAGE\x1b[22m: " + msg + "\x1b[37m\x1b[0m");
LOG("SERVER RESPONSE ERROR MESSAGE: " + msg); LOG("SERVER RESPONSE ERROR MESSAGE: " + msg);
return; return;
}, },
@ -1469,7 +1469,7 @@ var serverconsole = {
}); });
return; return;
} }
console.log("\x1b[41mSERVER ERROR MESSAGE: " + msg + "\x1b[40m\x1b[0m"); console.log("\x1b[41m\x1b[1mSERVER ERROR MESSAGE\x1b[22m: " + msg + "\x1b[40m\x1b[0m");
LOG("SERVER ERROR MESSAGE: " + msg); LOG("SERVER ERROR MESSAGE: " + msg);
return; return;
}, },
@ -1480,7 +1480,7 @@ var serverconsole = {
}); });
return; return;
} }
console.log("\x1b[43mSERVER WARNING MESSAGE: " + msg + "\x1b[40m\x1b[0m"); console.log("\x1b[43m\x1b[1mSERVER WARNING MESSAGE\x1b[22m: " + msg + "\x1b[40m\x1b[0m");
LOG("SERVER WARNING MESSAGE: " + msg); LOG("SERVER WARNING MESSAGE: " + msg);
return; return;
}, },
@ -1491,7 +1491,7 @@ var serverconsole = {
}); });
return; return;
} }
console.log("SERVER MESSAGE: " + msg); console.log("\x1b[1mSERVER MESSAGE\x1b[22m: " + msg);
LOG("SERVER MESSAGE: " + msg); LOG("SERVER MESSAGE: " + msg);
return; return;
} }
@ -1995,7 +1995,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("SERVER CLI MESSAGE [Request Id: " + reqId + "]: " + msg); console.log("\x1b[1mSERVER CLI MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg);
LOG("SERVER CLI MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER CLI MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
}, },
@ -2006,7 +2006,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("\x1b[34mSERVER REQUEST MESSAGE [Request Id: " + reqId + "]: " + msg + "\x1b[37m\x1b[0m"); console.log("\x1b[34m\x1b[1mSERVER REQUEST MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg + "\x1b[37m\x1b[0m");
LOG("SERVER REQUEST MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER REQUEST MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
}, },
@ -2017,7 +2017,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("\x1b[32mSERVER RESPONSE MESSAGE [Request Id: " + reqId + "]: " + msg + "\x1b[37m\x1b[0m"); console.log("\x1b[32m\x1b[1mSERVER RESPONSE MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg + "\x1b[37m\x1b[0m");
LOG("SERVER RESPONSE MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER RESPONSE MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
}, },
@ -2028,7 +2028,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("\x1b[31mSERVER RESPONSE ERROR MESSAGE [Request Id: " + reqId + "]: " + msg + "\x1b[37m\x1b[0m"); console.log("\x1b[31m\x1b[1mSERVER RESPONSE ERROR MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg + "\x1b[37m\x1b[0m");
LOG("SERVER RESPONSE ERROR MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER RESPONSE ERROR MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
}, },
@ -2039,7 +2039,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("\x1b[41mSERVER ERROR MESSAGE [Request Id: " + reqId + "]: " + msg + "\x1b[40m\x1b[0m"); console.log("\x1b[41m\x1b[1mSERVER ERROR MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg + "\x1b[40m\x1b[0m");
LOG("SERVER ERROR MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER ERROR MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
}, },
@ -2050,7 +2050,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("\x1b[43mSERVER WARNING MESSAGE [Request Id: " + reqId + "]: " + msg + "\x1b[40m\x1b[0m"); console.log("\x1b[43m\x1b[1mSERVER WARNING MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg + "\x1b[40m\x1b[0m");
LOG("SERVER WARNING MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER WARNING MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
}, },
@ -2061,7 +2061,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("SERVER MESSAGE [Request Id: " + reqId + "]: " + msg); console.log("\x1b[1mSERVER MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg);
LOG("SERVER MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
} }
@ -2354,7 +2354,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("SERVER CLI MESSAGE [Request Id: " + reqId + "]: " + msg); console.log("\x1b[1mSERVER CLI MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg);
LOG("SERVER CLI MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER CLI MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
}, },
@ -2365,7 +2365,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("\x1b[34mSERVER REQUEST MESSAGE [Request Id: " + reqId + "]: " + msg + "\x1b[37m\x1b[0m"); console.log("\x1b[34m\x1b[1mSERVER REQUEST MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg + "\x1b[37m\x1b[0m");
LOG("SERVER REQUEST MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER REQUEST MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
}, },
@ -2376,7 +2376,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("\x1b[32mSERVER RESPONSE MESSAGE [Request Id: " + reqId + "]: " + msg + "\x1b[37m\x1b[0m"); console.log("\x1b[32m\x1b[1mSERVER RESPONSE MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg + "\x1b[37m\x1b[0m");
LOG("SERVER RESPONSE MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER RESPONSE MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
}, },
@ -2387,7 +2387,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("\x1b[31mSERVER RESPONSE ERROR MESSAGE [Request Id: " + reqId + "]: " + msg + "\x1b[37m\x1b[0m"); console.log("\x1b[31m\x1b[1mSERVER RESPONSE ERROR MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg + "\x1b[37m\x1b[0m");
LOG("SERVER RESPONSE ERROR MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER RESPONSE ERROR MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
}, },
@ -2398,7 +2398,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("\x1b[41mSERVER ERROR MESSAGE [Request Id: " + reqId + "]: " + msg + "\x1b[40m\x1b[0m"); console.log("\x1b[41m\x1b[1mSERVER ERROR MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg + "\x1b[40m\x1b[0m");
LOG("SERVER ERROR MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER ERROR MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
}, },
@ -2409,7 +2409,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("\x1b[43mSERVER WARNING MESSAGE [Request Id: " + reqId + "]: " + msg + "\x1b[40m\x1b[0m"); console.log("\x1b[43m\x1b[1mSERVER WARNING MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg + "\x1b[40m\x1b[0m");
LOG("SERVER WARNING MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER WARNING MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
}, },
@ -2420,7 +2420,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("SERVER MESSAGE [Request Id: " + reqId + "]: " + msg); console.log("\x1b[1mSERVER MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg);
LOG("SERVER MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
} }
@ -2685,7 +2685,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("SERVER CLI MESSAGE [Request Id: " + reqId + "]: " + msg); console.log("\x1b[1mSERVER CLI MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg);
LOG("SERVER CLI MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER CLI MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
}, },
@ -2696,7 +2696,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("\x1b[34mSERVER REQUEST MESSAGE [Request Id: " + reqId + "]: " + msg + "\x1b[37m\x1b[0m"); console.log("\x1b[34m\x1b[1mSERVER REQUEST MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg + "\x1b[37m\x1b[0m");
LOG("SERVER REQUEST MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER REQUEST MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
}, },
@ -2707,7 +2707,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("\x1b[32mSERVER RESPONSE MESSAGE [Request Id: " + reqId + "]: " + msg + "\x1b[37m\x1b[0m"); console.log("\x1b[32m\x1b[1mSERVER RESPONSE MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg + "\x1b[37m\x1b[0m");
LOG("SERVER RESPONSE MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER RESPONSE MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
}, },
@ -2718,7 +2718,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("\x1b[31mSERVER RESPONSE ERROR MESSAGE [Request Id: " + reqId + "]: " + msg + "\x1b[37m\x1b[0m"); console.log("\x1b[31m\x1b[1mSERVER RESPONSE ERROR MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg + "\x1b[37m\x1b[0m");
LOG("SERVER RESPONSE ERROR MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER RESPONSE ERROR MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
}, },
@ -2729,7 +2729,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("\x1b[41mSERVER ERROR MESSAGE [Request Id: " + reqId + "]: " + msg + "\x1b[40m\x1b[0m"); console.log("\x1b[41m\x1b[1mSERVER ERROR MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg + "\x1b[40m\x1b[0m");
LOG("SERVER ERROR MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER ERROR MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
}, },
@ -2740,7 +2740,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("\x1b[43mSERVER WARNING MESSAGE [Request Id: " + reqId + "]: " + msg + "\x1b[40m\x1b[0m"); console.log("\x1b[43m\x1b[1mSERVER WARNING MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg + "\x1b[40m\x1b[0m");
LOG("SERVER WARNING MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER WARNING MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
}, },
@ -2751,7 +2751,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("SERVER MESSAGE [Request Id: " + reqId + "]: " + msg); console.log("\x1b[1mSERVER MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg);
LOG("SERVER MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
} }
@ -2804,7 +2804,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("SERVER CLI MESSAGE [Request Id: " + reqId + "]: " + msg); console.log("\x1b[1mSERVER CLI MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg);
LOG("SERVER CLI MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER CLI MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
}, },
@ -2815,7 +2815,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("\x1b[34mSERVER REQUEST MESSAGE [Request Id: " + reqId + "]: " + msg + "\x1b[37m\x1b[0m"); console.log("\x1b[34m\x1b[1mSERVER REQUEST MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg + "\x1b[37m\x1b[0m");
LOG("SERVER REQUEST MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER REQUEST MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
}, },
@ -2826,7 +2826,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("\x1b[32mSERVER RESPONSE MESSAGE [Request Id: " + reqId + "]: " + msg + "\x1b[37m\x1b[0m"); console.log("\x1b[32m\x1b[1mSERVER RESPONSE MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg + "\x1b[37m\x1b[0m");
LOG("SERVER RESPONSE MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER RESPONSE MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
}, },
@ -2837,7 +2837,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("\x1b[31mSERVER RESPONSE ERROR MESSAGE [Request Id: " + reqId + "]: " + msg + "\x1b[37m\x1b[0m"); console.log("\x1b[31m\x1b[1mSERVER RESPONSE ERROR MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg + "\x1b[37m\x1b[0m");
LOG("SERVER RESPONSE ERROR MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER RESPONSE ERROR MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
}, },
@ -2848,7 +2848,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("\x1b[41mSERVER ERROR MESSAGE [Request Id: " + reqId + "]: " + msg + "\x1b[40m\x1b[0m"); console.log("\x1b[41m\x1b[1mSERVER ERROR MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg + "\x1b[40m\x1b[0m");
LOG("SERVER ERROR MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER ERROR MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
}, },
@ -2859,7 +2859,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("\x1b[43mSERVER WARNING MESSAGE [Request Id: " + reqId + "]: " + msg + "\x1b[40m\x1b[0m"); console.log("\x1b[43m\x1b[1mSERVER WARNING MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg + "\x1b[40m\x1b[0m");
LOG("SERVER WARNING MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER WARNING MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
}, },
@ -2870,7 +2870,7 @@ if (!cluster.isPrimary) {
}); });
return; return;
} }
console.log("SERVER MESSAGE [Request Id: " + reqId + "]: " + msg); console.log("\x1b[1mSERVER MESSAGE\x1b[22m [Request Id: " + reqId + "]: " + msg);
LOG("SERVER MESSAGE [Request Id: " + reqId + "]: " + msg); LOG("SERVER MESSAGE [Request Id: " + reqId + "]: " + msg);
return; return;
} }
@ -2956,7 +2956,7 @@ if (!cluster.isPrimary) {
if (req.headers["x-svr-js-from-main-thread"] == "true" && req.socket && (!req.socket.remoteAddress || req.socket.remoteAddress == "::1" || req.socket.remoteAddress == "::ffff:127.0.0.1" || req.socket.remoteAddress == "127.0.0.1" || req.socket.remoteAddress == "localhost" || req.socket.remoteAddress == host || req.socket.remoteAddress == "::ffff:" + host)) { if (req.headers["x-svr-js-from-main-thread"] == "true" && req.socket && (!req.socket.remoteAddress || req.socket.remoteAddress == "::1" || req.socket.remoteAddress == "::ffff:127.0.0.1" || req.socket.remoteAddress == "127.0.0.1" || req.socket.remoteAddress == "localhost" || req.socket.remoteAddress == host || req.socket.remoteAddress == "::ffff:" + host)) {
var headers = getCustomHeaders(); var headers = getCustomHeaders();
res.writeHead(204, "No Content", headers); res.writeHead(204, http.STATUS_CODES[204], headers);
res.end(); res.end();
return; return;
} }
@ -3057,8 +3057,7 @@ if (!cluster.isPrimary) {
if (!req.headers.host.match(/^\.+$/)) req.headers.host = req.headers.host.replace(/\.$/g, ""); if (!req.headers.host.match(/^\.+$/)) req.headers.host = req.headers.host.replace(/\.$/g, "");
} }
if (!isProxy) serverconsole.reqmessage("Client " + ((!reqip || reqip == "") ? "[unknown client]" : (reqip + ((reqport && reqport !== 0) && reqport != "" ? ":" + reqport : ""))) + " wants " + (req.method == "GET" ? "content in " : (req.method == "POST" ? "to post content in " : (req.method == "PUT" ? "to add content in " : (req.method == "DELETE" ? "to delete content in " : (req.method == "PATCH" ? "to patch content in " : "to access content using " + req.method + " method in "))))) + (req.headers.host == undefined ? "" : req.headers.host) + req.url); serverconsole.reqmessage("Client " + ((!reqip || reqip == "") ? "[unknown client]" : (reqip + ((reqport && reqport !== 0) && reqport != "" ? ":" + reqport : ""))) + " wants " + (req.method == "GET" ? "content in " : (req.method == "POST" ? "to post content in " : (req.method == "PUT" ? "to add content in " : (req.method == "DELETE" ? "to delete content in " : (req.method == "PATCH" ? "to patch content in " : "to access content using " + req.method + " method in "))))) + ((req.headers.host == undefined || !isProxy) ? "" : req.headers.host) + req.url);
else serverconsole.reqmessage("Client " + ((!reqip || reqip == "") ? "[unknown client]" : (reqip + ((reqport && reqport !== 0) && reqport != "" ? ":" + reqport : ""))) + " wants " + (req.method == "GET" ? "content in " : (req.method == "POST" ? "to post content in " : (req.method == "PUT" ? "to add content in " : (req.method == "DELETE" ? "to delete content in " : (req.method == "PATCH" ? "to patch content in " : "to access content using " + req.method + " method in "))))) + req.url);
if (req.headers["user-agent"] != undefined) serverconsole.reqmessage("Client uses " + req.headers["user-agent"]); if (req.headers["user-agent"] != undefined) serverconsole.reqmessage("Client uses " + req.headers["user-agent"]);
if (oldHostHeader && oldHostHeader != req.headers.host) serverconsole.resmessage("Host name rewritten: " + oldHostHeader + " => " + req.headers.host); if (oldHostHeader && oldHostHeader != req.headers.host) serverconsole.resmessage("Host name rewritten: " + oldHostHeader + " => " + req.headers.host);
@ -3464,7 +3463,7 @@ if (!cluster.isPrimary) {
if (isProxy) { if (isProxy) {
var eheaders = getCustomHeaders(); var eheaders = getCustomHeaders();
eheaders["Content-Type"] = "text/html; charset=utf-8"; eheaders["Content-Type"] = "text/html; charset=utf-8";
res.writeHead(501, "Not Implemented", eheaders); res.writeHead(501, http.STATUS_CODES[501], eheaders);
res.write("<html><head><title>Proxy not implemented</title><meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\" /></head><body><h1>Proxy not implemented</h1><p>SVR.JS doesn't support proxy without proxy mod. If you're administator of this server, then install this mod in order to use SVR.JS as a proxy.</p><p><i>" + (exposeServerVersion ? "SVR.JS/" + version + " (" + getOS() + "; " + (process.isBun ? ("Bun/v" + process.versions.bun + "; like Node.JS/" + process.version) : ("Node.JS/" + process.version)) + ")" : "SVR.JS").replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;") + "</i></p></body></html>"); res.write("<html><head><title>Proxy not implemented</title><meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\" /></head><body><h1>Proxy not implemented</h1><p>SVR.JS doesn't support proxy without proxy mod. If you're administator of this server, then install this mod in order to use SVR.JS as a proxy.</p><p><i>" + (exposeServerVersion ? "SVR.JS/" + version + " (" + getOS() + "; " + (process.isBun ? ("Bun/v" + process.versions.bun + "; like Node.JS/" + process.version) : ("Node.JS/" + process.version)) + ")" : "SVR.JS").replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;") + "</i></p></body></html>");
res.end(); res.end();
serverconsole.errmessage("SVR.JS doesn't support proxy without proxy mod."); serverconsole.errmessage("SVR.JS doesn't support proxy without proxy mod.");
@ -3474,7 +3473,7 @@ if (!cluster.isPrimary) {
if (req.method == "OPTIONS") { if (req.method == "OPTIONS") {
var hdss = getCustomHeaders(); var hdss = getCustomHeaders();
hdss["Allow"] = "GET, POST, HEAD, OPTIONS"; hdss["Allow"] = "GET, POST, HEAD, OPTIONS";
res.writeHead(204, "No Content", hdss); res.writeHead(204, http.STATUS_CODES[204], hdss);
res.end(); res.end();
return; return;
} else if (req.method != "GET" && req.method != "POST" && req.method != "HEAD") { } else if (req.method != "GET" && req.method != "POST" && req.method != "HEAD") {
@ -3507,7 +3506,7 @@ if (!cluster.isPrimary) {
var hdhds = getCustomHeaders(); var hdhds = getCustomHeaders();
hdhds["Content-Type"] = "text/html; charset=utf-8"; hdhds["Content-Type"] = "text/html; charset=utf-8";
res.writeHead(200, "OK", hdhds); res.writeHead(200, http.STATUS_CODES[200], hdhds);
res.end((head == "" ? "<html><head><title>SVR.JS status" + (req.headers.host == undefined ? "" : " for " + String(req.headers.host).replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;")) + "</title><meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\" /></head><body>" : head.replace(/<head>/i, "<head><title>SVR.JS status" + (req.headers.host == undefined ? "" : " for " + String(req.headers.host).replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;")) + "</title>")) + "<h1>SVR.JS status" + (req.headers.host == undefined ? "" : " for " + String(req.headers.host).replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;")) + "</h1>" + statusBody + (foot == "" ? "</body></html>" : foot)); res.end((head == "" ? "<html><head><title>SVR.JS status" + (req.headers.host == undefined ? "" : " for " + String(req.headers.host).replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;")) + "</title><meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\" /></head><body>" : head.replace(/<head>/i, "<head><title>SVR.JS status" + (req.headers.host == undefined ? "" : " for " + String(req.headers.host).replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;")) + "</title>")) + "<h1>SVR.JS status" + (req.headers.host == undefined ? "" : " for " + String(req.headers.host).replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;")) + "</h1>" + statusBody + (foot == "" ? "</body></html>" : foot));
return; return;
} }
@ -3704,25 +3703,15 @@ if (!cluster.isPrimary) {
var estats = filelist[i].stats; var estats = filelist[i].stats;
var ename = filelist[i].name; var ename = filelist[i].name;
if (filelist[i].errored) { if (filelist[i].errored) {
if (estats) { directoryListingRows.push(
directoryListingRows.push( "<tr><td style=\"width: 24px;\"><img src=\"/.dirimages/bad.png\" alt=\"[BAD]\" width=\"24px\" height=\"24px\" /></td><td style=\"word-wrap: break-word; word-break: break-word; overflow-wrap: break-word;\"><a href=\"" +
"<tr><td style=\"width: 24px;\"><img src=\"/.dirimages/bad.png\" alt=\"[BAD]\" width=\"24px\" height=\"24px\" /></td><td style=\"word-wrap: break-word; word-break: break-word; overflow-wrap: break-word;\"><a href=\"" + (href + "/" + encodeURI(ename)).replace(/\/+/g, "/") +
(href + "/" + encodeURI(ename)).replace(/\/+/g, "/") + "\">" +
"\"><nocode>" + ename.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;") +
ename.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;") + "</a></td><td>-</td><td>" +
"</nocode></a></td><td>-</td><td>" + (estats ? estats.mtime.toDateString() : "-") +
estats.mtime.toDateString() + "</td></tr>\r\n"
"</td></tr>\r\n" );
);
} else {
directoryListingRows.push(
"<tr><td style=\"width: 24px;\"><img src=\"/.dirimages/bad.png\" alt=\"[BAD]\" width=\"24px\" height=\"24px\" /></td><td style=\"word-wrap: break-word; word-break: break-word; overflow-wrap: break-word;\"><a href=\"" +
(href + "/" + encodeURI(ename)).replace(/\/+/g, "/") +
"\"><nocode>" +
ename.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;") +
"</nocode></a></td><td>-</td><td>-</td></tr>\r\n"
);
}
} else { } else {
var entry = "<tr><td style=\"width: 24px;\"><img src=\"[img]\" alt=\"[alt]\" width=\"24px\" height=\"24px\" /></td><td style=\"word-wrap: break-word; word-break: break-word; overflow-wrap: break-word;\"><a href=\"" + var entry = "<tr><td style=\"width: 24px;\"><img src=\"[img]\" alt=\"[alt]\" width=\"24px\" height=\"24px\" /></td><td style=\"word-wrap: break-word; word-break: break-word; overflow-wrap: break-word;\"><a href=\"" +
(origHref + "/" + encodeURIComponent(ename)).replace(/\/+/g, "/") + (origHref + "/" + encodeURIComponent(ename)).replace(/\/+/g, "/") +
@ -3881,7 +3870,7 @@ if (!cluster.isPrimary) {
if (clientETag === fileETag) { if (clientETag === fileETag) {
var headers = getCustomHeaders(); var headers = getCustomHeaders();
headers.ETag = clientETag; headers.ETag = clientETag;
res.writeHead(304, "Not Modified", headers); res.writeHead(304, http.STATUS_CODES[304], headers);
res.end(); res.end();
return; return;
} }
@ -4099,14 +4088,11 @@ if (!cluster.isPrimary) {
} }
try { try {
// scan blacklist // Scan the block list
if (blacklist.check(reqip) && href != "/favicon.ico") { if (blocklist.check(reqip)) {
// Return client blocked message // Invoke 403 Forbidden error
var bheaders = getCustomHeaders(); callServerError(403);
bheaders["Content-Type"] = "text/html; charset=utf8"; serverconsole.errmessage("Client is in the block list.");
res.writeHead(403, "Client blocked", bheaders);
res.write("<!DOCTYPE html><html><head><title>Access denied - SVR.JS</title><meta name=\"viewport\" content=\"width=device-width, initial-scale=1\"><br/><meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\" /></head><body><div style=\"height: auto; width: 70%; border-style: solid; border-width: 5; border-color: red; text-align: center; margin: 0 auto;\"><h1>ACCESS DENIED</h1><p style=\"font-size:20px\">Request from " + reqip + " is denied. The client is now in the blacklist.</p><p style=\"font-style: italic; font-weight: normal;\">SVR.JS/" + version + " (" + getOS() + "; " + (process.isBun ? ("Bun/v" + process.versions.bun + "; like Node.JS/" + process.version) : ("Node.JS/" + process.version)) + ")" + (req.headers.host == undefined ? "" : " on " + String(req.headers.host).replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;")) + "</p></div></body></html>");
serverconsole.errmessage("Client blocked");
return; return;
} }
@ -4116,7 +4102,7 @@ if (!cluster.isPrimary) {
// Respond with list of methods // Respond with list of methods
var hdss = getCustomHeaders(); var hdss = getCustomHeaders();
hdss["Allow"] = "GET, POST, HEAD, OPTIONS"; hdss["Allow"] = "GET, POST, HEAD, OPTIONS";
res.writeHead(204, "No Content", hdss); res.writeHead(204, http.STATUS_CODES[204], hdss);
res.end(); res.end();
return; return;
} else { } else {
@ -4542,21 +4528,17 @@ if (!cluster.isPrimary) {
} }
redirect(location, nonscode.scode == 302 || nonscode.scode == 307, nonscode.scode == 307 || nonscode.scode == 308); redirect(location, nonscode.scode == 302 || nonscode.scode == 307, nonscode.scode == 307 || nonscode.scode == 308);
return; return;
} else if (nonscode.scode == 403) {
callServerError(403);
serverconsole.errmessage("Content blocked.");
return;
} else if (nonscode.scode == 410) {
callServerError(410);
serverconsole.errmessage("Content is gone.");
return;
} else if (nonscode.scode == 418) {
callServerError(418);
serverconsole.errmessage("SVR.JS is always a teapot ;)");
return;
} else { } else {
callServerError(nonscode.scode); callServerError(nonscode.scode);
serverconsole.errmessage("Client fails receiving content."); if (nonscode.scode == 403) {
serverconsole.errmessage("Content blocked.");
} else if (nonscode.scode == 410) {
serverconsole.errmessage("Content is gone.");
} else if (nonscode.scode == 418) {
serverconsole.errmessage("SVR.JS is always a teapot ;)");
} else {
serverconsole.errmessage("Client fails receiving content.");
}
return; return;
} }
} }
@ -4569,8 +4551,7 @@ if (!cluster.isPrimary) {
function checkIfPasswordMatches(list, password, callback, _i) { function checkIfPasswordMatches(list, password, callback, _i) {
if (!_i) _i = 0; if (!_i) _i = 0;
var cb = function (hash) { var cb = function (hash) {
var matches = (hash == list[_i].pass); if (hash == list[_i].pass) {
if (matches) {
callback(true); callback(true);
} else if (_i >= list.length - 1) { } else if (_i >= list.length - 1) {
callback(false); callback(false);
@ -4665,17 +4646,36 @@ if (!cluster.isPrimary) {
var username = decodedCredentialsMatch[1]; var username = decodedCredentialsMatch[1];
var password = decodedCredentialsMatch[2]; var password = decodedCredentialsMatch[2];
var usernameMatch = []; var usernameMatch = [];
var sha256Count = 0;
var pbkdf2Count = 0;
var scryptCount = 0;
if (!authcode.userList || authcode.userList.indexOf(username) > -1) { if (!authcode.userList || authcode.userList.indexOf(username) > -1) {
usernameMatch = users.filter(function (entry) { usernameMatch = users.filter(function (entry) {
if(entry.scrypt) {
scryptCount++;
} else if(entry.pbkdf2) {
pbkdf2Count++;
} else {
sha256Count++;
}
return entry.name == username; return entry.name == username;
}); });
} }
if (usernameMatch.length == 0) { if (usernameMatch.length == 0) {
usernameMatch.push({ // Pushing false user match to prevent time-based user enumeration
var fakeCredentials = {
name: username, name: username,
pass: "FAKEPASS", pass: "SVRJSAWebServerRunningOnNodeJS",
salt: "FAKESALT" salt: "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0"
}); // Fake credentials };
if (!process.isBun) {
if (scryptCount > sha256Count && scryptCount > pbkdf2Count) {
fakeCredentials.scrypt = true;
} else if (pbkdf2Count > sha256Count) {
fakeCredentials.pbkdf2 = true;
}
}
usernameMatch.push(fakeCredentials);
} }
checkIfPasswordMatches(usernameMatch, password, function (authorized) { checkIfPasswordMatches(usernameMatch, password, function (authorized) {
try { try {
@ -5025,7 +5025,7 @@ function start(init) {
if (init) { if (init) {
for (i = 0; i < logo.length; i++) console.log(logo[i]); // Print logo for (i = 0; i < logo.length; i++) console.log(logo[i]); // Print logo
console.log(); console.log();
console.log("Welcome to SVR.JS - a web server running on Node.JS"); console.log("Welcome to \x1b[1mSVR.JS - a web server running on Node.JS\x1b[0m");
// Print warnings // Print warnings
if (version.indexOf("Nightly-") === 0) serverconsole.locwarnmessage("This version is only for test purposes and may be unstable."); if (version.indexOf("Nightly-") === 0) serverconsole.locwarnmessage("This version is only for test purposes and may be unstable.");
@ -5042,6 +5042,7 @@ function start(init) {
if (cluster.isPrimary === undefined) serverconsole.locwarnmessage("You're running SVR.JS on single thread. Reliability may suffer, as the server is stopped after crash."); if (cluster.isPrimary === undefined) serverconsole.locwarnmessage("You're running SVR.JS on single thread. Reliability may suffer, as the server is stopped after crash.");
if (crypto.__disabled__ !== undefined) serverconsole.locwarnmessage("Your Node.JS version doesn't have crypto support! The 'crypto' module is essential for providing cryptographic functionality in Node.JS. Without crypto support, certain security features may be unavailable, and some functionality may not work as expected. It's recommended to use a Node.JS version that includes crypto support to ensure the security and proper functioning of your server."); if (crypto.__disabled__ !== undefined) serverconsole.locwarnmessage("Your Node.JS version doesn't have crypto support! The 'crypto' module is essential for providing cryptographic functionality in Node.JS. Without crypto support, certain security features may be unavailable, and some functionality may not work as expected. It's recommended to use a Node.JS version that includes crypto support to ensure the security and proper functioning of your server.");
if (crypto.__disabled__ === undefined && !crypto.scrypt) serverconsole.locwarnmessage("Your JavaScript runtime doesn't have native scrypt support. HTTP authentication involving scrypt hashes will not work."); if (crypto.__disabled__ === undefined && !crypto.scrypt) serverconsole.locwarnmessage("Your JavaScript runtime doesn't have native scrypt support. HTTP authentication involving scrypt hashes will not work.");
if (!process.isBun && /^v(?:[0-9]\.|1[0-7]\.|18\.(?:[0-9]|1[0-8])\.|18\.19\.0|20\.(?:[0-9]|10)\.|20\.11\.0|21\.[0-5]\.|21\.6\.0|21\.6\.1(?![0-9]))/.test(process.version)) serverconsole.locwarnmessage("Your Node.JS version is vulnerable to HTTP server DoS (CVE-2024-22019).");
if (process.getuid && process.getuid() == 0) serverconsole.locwarnmessage("You're running SVR.JS as root. It's recommended to run SVR.JS as an non-root user. Running SVR.JS as root may increase the risks of OS command execution vulnerabilities."); if (process.getuid && process.getuid() == 0) serverconsole.locwarnmessage("You're running SVR.JS as root. It's recommended to run SVR.JS as an non-root user. Running SVR.JS as root may increase the risks of OS command execution vulnerabilities.");
if (secure && process.versions && process.versions.openssl && process.versions.openssl.substr(0, 2) == "1.") { if (secure && process.versions && process.versions.openssl && process.versions.openssl.substr(0, 2) == "1.") {
if (new Date() > new Date("11 September 2023")) { if (new Date() > new Date("11 September 2023")) {
@ -5240,11 +5241,11 @@ function start(init) {
else if (!cluster.isPrimary) process.send("Cannot block non-existent IP."); else if (!cluster.isPrimary) process.send("Cannot block non-existent IP.");
} else { } else {
for (var i = 0; i < ip.length; i++) { for (var i = 0; i < ip.length; i++) {
if (ip[i].indexOf(":") == -1) { if (ip[i] != "localhost" && ip[i].indexOf(":") == -1) {
ip[i] = "::ffff:" + ip[i]; ip[i] = "::ffff:" + ip[i];
} }
if (!blacklist.check(ip[i])) { if (!blocklist.check(ip[i])) {
blacklist.add(ip[i]); blocklist.add(ip[i]);
} }
} }
if (cluster.isPrimary === undefined) serverconsole.climessage("IPs successfully blocked."); if (cluster.isPrimary === undefined) serverconsole.climessage("IPs successfully blocked.");
@ -5260,7 +5261,7 @@ function start(init) {
if (ip[i].indexOf(":") == -1) { if (ip[i].indexOf(":") == -1) {
ip[i] = "::ffff:" + ip[i]; ip[i] = "::ffff:" + ip[i];
} }
blacklist.remove(ip[i]); blocklist.remove(ip[i]);
} }
if (cluster.isPrimary === undefined) serverconsole.climessage("IPs successfully unblocked."); if (cluster.isPrimary === undefined) serverconsole.climessage("IPs successfully unblocked.");
else if (!cluster.isPrimary) process.send("IPs successfully unblocked."); else if (!cluster.isPrimary) process.send("IPs successfully unblocked.");
@ -5437,7 +5438,7 @@ function start(init) {
} catch (err) { } catch (err) {
// Nevermind... Don't want SVR.JS to fail starting, because os.freemem function is not working. // Nevermind... Don't want SVR.JS to fail starting, because os.freemem function is not working.
} }
if (cpus < 1) cpus = 1; // If SVR.JS is run on Haiku or if useAvailableCores = 0 if (cpus < 1) cpus = 1; // If SVR.JS is running on Haiku or if useAvailableCores = 0
for (var i = 0; i < cpus; i++) { for (var i = 0; i < cpus; i++) {
if (i == 0) { if (i == 0) {
SVRJSFork(); SVRJSFork();
@ -5759,7 +5760,7 @@ function saveConfig() {
delete configJSONobj.domian; delete configJSONobj.domian;
if (configJSONobj.page404 === undefined) configJSONobj.page404 = "404.html"; if (configJSONobj.page404 === undefined) configJSONobj.page404 = "404.html";
configJSONobj.timestamp = timestamp; configJSONobj.timestamp = timestamp;
configJSONobj.blacklist = blacklist.raw; configJSONobj.blacklist = blocklist.raw;
if (configJSONobj.nonStandardCodes === undefined) configJSONobj.nonStandardCodes = []; if (configJSONobj.nonStandardCodes === undefined) configJSONobj.nonStandardCodes = [];
if (configJSONobj.enableCompression === undefined) configJSONobj.enableCompression = true; if (configJSONobj.enableCompression === undefined) configJSONobj.enableCompression = true;
if (configJSONobj.customHeaders === undefined) configJSONobj.customHeaders = {}; if (configJSONobj.customHeaders === undefined) configJSONobj.customHeaders = {};

4
tests.html
View file

@ -1,7 +1,7 @@
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<head> <head>
<title>SVR.JS 3.14.5 Tests</title> <title>SVR.JS 3.14.6 Tests</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta charset="UTF-8" /> <meta charset="UTF-8" />
<style> <style>
@ -12,7 +12,7 @@
</style> </style>
</head> </head>
<body> <body>
<h1>SVR.JS 3.14.5 Tests</h1> <h1>SVR.JS 3.14.6 Tests</h1>
<h2>Directory (without trailing slash)</h2> <h2>Directory (without trailing slash)</h2>
<iframe src="/testdir" width="50%" height="300px"></iframe> <iframe src="/testdir" width="50%" height="300px"></iframe>
<h2>Directory (with query)</h2> <h2>Directory (with query)</h2>