correct logic for strict mode #83 #72

nondanee · May 7, 2019 · dfd4368 · palfans · May 7, 2019 · nondanee
1 parent f1d3e44
commit dfd4368
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 5 deletions.
diff --git a/app.js b/app.js
@@ -57,9 +57,11 @@ const server = require('./server')
 global.port = config.port
 global.proxy = config.proxyUrl ? parse(config.proxyUrl) : null
 global.hosts = {}, hook.target.host.forEach(host => global.hosts[host] = config.forceHost)
-config.strict ? server.whitelist = ['music.163.com', 'music.126.net', 'vod.126.net'] : server.blanklist = []
+server.whitelist = ['music.163.com', 'music.126.net', 'vod.126.net']
+if(config.strict) server.blacklist.push('.*')
 server.authentication = config.token || null
 global.endpoint = config.endpoint
+if(config.endpoint) server.whitelist.push(config.endpoint.replace(/^.+\/\//, ''))
 
 const dns = host => new Promise((resolve, reject) => require('dns').lookup(host, {all: true}, (error, records) => error? reject(error) : resolve(records.map(record => record.address))))
 const httpdns = host => require('./request')('POST', 'http://music.httpdns.c.163.com/d', {}, host).then(response => response.json()).then(jsonBody => jsonBody.dns[0].ips)

diff --git a/server.js b/server.js
@@ -52,7 +52,7 @@ const proxy = {
 		if(ctx.socket)
 			console.log('TUNNEL', mark, ctx.req.url)
 		else
-			console.log('MITM', mark, parse(ctx.req.url).host)
+			console.log('MITM', mark, parse(ctx.req.url).host, ctx.req.socket.encrypted ? '(ssl)' : '')
 	},
 	authenticate: ctx => {
 		const req = ctx.req
@@ -70,7 +70,7 @@ const proxy = {
 	filter: ctx => {
 		const url = parse(ctx.req.url)
 		const match = pattern => url.href.search(new RegExp(pattern, 'g')) != -1
-		if(!ctx.decision){
+		if(!(ctx.decision || ctx.req.local)){
 			try{
 				let allow = server.whitelist.some(match)
 				let deny = server.blacklist.some(match)
@@ -170,8 +170,8 @@ const server = {
 	https: require('https').createServer(options).on('request', proxy.core.mitm).on('connect', proxy.core.tunnel)
 }
 
-server.whitelist = ['.*']
-server.blacklist = ['.*']
+server.whitelist = []
+server.blacklist = ['//127\.\d+\.\d+\.\d+', '//localhost']
 server.authentication = null
 
 module.exports = server