aheh/mhr-cfw
1
0
Fork 0
mirror of https://github.com/denuitt1/mhr-cfw.git synced 2026-05-17 21:24:36 +03:00
Code Issues Packages Projects Releases Wiki Activity

remove script/

Browse Source
This commit is contained in:
lapp
2026-05-06 15:36:51 -07:00
parent fd21ab6490
commit 07325bb451
3 changed files with 0 additions and 452 deletions
Download Patch File Download Diff File Expand all files Collapse all files
script/Code.gs
-131
View File
@@ -1,131 +0,0 @@
// Google Apps Script File
const AUTH_KEY = "STRONG_SECRET_KEY";
const WORKER_URL = "https://example.workers.dev";
const SKIP_HEADERS = {
host: 1, connection: 1, "content-length": 1,
"transfer-encoding": 1, "proxy-connection": 1, "proxy-authorization": 1,
};
function doPost(e) {
try {
var req = JSON.parse(e.postData.contents);
if (req.k !== AUTH_KEY) return _json({ e: "unauthorized" });
if (Array.isArray(req.q)) return _doBatch(req.q);
return _doSingle(req);
} catch (err) {
return _json({ e: String(err) });
}
}
function _doSingle(req) {
if (!req.u || typeof req.u !== "string" || !req.u.match(/^https?:\/\//i)) {
return _json({ e: "bad url" });
}
var payload = _buildWorkerPayload(req);
var resp = UrlFetchApp.fetch(WORKER_URL, {
method: "post",
contentType: "application/json",
payload: JSON.stringify(payload),
muteHttpExceptions: true,
followRedirects: true
});
try {
return _json(JSON.parse(resp.getContentText()));
} catch (e) {
return _json({ e: "invalid worker response", raw: resp.getContentText() });
}
}
function _doBatch(items) {
var fetchArgs = [];
var errorMap = {};
for (var i = 0; i < items.length; i++) {
var item = items[i];
if (!item.u || typeof item.u !== "string" || !item.u.match(/^https?:\/\//i)) {
errorMap[i] = "bad url";
continue;
}
var payload = _buildWorkerPayload(item);
fetchArgs.push({
_i: i,
_o: {
url: WORKER_URL,
method: "post",
contentType: "application/json",
payload: JSON.stringify(payload),
muteHttpExceptions: true,
followRedirects: true
}
});
}
var responses = [];
if (fetchArgs.length > 0) {
responses = UrlFetchApp.fetchAll(fetchArgs.map(function(x) { return x._o; }));
}
var results = [];
var rIdx = 0;
for (var i = 0; i < items.length; i++) {
if (errorMap.hasOwnProperty(i)) {
results.push({ e: errorMap[i] });
} else {
var resp = responses[rIdx++];
try {
results.push(JSON.parse(resp.getContentText()));
} catch (e) {
results.push({ e: "invalid worker response", raw: resp.getContentText() });
}
}
}
return _json({ q: results });
}
function _buildWorkerPayload(req) {
var headers = {};
if (req.h && typeof req.h === "object") {
for (var k in req.h) {
if (req.h.hasOwnProperty(k) && !SKIP_HEADERS[k.toLowerCase()]) {
headers[k] = req.h[k];
}
}
}
return {
u: req.u,
m: (req.m || "GET").toUpperCase(),
h: headers,
b: req.b || null,
ct: req.ct || null,
r: req.r !== false
};
}
function doGet(e) {
return HtmlService.createHtmlOutput(
"<!DOCTYPE html><html><head><title>My App</title></head>" +
'<body style="font-family:sans-serif;max-width:600px;margin:40px auto">' +
"<h1>Relay Active</h1><p>Cloudflare Worker routing enabled.</p>" +
"</body></html>"
);
}
function _json(obj) {
return ContentService
.createTextOutput(JSON.stringify(obj))
.setMimeType(ContentService.MimeType.JSON);
}
script/upstream_forwarder.js
-143
View File
@@ -1,143 +0,0 @@
// Upstream Forwarder — single-file Node 18+ HTTP server.
//
// Purpose: Provide a stable exit IP for the Cloudflare Worker relay so
// CAPTCHA tokens (Turnstile, reCAPTCHA, hCaptcha) bound to the solving
// IP survive verification on the target site.
//
// Run on a VPS with a stable public IP. Expose behind Caddy/nginx with
// TLS — the Worker rejects non-HTTPS forwarder URLs.
//
// Required env:
// AUTH_KEY — must match the Worker's UPSTREAM_AUTH_KEY (>= 32 chars)
//
// Optional env:
// PORT — listen port (default 8787)
// HOST — listen host (default 127.0.0.1, so Caddy/nginx fronts it)
//
// Wire protocol matches main/script/worker.js:
// POST /fwd body: { u, m, h, b, ct, r } → { s, h, b } or { e }
"use strict";
const http = require("http");
const AUTH_KEY = process.env.AUTH_KEY || "";
const PORT = parseInt(process.env.PORT, 10) || 8787;
const HOST = process.env.HOST || "127.0.0.1";
if (!AUTH_KEY || AUTH_KEY.length < 32) {
console.error("FATAL: AUTH_KEY env var missing or shorter than 32 chars.");
process.exit(1);
}
// Mirrors SKIP_HEADERS in main/script/Code.gs:6-9.
const SKIP_HEADERS = new Set([
"host",
"connection",
"content-length",
"transfer-encoding",
"proxy-connection",
"proxy-authorization"
]);
const STATUS_PAGE =
"<!DOCTYPE html><html><head><title>Forwarder Active</title></head>" +
'<body style="font-family:sans-serif;max-width:600px;margin:40px auto">' +
'<h1>Forwarder <span style="color:#16a34a;font-weight:700">Active</span></h1>' +
"<p>Upstream forwarder for the relay Worker.</p>" +
"</body></html>";
const server = http.createServer(async (req, res) => {
try {
if (req.method === "GET" && (req.url === "/" || req.url === "")) {
res.writeHead(200, { "content-type": "text/html; charset=utf-8" });
res.end(STATUS_PAGE);
return;
}
if (req.method !== "POST" || req.url !== "/fwd") {
sendJson(res, 404, { e: "not found" });
return;
}
if (req.headers["x-upstream-auth"] !== AUTH_KEY) {
sendJson(res, 401, { e: "unauthorized" });
return;
}
const raw = await readBody(req);
let body;
try {
body = JSON.parse(raw);
} catch (_) {
sendJson(res, 400, { e: "invalid json" });
return;
}
if (!body.u || typeof body.u !== "string" || !/^https?:\/\//i.test(body.u)) {
sendJson(res, 400, { e: "bad url" });
return;
}
const headers = {};
if (body.h && typeof body.h === "object") {
for (const [k, v] of Object.entries(body.h)) {
if (typeof v !== "string") continue;
if (SKIP_HEADERS.has(k.toLowerCase())) continue;
headers[k] = v;
}
}
headers["x-fwd-hop"] = "1";
const fetchOptions = {
method: (body.m || "GET").toUpperCase(),
headers,
redirect: body.r === false ? "manual" : "follow"
};
if (body.b) {
fetchOptions.body = Buffer.from(body.b, "base64");
}
let resp;
try {
resp = await fetch(body.u, fetchOptions);
} catch (err) {
sendJson(res, 502, { e: "fetch failed: " + String(err && err.message || err) });
return;
}
const buf = Buffer.from(await resp.arrayBuffer());
const responseHeaders = {};
resp.headers.forEach((v, k) => {
responseHeaders[k] = v;
});
sendJson(res, 200, {
s: resp.status,
h: responseHeaders,
b: buf.toString("base64")
});
} catch (err) {
sendJson(res, 500, { e: String(err && err.message || err) });
}
});
server.listen(PORT, HOST, () => {
console.log("upstream_forwarder listening on " + HOST + ":" + PORT);
});
function readBody(req) {
return new Promise((resolve, reject) => {
const chunks = [];
req.on("data", c => chunks.push(c));
req.on("end", () => resolve(Buffer.concat(chunks).toString("utf8")));
req.on("error", reject);
});
}
function sendJson(res, status, obj) {
const body = JSON.stringify(obj);
res.writeHead(status, { "content-type": "application/json" });
res.end(body);
}
script/worker.js
-178
View File
@@ -1,178 +0,0 @@
// Cloudflare Worker File - v2.0
const WORKER_URL = "myworker.workers.dev";
const DEFAULT_UPSTREAM_TIMEOUT_MS = 25000;
export default {
async fetch(request, env) {
try {
const hop = request.headers.get("x-relay-hop");
const fwdHop = request.headers.get("x-fwd-hop");
if (hop === "1" || fwdHop === "1") {
return json({ e: "loop detected" }, 508);
}
if (request.method == "GET") {
return json({ e: "Relay is Active." }, 200);
}
if (request.method !== "POST") {
return json({ e: "Method not allowed." }, 405);
}
const req = await request.json();
if (!req.u) {
return json({ e: "missing url" }, 400);
}
const targetUrl = new URL(req.u);
const BLOCKED_HOSTS = [
WORKER_URL,
];
if (BLOCKED_HOSTS.some(h => targetUrl.hostname.endsWith(h))) {
return json({ e: "self-fetch blocked" }, 400);
}
const upstreamUrl = (env && env.UPSTREAM_FORWARDER_URL) || "";
if (upstreamUrl) {
const upstreamResp = await forwardViaUpstream(req, env, upstreamUrl);
if (upstreamResp) return upstreamResp;
// fall through to direct fetch only when fail-mode is open
}
const headers = new Headers();
if (req.h && typeof req.h === "object") {
for (const [k, v] of Object.entries(req.h)) {
headers.set(k, v);
}
}
headers.set("x-relay-hop", "1");
const fetchOptions = {
method: (req.m || "GET").toUpperCase(),
headers,
redirect: req.r === false ? "manual" : "follow"
};
if (req.b) {
const binary = Uint8Array.from(atob(req.b), c => c.charCodeAt(0));
fetchOptions.body = binary;
}
const resp = await fetch(targetUrl.toString(), fetchOptions);
// Read response safely (no stack overflow)
const buffer = await resp.arrayBuffer();
const uint8 = new Uint8Array(buffer);
let binary = "";
const chunkSize = 0x8000; // prevent call stack overflow
for (let i = 0; i < uint8.length; i += chunkSize) {
binary += String.fromCharCode.apply(
null,
uint8.subarray(i, i + chunkSize)
);
}
const base64 = btoa(binary);
const responseHeaders = {};
resp.headers.forEach((v, k) => {
responseHeaders[k] = v;
});
return json({
s: resp.status,
h: responseHeaders,
b: base64
});
} catch (err) {
return json({ e: String(err) }, 500);
}
}
};
async function forwardViaUpstream(req, env, upstreamUrl) {
const failMode = (env.UPSTREAM_FAIL_MODE || "closed").toLowerCase();
const timeoutMs = parseInt(env.UPSTREAM_TIMEOUT_MS, 10) || DEFAULT_UPSTREAM_TIMEOUT_MS;
const authKey = env.UPSTREAM_AUTH_KEY || "";
let parsed;
try {
parsed = new URL(upstreamUrl);
} catch (_) {
return upstreamFailure("invalid UPSTREAM_FORWARDER_URL", failMode);
}
if (parsed.protocol !== "https:") {
return upstreamFailure("UPSTREAM_FORWARDER_URL must be https://", failMode);
}
if (parsed.hostname.endsWith(WORKER_URL)) {
return upstreamFailure("self-forward blocked", failMode);
}
if (!authKey) {
return upstreamFailure("UPSTREAM_AUTH_KEY missing", failMode);
}
const payload = {
u: req.u,
m: req.m,
h: req.h,
b: req.b,
ct: req.ct,
r: req.r
};
const controller = new AbortController();
const timer = setTimeout(() => controller.abort(), timeoutMs);
try {
const resp = await fetch(upstreamUrl, {
method: "POST",
headers: {
"content-type": "application/json",
"x-upstream-auth": authKey
},
body: JSON.stringify(payload),
signal: controller.signal
});
if (!resp.ok) {
return upstreamFailure("forwarder status " + resp.status, failMode);
}
// Pass body straight through without parsing — saves CPU and memory.
const body = await resp.text();
return new Response(body, {
status: 200,
headers: { "content-type": "application/json" }
});
} catch (err) {
return upstreamFailure(String(err && err.message || err), failMode);
} finally {
clearTimeout(timer);
}
}
function upstreamFailure(reason, failMode) {
if (failMode === "open") {
console.warn("upstream forwarder failed (falling back to direct):", reason);
return null; // signals caller to fall through to direct fetch
}
return json({ e: "upstream forwarder failed: " + reason }, 502);
}
function json(obj, status = 200) {
return new Response(JSON.stringify(obj), {
status,
headers: {
"content-type": "application/json"
}
});
}