YellowSquare now no longer sets AUTH_TYPE and REMOTE_USER environment value, when 401 code is not specified in SVR.JS configuration.

2024-02-07 01:20:01 +01:00 · 2024-02-07 01:20:01 +01:00 · 93889026c3
commit 93889026c3
parent f03f82dbe4
1 changed files with 39 additions and 4 deletions
--- a/index.js
+++ b/index.js
@ -35,12 +35,41 @@ var disableModExposeSupported = process.versions.svrjs && process.versions.svrjs

 function Mod() {}

-Mod.prototype.callback = function (req, res, serverconsole, responseEnd, href, ext, uobject, search, defaultpage, users, page404, head, foot, fd, elseCallback, configJSON, callServerError, getCustomHeaders, origHref, redirect, parsePostData) {
+Mod.prototype.callback = function (req, res, serverconsole, responseEnd, href, ext, uobject, search, defaultpage, users, page404, head, foot, fd, elseCallback, configJSON, callServerError, getCustomHeaders, origHref, redirect, parsePostData, authUser) {
  return function () {
    if (!configJSON) {
      configJSON = configJSONS;
    }

+    function checkIfThereIsA401Rule() {
+      var actually401 = false;
+
+      function createRegex(regex) {
+        var regexObj = regex.split("/");
+        if (regexObj.length == 0) throw new Error("Invalid regex!");
+        var modifiers = regexObj.pop();
+        regexObj.shift();
+        var searchString = regexObj.join("/");
+        return new RegExp(searchString, modifiers);
+      }
+
+      if(configJSON.nonStandardCodes) {
+        configJSON.nonStandardCodes.every(function (nonscode) {
+          if (nonscode.scode == 401) {
+            if (nonscode.regex && (req.url.match(createRegex(nonscode.regex)) || href.match(createRegex(nonscode.regex)))) {
+              actually401 = true;
+              return true;
+            } else if (nonscode.url && (nonStandardCodes[i].url == href || (os.platform() == "win32" && nonStandardCodes[i].url.toLowerCase() == href.toLowerCase()))) {
+              actually401 = true;
+              return true;
+            }
+          }
+          return false;
+        });
+      }
+      return actually401;
+    }
+
    if (!getCustomHeaders) {
      var bheaders = JSON.parse(JSON.stringify(configJSON.customHeaders));
    } else {
@ -171,11 +200,16 @@ Mod.prototype.callback = function (req, res, serverconsole, responseEnd, href, e

    }

-    function executeSCGIWithEnv(a, req, res, pubip, port, software, dh) {
+    function executeSCGIWithEnv(a, req, res, pubip, port, software, dh, user) {
      // Function to set up environment variables and execute sCGI scripts
      var b = href.replace(scgiConf.path,"")
      var nEnv = {};
-      if (req.headers.authorization) {
+      if (typeof user != "undefined") {
+        if (user !== null) {
+          if (req.headers.authorization) nEnv["AUTH_TYPE"] = req.headers.authorization.split(" ")[0];
+          nEnv["REMOTE_USER"] = user;
+        }
+      } else if (req.headers.authorization && (typeof checkIfThereIsA401Rule == "undefined" || checkIfThereIsA401Rule())) {
        nEnv["AUTH_TYPE"] = req.headers.authorization.split(" ")[0];
        if (nEnv["AUTH_TYPE"] == "Basic") {
          var remoteCred = req.headers.authorization.split(" ")[1];
@ -251,7 +285,8 @@ Mod.prototype.callback = function (req, res, serverconsole, responseEnd, href, e
          process.version +
          ") OrangeCircle/" +
          version,
-          bheaders
+          bheaders,
+          authUser
        );
      } catch (ex) {
        if (!callServerError) {