Upload app.py
Browse files
app.py
CHANGED
|
@@ -97,24 +97,20 @@ def _is_origin_allowed(request: Request) -> bool:
|
|
| 97 |
|
| 98 |
print(f"請求來源檢查 - Origin: {origin}, Referer: {referer}, User-Agent: {user_agent}")
|
| 99 |
|
| 100 |
-
# 檢查
|
| 101 |
-
|
| 102 |
-
|
| 103 |
-
|
| 104 |
-
|
| 105 |
-
|
| 106 |
-
|
| 107 |
-
|
| 108 |
-
|
| 109 |
-
|
| 110 |
-
if referer.startswith(allowed_origin):
|
| 111 |
-
print(f"✅ Referer 匹配: {referer} 匹配 {allowed_origin}")
|
| 112 |
-
return True
|
| 113 |
-
|
| 114 |
-
# 檢查是否為 GAS 沙箱環境(沒有 Origin/Referer 但有標準瀏覽器 User-Agent)
|
| 115 |
-
if not origin and not referer and "mozilla" in user_agent.lower():
|
| 116 |
print("⚠️ 檢測到可能的 GAS 沙箱請求")
|
| 117 |
-
|
|
|
|
|
|
|
| 118 |
# 檢查是否有組織標識標頭
|
| 119 |
org_header = request.headers.get("x-organization")
|
| 120 |
if org_header:
|
|
@@ -131,10 +127,23 @@ def _is_origin_allowed(request: Request) -> bool:
|
|
| 131 |
print("✅ 自定義驗證標頭通過")
|
| 132 |
return True
|
| 133 |
|
| 134 |
-
print("⚠️ 沒有
|
| 135 |
print("⚠️ 建議在 GAS 中添加 'x-organization' 或 'x-dfes-verified' 標頭")
|
| 136 |
return True
|
| 137 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 138 |
# 允許來自 Hugging Face Spaces 的直接調用
|
| 139 |
if "huggingface" in user_agent.lower():
|
| 140 |
print("✅ 檢測到 Hugging Face Spaces 環境")
|
|
|
|
| 97 |
|
| 98 |
print(f"請求來源檢查 - Origin: {origin}, Referer: {referer}, User-Agent: {user_agent}")
|
| 99 |
|
| 100 |
+
# 檢查是否為 GAS 環境(有 script.googleusercontent.com 的 Origin/Referer)
|
| 101 |
+
is_gas_request = False
|
| 102 |
+
if origin and "script.googleusercontent.com" in origin:
|
| 103 |
+
is_gas_request = True
|
| 104 |
+
print("✅ 檢測到 Google Apps Script Origin")
|
| 105 |
+
elif referer and "script.googleusercontent.com" in referer:
|
| 106 |
+
is_gas_request = True
|
| 107 |
+
print("✅ 檢測到 Google Apps Script Referer")
|
| 108 |
+
elif not origin and not referer and "mozilla" in user_agent.lower():
|
| 109 |
+
is_gas_request = True
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 110 |
print("⚠️ 檢測到可能的 GAS 沙箱請求")
|
| 111 |
+
|
| 112 |
+
# 如果是 GAS 請求,檢查驗證標頭
|
| 113 |
+
if is_gas_request:
|
| 114 |
# 檢查是否有組織標識標頭
|
| 115 |
org_header = request.headers.get("x-organization")
|
| 116 |
if org_header:
|
|
|
|
| 127 |
print("✅ 自定義驗證標頭通過")
|
| 128 |
return True
|
| 129 |
|
| 130 |
+
print("⚠️ GAS 請求但沒有驗證標頭,暫時允許請求")
|
| 131 |
print("⚠️ 建議在 GAS 中添加 'x-organization' 或 'x-dfes-verified' 標頭")
|
| 132 |
return True
|
| 133 |
|
| 134 |
+
# 檢查其他允許的來源(一般網頁)
|
| 135 |
+
if origin:
|
| 136 |
+
for allowed_origin in ALLOWED_ORIGINS:
|
| 137 |
+
if origin.startswith(allowed_origin):
|
| 138 |
+
print(f"✅ Origin 匹配: {origin} 匹配 {allowed_origin}")
|
| 139 |
+
return True
|
| 140 |
+
|
| 141 |
+
if referer:
|
| 142 |
+
for allowed_origin in ALLOWED_ORIGINS:
|
| 143 |
+
if referer.startswith(allowed_origin):
|
| 144 |
+
print(f"✅ Referer 匹配: {referer} 匹配 {allowed_origin}")
|
| 145 |
+
return True
|
| 146 |
+
|
| 147 |
# 允許來自 Hugging Face Spaces 的直接調用
|
| 148 |
if "huggingface" in user_agent.lower():
|
| 149 |
print("✅ 檢測到 Hugging Face Spaces 環境")
|