Create simple-proxy.js

simple-proxy.js

@@ -0,0 +1,138 @@
+// simple-proxy.js - Enhanced version for Hugging Face Spaces
+import http from 'node:http';
+import net from 'node:net';
+import { URL } from 'node:url';
+
+// Configuration
+const CONFIG = {
+    // Port - Hugging Face provides this via PORT environment variable
+    PORT: process.env.PORT || 8080,
+    
+    // Allowed domains - customize this list for your needs
+    ALLOWED_DOMAINS: [
+        'huggingface.co',
+        'googleapis.com',
+        'example.com',
+        '*.example.com' // Allow subdomains
+    ],
+    
+    // Enable logging
+    LOG_REQUESTS: process.env.LOG_REQUESTS !== 'false',
+    
+    // Timeout settings (ms)
+    CONNECT_TIMEOUT: 30000
+};
+
+// Logging helper
+const logger = {
+    info: (msg) => console.log(`[INFO] ${new Date().toISOString()} - ${msg}`),
+    error: (msg) => console.error(`[ERROR] ${new Date().toISOString()} - ${msg}`),
+    warn: (msg) => console.warn(`[WARN] ${new Date().toISOString()} - ${msg}`)
+};
+
+// Check if domain is allowed
+function isDomainAllowed(hostname) {
+    for (const pattern of CONFIG.ALLOWED_DOMAINS) {
+        if (pattern.startsWith('*.')) {
+            // Wildcard subdomain matching
+            const baseDomain = pattern.slice(2);
+            if (hostname === baseDomain || hostname.endsWith(`.${baseDomain}`)) {
+                return true;
+            }
+        } else if (hostname === pattern) {
+            return true;
+        }
+    }
+    return false;
+}
+
+// Create HTTP server
+const server = http.createServer((req, res) => {
+    // Only CONNECT method is supported for HTTPS proxying
+    res.writeHead(405, { 
+        'Content-Type': 'application/json',
+        'Access-Control-Allow-Origin': '*'
+    });
+    res.end(JSON.stringify({
+        error: 'Method Not Allowed',
+        message: 'This proxy only supports CONNECT method for HTTPS tunneling'
+    }));
+});
+
+// Handle CONNECT requests (HTTPS tunneling)
+server.on('connect', (req, clientSocket, head) => {
+    const { hostname, port } = new URL(`http://${req.url}`);
+    const targetPort = port || '443';
+    
+    if (CONFIG.LOG_REQUESTS) {
+        logger.info(`CONNECT ${hostname}:${targetPort} from ${req.socket.remoteAddress}`);
+    }
+    
+    // Security checks
+    if (targetPort !== '443') {
+        logger.warn(`Blocked non-HTTPS port: ${targetPort}`);
+        clientSocket.end('HTTP/1.1 403 Forbidden\r\n\r\nNon-HTTPS ports not allowed');
+        return;
+    }
+    
+    if (!isDomainAllowed(hostname)) {
+        logger.warn(`Blocked domain: ${hostname}`);
+        clientSocket.end('HTTP/1.1 403 Forbidden\r\n\r\nDomain not allowed');
+        return;
+    }
+    
+    // Connect to target server
+    const serverSocket = net.connect({
+        host: hostname,
+        port: targetPort,
+        timeout: CONFIG.CONNECT_TIMEOUT
+    });
+    
+    // Handle successful connection
+    serverSocket.on('connect', () => {
+        clientSocket.write('HTTP/1.1 200 Connection Established\r\n\r\n');
+        serverSocket.write(head);
+        
+        // Pipe data between client and server
+        serverSocket.pipe(clientSocket);
+        clientSocket.pipe(serverSocket);
+        
+        if (CONFIG.LOG_REQUESTS) {
+            logger.info(`Connected to ${hostname}:${targetPort}`);
+        }
+    });
+    
+    // Handle errors
+    serverSocket.on('error', (err) => {
+        logger.error(`Connection error to ${hostname}:${targetPort} - ${err.message}`);
+        clientSocket.end('HTTP/1.1 502 Bad Gateway\r\n\r\n');
+    });
+    
+    clientSocket.on('error', (err) => {
+        logger.error(`Client socket error: ${err.message}`);
+        serverSocket.destroy();
+    });
+    
+    // Handle timeouts
+    serverSocket.setTimeout(CONFIG.CONNECT_TIMEOUT, () => {
+        logger.warn(`Timeout connecting to ${hostname}:${targetPort}`);
+        clientSocket.end('HTTP/1.1 504 Gateway Timeout\r\n\r\n');
+        serverSocket.destroy();
+    });
+});
+
+// Start server
+server.listen(CONFIG.PORT, () => {
+    logger.info(`Secure HTTPS Proxy Server started on port ${CONFIG.PORT}`);
+    logger.info(`Allowed domains: ${CONFIG.ALLOWED_DOMAINS.join(', ')}`);
+    logger.info(`Ready to accept CONNECT requests`);
+});
+
+// Handle graceful shutdown
+process.on('SIGTERM', () => {
+    logger.info('Received SIGTERM, shutting down gracefully');
+    server.close(() => {
+        logger.info('Server closed');
+        process.exit(0);
+    });
+});