mirror of
https://github.com/DIYgod/RSSHub.git
synced 2025-12-09 23:00:48 +08:00
feat: support ua in blacklist and whitelist
This commit is contained in:
DIYgod
@@ -386,7 +386,7 @@ RSSHub supports access control via access key/code, whitelisting and blacklistin
|
||||
|
||||
- `BLACKLIST`: the blacklist
|
||||
|
||||
White/blacklisting support IP and route as values. Use `,` as the delimiter to separate multiple values, eg: `WHITELIST=1.1.1.1,2.2.2.2,/qdaily/column/59`
|
||||
White/blacklisting support IP, route and UA as values, fuzzy matching. Use `,` as the delimiter to separate multiple values, eg: `WHITELIST=1.1.1.1,2.2.2.2,/qdaily/column/59`
|
||||
|
||||
#### Access Key/Code
|
||||
|
||||
|
||||
@@ -413,7 +413,7 @@ RSSHub 支持使用访问密钥 / 码,白名单和黑名单三种方式进行
|
||||
|
||||
- `BLACKLIST`: 黑名单
|
||||
|
||||
黑白名单支持 IP 和路由,设置多项时用英文逗号 `,` 隔开,例如 `WHITELIST=1.1.1.1,2.2.2.2,/qdaily/column/59`
|
||||
黑白名单支持 IP、路由和 UA,模糊匹配,设置多项时用英文逗号 `,` 隔开,例如 `WHITELIST=1.1.1.1,2.2.2.2,/qdaily/column/59`
|
||||
|
||||
#### 访问密钥 / 码
|
||||
|
||||
|
||||
@@ -11,6 +11,7 @@ const reject = (ctx) => {
|
||||
module.exports = async (ctx, next) => {
|
||||
const ip = ctx.ips[0] || ctx.ip;
|
||||
const requestPath = ctx.request.path;
|
||||
const requestUA = ctx.request.header['user-agent'];
|
||||
const accessKey = ctx.query.key;
|
||||
const accessCode = ctx.query.code;
|
||||
|
||||
@@ -38,13 +39,13 @@ module.exports = async (ctx, next) => {
|
||||
}
|
||||
|
||||
if (config.whitelist) {
|
||||
if (config.whitelist.includes(ip) || config.whitelist.includes(requestPath)) {
|
||||
if (config.whitelist.find((white) => ip.includes(white) || requestPath.includes(white) || requestUA.includes(white))) {
|
||||
return await grant();
|
||||
}
|
||||
}
|
||||
|
||||
if (config.blacklist) {
|
||||
if (!(config.blacklist.includes(ip) || config.blacklist.includes(requestPath))) {
|
||||
if (!config.blacklist.find((black) => ip.includes(black) || requestPath.includes(black) || requestUA.includes(black))) {
|
||||
return await grant();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -20,7 +20,7 @@ describe('access-control', () => {
|
||||
it(`blacklist`, async () => {
|
||||
const key = '1L0veRSSHub';
|
||||
const code = md5('/test/2' + key);
|
||||
process.env.BLACKLIST = '/test/1,233.233.233.233';
|
||||
process.env.BLACKLIST = 'est/1,233.233.233.,black';
|
||||
process.env.ACCESS_KEY = key;
|
||||
server = require('../../lib/index');
|
||||
const request = supertest(server);
|
||||
@@ -31,12 +31,18 @@ describe('access-control', () => {
|
||||
const response12 = await request.get('/test/1').set('X-Forwarded-For', '233.233.233.233');
|
||||
checkBlock(response12);
|
||||
|
||||
const response13 = await request.get('/test/1').set('user-agent', 'blackua');
|
||||
checkBlock(response13);
|
||||
|
||||
const response21 = await request.get('/test/2');
|
||||
expect(response21.status).toBe(200);
|
||||
|
||||
const response22 = await request.get('/test/2').set('X-Forwarded-For', '233.233.233.233');
|
||||
checkBlock(response22);
|
||||
|
||||
const response23 = await request.get('/test/2').set('user-agent', 'blackua');
|
||||
checkBlock(response23);
|
||||
|
||||
// wrong key/code, not on blacklist
|
||||
const response311 = await request.get(`/test/2?key=wrong+${key}`);
|
||||
expect(response311.status).toBe(200);
|
||||
@@ -62,7 +68,7 @@ describe('access-control', () => {
|
||||
it(`whitelist`, async () => {
|
||||
const key = '1L0veRSSHub';
|
||||
const code = md5('/test/2' + key);
|
||||
process.env.WHITELIST = '/test/1,233.233.233.233';
|
||||
process.env.WHITELIST = 'est/1,233.233.233.,white';
|
||||
process.env.ACCESS_KEY = key;
|
||||
server = require('../../lib/index');
|
||||
const request = supertest(server);
|
||||
@@ -79,12 +85,18 @@ describe('access-control', () => {
|
||||
const response12 = await request.get('/test/1').set('X-Forwarded-For', '233.233.233.233');
|
||||
expect(response12.status).toBe(200);
|
||||
|
||||
const response13 = await request.get('/test/1').set('user-agent', 'whiteua');
|
||||
expect(response13.status).toBe(200);
|
||||
|
||||
const response21 = await request.get('/test/2');
|
||||
checkBlock(response21);
|
||||
|
||||
const response22 = await request.get('/test/2').set('X-Forwarded-For', '233.233.233.233');
|
||||
expect(response22.status).toBe(200);
|
||||
|
||||
const response23 = await request.get('/test/2').set('user-agent', 'whiteua');
|
||||
expect(response23.status).toBe(200);
|
||||
|
||||
// wrong key/code, not on whitelist
|
||||
const response311 = await request.get(`/test/2?code=wrong+${code}`);
|
||||
checkBlock(response311);
|
||||
|
||||
Reference in New Issue
Block a user