Spaces:

anews9340
/

proxy1

Paused

App Files Files Community

anews9340 commited on Dec 3, 2025

Commit

915f34a

verified ·

1 Parent(s): 7263496

Update simple-proxy.js

Browse files

Files changed (1) hide show

simple-proxy.js +126 -78

simple-proxy.js CHANGED Viewed

@@ -5,22 +5,13 @@ import { URL } from 'node:url';
 // Configuration
 const CONFIG = {
-    // Port - Hugging Face provides this via PORT environment variable
     PORT: process.env.PORT || 8080,
-    // Allowed domains - customize this list for your needs
-    ALLOWED_DOMAINS: [
-        'huggingface.co',
-        'googleapis.com',
-        'example.com',
-        '*.example.com' // Allow subdomains
-    ],
-    // Enable logging
     LOG_REQUESTS: process.env.LOG_REQUESTS !== 'false',
-    // Timeout settings (ms)
-    CONNECT_TIMEOUT: 30000
 };
 // Logging helper
@@ -32,15 +23,20 @@ const logger = {
 // Check if domain is allowed
 function isDomainAllowed(hostname) {
     for (const pattern of CONFIG.ALLOWED_DOMAINS) {
-        if (pattern.startsWith('*.')) {
-            // Wildcard subdomain matching
-            const baseDomain = pattern.slice(2);
             if (hostname === baseDomain || hostname.endsWith(`.${baseDomain}`)) {
                 return true;
             }
-        } else if (hostname === pattern) {
-            return true;
         }
     }
     return false;
@@ -48,6 +44,25 @@ function isDomainAllowed(hostname) {
 // Create HTTP server
 const server = http.createServer((req, res) => {
     // Only CONNECT method is supported for HTTPS proxying
     res.writeHead(405, {
         'Content-Type': 'application/json',
@@ -55,77 +70,103 @@ const server = http.createServer((req, res) => {
     });
     res.end(JSON.stringify({
         error: 'Method Not Allowed',
-        message: 'This proxy only supports CONNECT method for HTTPS tunneling'
     }));
 });
 // Handle CONNECT requests (HTTPS tunneling)
 server.on('connect', (req, clientSocket, head) => {
-    const { hostname, port } = new URL(`http://${req.url}`);
-    const targetPort = port || '443';
-    if (CONFIG.LOG_REQUESTS) {
-        logger.info(`CONNECT ${hostname}:${targetPort} from ${req.socket.remoteAddress}`);
-    }
-    // Security checks
-    if (targetPort !== '443') {
-        logger.warn(`Blocked non-HTTPS port: ${targetPort}`);
-        clientSocket.end('HTTP/1.1 403 Forbidden\r\n\r\nNon-HTTPS ports not allowed');
-        return;
-    }
-    if (!isDomainAllowed(hostname)) {
-        logger.warn(`Blocked domain: ${hostname}`);
-        clientSocket.end('HTTP/1.1 403 Forbidden\r\n\r\nDomain not allowed');
-        return;
-    }
-    // Connect to target server
-    const serverSocket = net.connect({
-        host: hostname,
-        port: targetPort,
-        timeout: CONFIG.CONNECT_TIMEOUT
-    });
-    // Handle successful connection
-    serverSocket.on('connect', () => {
-        clientSocket.write('HTTP/1.1 200 Connection Established\r\n\r\n');
-        serverSocket.write(head);
-        // Pipe data between client and server
-        serverSocket.pipe(clientSocket);
-        clientSocket.pipe(serverSocket);
         if (CONFIG.LOG_REQUESTS) {
-            logger.info(`Connected to ${hostname}:${targetPort}`);
         }
-    });
-    // Handle errors
-    serverSocket.on('error', (err) => {
-        logger.error(`Connection error to ${hostname}:${targetPort} - ${err.message}`);
-        clientSocket.end('HTTP/1.1 502 Bad Gateway\r\n\r\n');
-    });
-    clientSocket.on('error', (err) => {
-        logger.error(`Client socket error: ${err.message}`);
-        serverSocket.destroy();
-    });
-    // Handle timeouts
-    serverSocket.setTimeout(CONFIG.CONNECT_TIMEOUT, () => {
-        logger.warn(`Timeout connecting to ${hostname}:${targetPort}`);
-        clientSocket.end('HTTP/1.1 504 Gateway Timeout\r\n\r\n');
-        serverSocket.destroy();
-    });
 });
 // Start server
-server.listen(CONFIG.PORT, () => {
-    logger.info(`Secure HTTPS Proxy Server started on port ${CONFIG.PORT}`);
-    logger.info(`Allowed domains: ${CONFIG.ALLOWED_DOMAINS.join(', ')}`);
-    logger.info(`Ready to accept CONNECT requests`);
 });
 // Handle graceful shutdown
@@ -135,4 +176,11 @@ process.on('SIGTERM', () => {
         logger.info('Server closed');
         process.exit(0);
     });
 });

 // Configuration
 const CONFIG = {
     PORT: process.env.PORT || 8080,
+    ALLOWED_DOMAINS: process.env.ALLOWED_DOMAINS
+        ? process.env.ALLOWED_DOMAINS.split(',')
+        : ['huggingface.co', 'googleapis.com', 'gemini.google.com'],
     LOG_REQUESTS: process.env.LOG_REQUESTS !== 'false',
+    CONNECT_TIMEOUT: 30000,
+    MAX_REQUEST_SIZE: 1024 * 1024 * 10 // 10MB
 };
 // Logging helper
 // Check if domain is allowed
 function isDomainAllowed(hostname) {
+    if (CONFIG.ALLOWED_DOMAINS.includes('*')) return true;
     for (const pattern of CONFIG.ALLOWED_DOMAINS) {
+        const trimmedPattern = pattern.trim();
+        // Exact match
+        if (hostname === trimmedPattern) return true;
+        // Wildcard subdomain matching
+        if (trimmedPattern.startsWith('*.')) {
+            const baseDomain = trimmedPattern.slice(2);
             if (hostname === baseDomain || hostname.endsWith(`.${baseDomain}`)) {
                 return true;
             }
         }
     }
     return false;
 // Create HTTP server
 const server = http.createServer((req, res) => {
+    // Basic info endpoint
+    if (req.url === '/' && req.method === 'GET') {
+        res.writeHead(200, {
+            'Content-Type': 'application/json',
+            'Access-Control-Allow-Origin': '*'
+        });
+        res.end(JSON.stringify({
+            service: 'HTTPS Proxy Server',
+            version: '1.0.0',
+            status: 'running',
+            allowed_domains: CONFIG.ALLOWED_DOMAINS,
+            endpoints: {
+                proxy: 'CONNECT method for HTTPS tunneling',
+                info: 'GET / for service information'
+            }
+        }));
+        return;
+    }
     // Only CONNECT method is supported for HTTPS proxying
     res.writeHead(405, {
         'Content-Type': 'application/json',
     });
     res.end(JSON.stringify({
         error: 'Method Not Allowed',
+        message: 'This proxy only supports CONNECT method for HTTPS tunneling',
+        allowed_methods: ['CONNECT', 'GET']
     }));
 });
 // Handle CONNECT requests (HTTPS tunneling)
 server.on('connect', (req, clientSocket, head) => {
+    const startTime = Date.now();
+    try {
+        const { hostname, port } = new URL(`http://${req.url}`);
+        const targetPort = port || '443';
         if (CONFIG.LOG_REQUESTS) {
+            logger.info(`CONNECT ${hostname}:${targetPort} from ${req.socket.remoteAddress}`);
         }
+        // Security checks
+        if (targetPort !== '443') {
+            logger.warn(`Blocked non-HTTPS port: ${targetPort}`);
+            clientSocket.end('HTTP/1.1 403 Forbidden\r\n\r\nNon-HTTPS ports not allowed');
+            return;
+        }
+        if (!isDomainAllowed(hostname)) {
+            logger.warn(`Blocked domain: ${hostname}`);
+            clientSocket.end('HTTP/1.1 403 Forbidden\r\n\r\nDomain not allowed');
+            return;
+        }
+        // Connect to target server
+        const serverSocket = net.connect({
+            host: hostname,
+            port: targetPort,
+            timeout: CONFIG.CONNECT_TIMEOUT
+        });
+        // Handle successful connection
+        serverSocket.on('connect', () => {
+            clientSocket.write('HTTP/1.1 200 Connection Established\r\n\r\n');
+            if (head && head.length > 0) {
+                serverSocket.write(head);
+            }
+            // Pipe data between client and server
+            serverSocket.pipe(clientSocket);
+            clientSocket.pipe(serverSocket);
+            if (CONFIG.LOG_REQUESTS) {
+                const duration = Date.now() - startTime;
+                logger.info(`Connected to ${hostname}:${targetPort} in ${duration}ms`);
+            }
+        });
+        // Handle errors
+        serverSocket.on('error', (err) => {
+            logger.error(`Connection error to ${hostname}:${targetPort} - ${err.message}`);
+            clientSocket.end('HTTP/1.1 502 Bad Gateway\r\n\r\n');
+        });
+        clientSocket.on('error', (err) => {
+            logger.error(`Client socket error: ${err.message}`);
+            serverSocket.destroy();
+        });
+        // Handle timeouts
+        serverSocket.setTimeout(CONFIG.CONNECT_TIMEOUT, () => {
+            logger.warn(`Timeout connecting to ${hostname}:${targetPort}`);
+            clientSocket.end('HTTP/1.1 504 Gateway Timeout\r\n\r\n');
+            serverSocket.destroy();
+        });
+        // Handle socket close
+        clientSocket.on('close', () => {
+            serverSocket.end();
+        });
+    } catch (error) {
+        logger.error(`Request parsing error: ${error.message}`);
+        clientSocket.end('HTTP/1.1 400 Bad Request\r\n\r\n');
+    }
+});
+// Error handling for server
+server.on('error', (err) => {
+    logger.error(`Server error: ${err.message}`);
 });
 // Start server
+server.listen(CONFIG.PORT, '0.0.0.0', () => {
+    logger.info(`=== HTTPS Proxy Server Started ===`);
+    logger.info(`Port: ${CONFIG.PORT}`);
+    logger.info(`Allowed Domains: ${CONFIG.ALLOWED_DOMAINS.join(', ')}`);
+    logger.info(`Logging: ${CONFIG.LOG_REQUESTS ? 'Enabled' : 'Disabled'}`);
+    logger.info(`Health Check: http://localhost:${CONFIG.PORT}/`);
+    logger.info(`================================`);
 });
 // Handle graceful shutdown
         logger.info('Server closed');
         process.exit(0);
     });
+});
+process.on('SIGINT', () => {
+    logger.info('Received SIGINT, shutting down');
+    server.close(() => {
+        process.exit(0);
+    });
 });