aheh/MasterHttpRelayVPN
1
0
Fork 0
mirror of https://github.com/masterking32/MasterHttpRelayVPN.git synced 2026-05-17 21:24:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

feat: enhance error handling in batch processing & fix ip leaking

Browse Source
This commit is contained in:
Abolfazl
2026-04-28 22:46:42 +03:30
parent a3c3c58404
commit 1e165357b8
1 changed files with 63 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apps_script/Code.gs
+62 -16
View File
@@ -1,10 +1,5 @@
/**
* DomainFront Relay — Google Apps Script
*
* TWO modes:
* 1. Single: POST { k, m, u, h, b, ct, r } → { s, h, b }
* 2. Batch: POST { k, q: [{m,u,h,b,ct,r}, ...] } → { q: [{s,h,b}, ...] }
* Uses UrlFetchApp.fetchAll() — all URLs fetched IN PARALLEL.
* MasterHttpRelay — Google Apps Script
*
* DEPLOYMENT:
* 1. Go to https://script.google.com → New project
@@ -20,12 +15,20 @@ const AUTH_KEY = "CHANGE_ME_TO_A_STRONG_SECRET";
// Keep browser capability headers (sec-ch-ua*, sec-fetch-*) intact.
// Some modern apps, notably Google Meet, use them for browser gating.
// Headers that reveal the user's real IP are also stripped here as a
// second line of defence (the Python client strips them first).
const SKIP_HEADERS = {
host: 1, connection: 1, "content-length": 1,
"transfer-encoding": 1, "proxy-connection": 1, "proxy-authorization": 1,
"priority": 1, te: 1,
// IP-leaking / proxy-metadata headers
"x-forwarded-for": 1, "x-forwarded-host": 1, "x-forwarded-proto": 1,
"x-forwarded-port": 1, "x-real-ip": 1, "forwarded": 1, "via": 1,
};
// If fetchAll fails, only retry methods that are safe to replay.
const SAFE_REPLAY_METHODS = { GET: 1, HEAD: 1, OPTIONS: 1 };
function doPost(e) {
try {
var req = JSON.parse(e.postData.contents);
@@ -56,37 +59,80 @@ function _doSingle(req) {
function _doBatch(items) {
var fetchArgs = [];
var fetchIndex = [];
var fetchMethods = [];
var errorMap = {};
for (var i = 0; i < items.length; i++) {
var item = items[i];
if (!item || typeof item !== "object") {
errorMap[i] = "bad item";
continue;
}
if (!item.u || typeof item.u !== "string" || !item.u.match(/^https?:\/\//i)) {
errorMap[i] = "bad url";
continue;
}
var opts = _buildOpts(item);
opts.url = item.u;
fetchArgs.push({ _i: i, _o: opts });
try {
var opts = _buildOpts(item);
opts.url = item.u;
fetchArgs.push(opts);
fetchIndex.push(i);
fetchMethods.push(String(item.m || "GET").toUpperCase());
} catch (err) {
errorMap[i] = String(err);
}
}
// fetchAll() processes all requests in parallel inside Google
var responses = [];
if (fetchArgs.length > 0) {
responses = UrlFetchApp.fetchAll(fetchArgs.map(function(x) { return x._o; }));
try {
responses = UrlFetchApp.fetchAll(fetchArgs);
} catch (err) {
// If fetchAll fails as a whole, degrade to per-item fetch so one bad
// request does not poison the full batch.
responses = [];
for (var j = 0; j < fetchArgs.length; j++) {
try {
if (!SAFE_REPLAY_METHODS[fetchMethods[j]]) {
errorMap[fetchIndex[j]] = "batch fetchAll failed; unsafe method not replayed";
responses[j] = null;
continue;
}
var fallbackReq = fetchArgs[j];
var fallbackUrl = fallbackReq.url;
var fallbackOpts = {};
for (var key in fallbackReq) {
if (Object.prototype.hasOwnProperty.call(fallbackReq, key) && key !== "url") {
fallbackOpts[key] = fallbackReq[key];
}
}
responses[j] = UrlFetchApp.fetch(fallbackUrl, fallbackOpts);
} catch (singleErr) {
errorMap[fetchIndex[j]] = String(singleErr);
responses[j] = null;
}
}
}
}
var results = [];
var rIdx = 0;
for (var i = 0; i < items.length; i++) {
if (errorMap.hasOwnProperty(i)) {
if (Object.prototype.hasOwnProperty.call(errorMap, i)) {
results.push({ e: errorMap[i] });
} else {
var resp = responses[rIdx++];
results.push({
s: resp.getResponseCode(),
h: _respHeaders(resp),
b: Utilities.base64Encode(resp.getContent()),
});
if (!resp) {
results.push({ e: "fetch failed" });
} else {
results.push({
s: resp.getResponseCode(),
h: _respHeaders(resp),
b: Utilities.base64Encode(resp.getContent()),
});
}
}
}
return _json({ q: results });