1
0
Fork 0
forked from svrjs/svrjs

Update to SVR.JS 3.7.0

This commit is contained in:
Dorian Niemiec 2023-08-20 03:14:24 +02:00
parent d15373aa8e
commit 46a256d31f
10 changed files with 1021 additions and 651 deletions

1
.gitignore vendored
View file

@ -1 +1,2 @@
commit.sh
log

View file

@ -3,7 +3,7 @@
"port": 80,
"pubport": 80,
"page404": "404.html",
"timestamp": 1680954429282,
"timestamp": 1692493855777,
"blacklist": [],
"nonStandardCodes": [],
"enableCompression": true,
@ -77,10 +77,17 @@
}
],
"allowStatus": true,
"dontCompress": ["/.*\\.ipxe$/","/.*\\.img$/","/.*\\.iso$/"],
"dontCompress": [
"/.*\\.ipxe$/",
"/.*\\.img$/",
"/.*\\.iso$/"
],
"enableIPSpoofing": false,
"secure": false,
"sni": {},
"disableNonEncryptedServer": false,
"disableToHTTPSRedirect": false
"disableToHTTPSRedirect": false,
"enableETag": true,
"disableUnusedWorkerTermination": false,
"rewriteDirtyURLs": false
}

View file

@ -1,7 +1,7 @@
<!DOCTYPE html>
<html>
<head>
<title>SVR.JS 3.6.4</title>
<title>SVR.JS 3.7.0</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta charset="UTF-8" />
<style>
@ -12,7 +12,7 @@
</style>
</head>
<body>
<h1>Welcome to SVR.JS 3.6.4</h1>
<h1>Welcome to SVR.JS 3.7.0</h1>
<br/>
<img src="/logo.png" style="width: 256px;" />
<br/>
@ -65,7 +65,7 @@
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"replacement": ""<br/>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;}<br/>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;]<br/>
&nbsp;&nbsp;&nbsp;&nbsp;},<br/>3.4.13
&nbsp;&nbsp;&nbsp;&nbsp;},<br/>
&nbsp;&nbsp;&nbsp;&nbsp;{<br/>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"definingRegex": "/\\/invoke500\\/.+/",<br/>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"replacements": [<br/>
@ -110,7 +110,23 @@
</div>
<p>Changes:</p>
<ul>
<li>Improved reliability while loading server-side JavaScript.</li>
<li>Added new config.json property - disableUnusedWorkerTermination.</li>
<li>Added option to rewrite "dirty" URLs - rewriteDirtyURLs.</li>
<li>Added PBKDF2 and scrypt support for HTTP authentication.</li>
<li>Added termination of unused workers.</li>
<li>Changed descriptions of 501 and 503 errors.</li>
<li>Disabled checking for hung up server processes, while SVR.JS is not yet listening.</li>
<li>Disabled open proxy in default server-side JavaScript.</li>
<li>Disabled X-SVR-JS-From-Main-Thread header for non-localhost clients.</li>
<li>EMFILE errors now correspond to 503 Service Unavailable error code.</li>
<li>Fixed NotImplementedError in "cluster" module when running SVR.JS on newer versions of Bun.</li>
<li>Fixed redirect loops related to URL sanitizer.</li>
<li>Fixed SVR.JS proxy API.</li>
<li>Improved Bun IPC shim connection error handling.</li>
<li>Improved extension checking function in directory listing generation.</li>
<li>Improved server error handling for Bun.</li>
<li>SVR.JS now exits gracefully on "stop" command.</li>
<li>Updated svrpasswd tool.</li>
</ul>
<p>Bugs:</p>
<ul>

View file

@ -1,7 +1,7 @@
<!DOCTYPE html>
<html>
<head>
<title>SVR.JS 3.6.4 Licenses</title>
<title>SVR.JS 3.7.0 Licenses</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta charset="UTF-8" />
<style>
@ -12,8 +12,8 @@
</style>
</head>
<body>
<h1>SVR.JS 3.6.4 Licenses</h1>
<h2>SVR.JS 3.6.4</h2>
<h1>SVR.JS 3.7.0 Licenses</h1>
<h2>SVR.JS 3.7.0</h2>
<div style="display: inline-block; text-align: left; border-width: 2px; border-style: solid; border-color: gray; padding: 8px;">
MIT License<br/>
<br/>
@ -37,7 +37,7 @@
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE<br/>
SOFTWARE.<br/>
</div>
<h2>Packages used by SVR.JS 3.6.4 and utilities</h2>
<h2>Packages used by SVR.JS 3.7.0 and utilities</h2>
<div style="width: 100%; background-color: #ccc; border: 1px solid green; text-align: left; margin: 10px 0;">
<div style="float: right;">License: MIT</div>
<div style="font-size: 20px;">

BIN
mods/easteregg.tar.gz Normal file

Binary file not shown.

View file

@ -62,13 +62,19 @@ if(href == "/hello.svr") {
callServerError(403,"SVR.JS-exampleproxy"); //Server error
serverconsole.errmessage("Client fails to recieve content."); //Log into SVR.JS
} else if(href.indexOf("/proxy.svr/") == 0) {
var hn = href.split("/")[2]; //Hostname
if(hn != "this" && !(req.socket.realRemoteAddress ? req.socket.realRemoteAddress : req.socket.remoteAddress).match(/^(?:localhost$|::1$|f[c-d][0-9a-f]{2}:|(?:::ffff:)?(?:(?:127|10)\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}|192\.168\.[0-9]{1,3}\.[0-9]{1,3}|172\.(?:1[6-9]|2[0-9]|3[0-1])\.[0-9]{1,3}\.[0-9]{1,3})$)/i) ) {
//Prevent open proxy
callServerError(403,"SVR.JS-exampleproxy"); //Server error
serverconsole.errmessage("Client fails to recieve content."); //Log into SVR.JS
}
var hdrs = req.headers;
hdrs["Host"] = (href.split("/")[2] == "this" ? req.headers.host : href.split("/")[2]);
hdrs["Host"] = (hn == "this" ? req.headers.host : hn);
hdrs["Origin"] = (req.headers.host == undefined ? "" : req.headers.host);
var options = {
hostname: (href.split("/")[2] == "this" ? req.headers.host.split(":")[0] : href.split("/")[2].split(":")[0]),
port: (href.split("/")[2] == "this" ? req.headers.host.split(":")[1] : (href.split("/")[2].split(":")[1] == undefined ? 80 : href.split("/")[2].split(":")[1])),
path: req.url.replace("/proxy.svr/" + href.split("/")[2],""),
hostname: (hn == "this" ? req.headers.host.split(":")[0] : hn.split(":")[0]),
port: (hn == "this" ? req.headers.host.split(":")[1] : (hn.split(":")[1] == undefined ? 80 : hn.split(":")[1])),
path: req.url.replace("/proxy.svr/" + hn,""),
method: req.method,
headers: filterHeaders(hdrs)
};

1155
svr.js

File diff suppressed because it is too large Load diff

View file

@ -196,42 +196,58 @@ function saveConfig() {
var args = process.argv;
var user = "";
var action = "change";
var forcechange = false;
if (process.argv.length <= (process.argv[0].indexOf("node") > -1 || process.argv[0].indexOf("bun") > -1 ? 2 : 1)) args.push("-h");
for (var i = (process.argv[0].indexOf("node") > -1 || process.argv[0].indexOf("bun") > -1 ? 2 : 1); i < args.length; i++) {
if (args[i] == "-h" || args[i] == "--help" || args[i] == "-?" || args[i] == "/h" || args[i] == "/?") {
console.log("SVR.JS user tool usage:");
console.log("node svrpasswd.js [-h] [--help] [-?] [/h] [/?] [-a|--add|-d|--delete] <username>");
console.log("node svrpasswd.js [-h] [--help] [-?] [/h] [/?] [-x] [-a|--add|-d|--delete] <username>");
console.log("-h -? /h /? --help -- Displays help");
console.log("-a --add -- Add an user");
console.log("-d --delete -- Deletes an user");
console.log("-x -- Changes hash algorithm");
process.exit(0);
} else if (args[i] == "-a" || args[i] == "--add") {
if (action != "change") {
console.log("Multiple actions specified.");
console.log("node svrpasswd.js [-h] [--help] [-?] [/h] [/?] [-a|--add|-d|--delete] <username>");
console.log("node svrpasswd.js [-h] [--help] [-?] [/h] [/?] [-x] [-a|--add|-d|--delete] <username>");
console.log("-h -? /h /? --help -- Displays help");
console.log("-a --add -- Add an user");
console.log("-d --delete -- Deletes an user");
console.log("-x -- Changes hash algorithm");
process.exit(1);
}
action = "add";
} else if (args[i] == "-d" || args[i] == "--delete") {
if (action != "change") {
console.log("Multiple actions specified.");
console.log("node svrpasswd.js [-h] [--help] [-?] [/h] [/?] [-a|--add|-d|--delete] <username>");
console.log("node svrpasswd.js [-h] [--help] [-?] [/h] [/?] [-x] [-a|--add|-d|--delete] <username>");
console.log("-h -? /h /? --help -- Displays help");
console.log("-a --add -- Add an user");
console.log("-d --delete -- Deletes an user");
console.log("-x -- Changes hash algorithm");
process.exit(1);
}
action = "delete";
} else {
if (user != "") {
console.log("Multiple users specified.");
console.log("node svrpasswd.js [-h] [--help] [-?] [/h] [/?] [-a|--add|-d|--delete] <username>");
} else if (args[i] == "-x") {
if (forcechange) {
console.log("Multiple -x options specified.");
console.log("node svrpasswd.js [-h] [--help] [-?] [/h] [/?] [-x] [-a|--add|-d|--delete] <username>");
console.log("-h -? /h /? --help -- Displays help");
console.log("-a --add -- Add an user");
console.log("-d --delete -- Deletes an user");
console.log("-x -- Changes hash algorithm");
process.exit(1);
}
forcechange = true;
} else {
if (user != "") {
console.log("Multiple users specified.");
console.log("node svrpasswd.js [-h] [--help] [-?] [/h] [/?] [-x] [-a|--add|-d|--delete] <username>");
console.log("-h -? /h /? --help -- Displays help");
console.log("-a --add -- Add an user");
console.log("-d --delete -- Deletes an user");
console.log("-x -- Changes hash algorithm");
process.exit(1);
}
user = args[i];
@ -240,10 +256,11 @@ for (var i = (process.argv[0].indexOf("node") > -1 || process.argv[0].indexOf("b
if (user == "") {
console.log("No user specified.");
console.log("node svrpasswd.js [-h] [--help] [-?] [/h] [/?] [-a|--add|-d|--delete] <username>");
console.log("node svrpasswd.js [-h] [--help] [-?] [/h] [/?] [-x] [-a|--add|-d|--delete] <username>");
console.log("-h -? /h /? --help -- Displays help");
console.log("-a --add -- Add an user");
console.log("-d --delete -- Deletes an user");
console.log("-x -- Changes hash algorithm");
process.exit(1);
}
@ -277,28 +294,72 @@ function password(callback) {
var rl = readline.createInterface({
input: process.stdin,
output: process.stdout,
prompt: 'Password: ',
terminal: false
prompt: 'Password: '
});
rl.prompt();
rl.once('line', (line) => {
//rl.close();
process.stdout.writeold = process.stdout.write;
process.stdout.write = function (s) {
process.stdout.writeold(s.replace(/[^\r\n]/g, ""));
};
rl.once('line', function (line) {
process.stdout.write = process.stdout.writeold;
var rl = readline.createInterface({
input: process.stdin,
output: process.stdout,
prompt: 'Confirm password: ',
terminal: false
});
rl.prompt();
rl.on('line', (line2) => {
process.stdout.writeold = process.stdout.write;
process.stdout.write = function (s) {
process.stdout.writeold(s.replace(/[^\r\n]/g, ""));
};
rl.on('line', function (line2) {
process.stdout.write = process.stdout.writeold;
rl.close();
if (line != line2) callback(false);
else callback(line);
});
});
}
function promptAlgorithms(callback, bypass, pbkdf2, scrypt) {
if (bypass) {
if (scrypt) {
callback("scrypt");
} else if(pbkdf2) {
callback("pbkdf2");
} else {
callback("sha256");
}
return;
}
var algorithms = {
sha256: "Salted SHA256 (1 iteration) - fastest and uses least memory, but less secure",
pbkdf2: "PBKDF2 (PBKDF2-HMAC-SHA512, 36250 iterations) - more secure and uses less memory, but slower",
scrypt: "scrypt (N=2^14, r=8, p=1) - faster and more secure, but uses more memory"
}
if (!crypto.scrypt || process.isBun) delete algorithms.scrypt;
if (!crypto.pbkdf2 || process.isBun) delete algorithms.pbkdf2;
var algorithmNames = Object.keys(algorithms);
if (algorithmNames.length < 2) callback(algorithmNames[0]);
console.log("Select password hashing algorithm. Available algorithms:");
for (var i = 0; i < algorithmNames.length; i++) {
console.log(algorithmNames[i] + " - " + algorithms[algorithmNames[i]]);
}
var rl = readline.createInterface({
input: process.stdin,
output: process.stdout,
prompt: 'Algorithm: '
});
rl.prompt();
rl.on('line', function (line) {
rl.close();
line = line.trim();
if (!algorithms[line]) callback(false);
else callback(line);
});
}
var userindex = getUserIndex(user);
if (action == "add" && userindex != -1) {
console.log("User alerady exists.");
@ -312,35 +373,71 @@ if (action == "delete") {
saveConfig();
console.log("User deleted successfully");
} else if (action == "add") {
promptAlgorithms(function (algorithm) {
if (!algorithm) {
console.log("Invalid algorithm!");
process.exit(1);
} else {
password(function (password) {
if (!password) {
console.log("Passwords don't match!");
process.exit(1);
} else {
var salt = generateSalt()
var salt = generateSalt();
var hash = "";
if (algorithm == "scrypt") {
hash = crypto.scryptSync(password, salt, 64).toString("hex");
} else if (algorithm == "pbkdf2") {
hash = crypto.pbkdf2Sync(password, salt, 36250, 64, "sha512").toString("hex");
} else {
hash = sha256(password + salt);
}
users.push({
name: user,
pass: sha256(password + salt),
salt: salt
pass: hash,
salt: salt,
pbkdf2: (algorithm == "pbkdf2" ? true : undefined),
scrypt: (algorithm == "scrypt" ? true : undefined),
__svrpasswd_l2: true
});
saveConfig();
console.log("User added successfully");
}
});
}
});
} else {
promptAlgorithms(function (algorithm) {
if (!algorithm) {
console.log("Invalid algorithm!");
process.exit(1);
} else {
password(function (password) {
if (!password) {
console.log("Passwords don't match!");
process.exit(1);
} else {
var salt = generateSalt()
var salt = generateSalt();
var hash = "";
if (algorithm == "scrypt") {
hash = crypto.scryptSync(password, salt, 64).toString("hex");
} else if (algorithm == "pbkdf2") {
hash = crypto.pbkdf2Sync(password, salt, 36250, 64, "sha512").toString("hex");
} else {
hash = sha256(password + salt);
}
users[userindex] = {
name: user,
pass: sha256(password + salt),
salt: salt
pass: hash,
salt: salt,
pbkdf2: (algorithm == "pbkdf2" ? true : undefined),
scrypt: (algorithm == "scrypt" ? true : undefined),
__svrpasswd_l2: true
};
saveConfig();
console.log("Password changed successfully");
}
});
}
}, (users[userindex].__svrpasswd_l2 && !forcechange), users[userindex].pbkdf2, users[userindex].scrypt);
}

View file

@ -1,7 +1,7 @@
<!DOCTYPE html>
<html>
<head>
<title>SVR.JS 3.6.4 Tests</title>
<title>SVR.JS 3.7.0 Tests</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta charset="UTF-8" />
<style>
@ -12,7 +12,7 @@
</style>
</head>
<body>
<h1>SVR.JS 3.6.4 Tests</h1>
<h1>SVR.JS 3.7.0 Tests</h1>
<h2>Directory</h2>
<iframe src="/testdir" width="50%" height="300px"></iframe>
<h2>Directory (with query)</h2>

View file

@ -1 +1 @@
0
1