Spaces:
Running
Running
refactor: remove Cloudflare worker proxy implementation
Browse files- cloudflare-worker.js +0 -78
cloudflare-worker.js
DELETED
|
@@ -1,78 +0,0 @@
|
|
| 1 |
-
addEventListener("fetch", (event) => {
|
| 2 |
-
event.respondWith(handleRequest(event.request));
|
| 3 |
-
});
|
| 4 |
-
|
| 5 |
-
const PROXY_SHARED_SECRET = "";
|
| 6 |
-
const ALLOW_PROXY_ALL = false;
|
| 7 |
-
const ALLOWED_TARGETS = [
|
| 8 |
-
"api.telegram.org",
|
| 9 |
-
"discord.com",
|
| 10 |
-
"discordapp.com",
|
| 11 |
-
"gateway.discord.gg",
|
| 12 |
-
"status.discord.com",
|
| 13 |
-
"slack.com",
|
| 14 |
-
"api.slack.com",
|
| 15 |
-
"web.whatsapp.com",
|
| 16 |
-
"graph.facebook.com",
|
| 17 |
-
"graph.instagram.com",
|
| 18 |
-
"api.openai.com",
|
| 19 |
-
"googleapis.com",
|
| 20 |
-
"google.com",
|
| 21 |
-
"googleusercontent.com",
|
| 22 |
-
"gstatic.com",
|
| 23 |
-
];
|
| 24 |
-
|
| 25 |
-
function isAllowedHost(hostname) {
|
| 26 |
-
const normalized = String(hostname || "").trim().toLowerCase();
|
| 27 |
-
if (!normalized) return false;
|
| 28 |
-
if (ALLOW_PROXY_ALL) return true;
|
| 29 |
-
return ALLOWED_TARGETS.some((domain) => normalized === domain || normalized.endsWith(`.${domain}`));
|
| 30 |
-
}
|
| 31 |
-
|
| 32 |
-
async function handleRequest(request) {
|
| 33 |
-
const url = new URL(request.url);
|
| 34 |
-
const queryTarget = url.searchParams.get("proxy_target");
|
| 35 |
-
const targetHost = request.headers.get("x-target-host") || queryTarget;
|
| 36 |
-
const telegramStylePath = url.pathname.startsWith("/bot") || url.pathname.startsWith("/file/bot");
|
| 37 |
-
|
| 38 |
-
if (PROXY_SHARED_SECRET) {
|
| 39 |
-
const providedSecret = request.headers.get("x-proxy-key") || url.searchParams.get("proxy_key") || "";
|
| 40 |
-
if (providedSecret !== PROXY_SHARED_SECRET && !(telegramStylePath && !targetHost)) {
|
| 41 |
-
return new Response("Unauthorized: Invalid proxy key", { status: 401 });
|
| 42 |
-
}
|
| 43 |
-
}
|
| 44 |
-
|
| 45 |
-
let targetBase = "";
|
| 46 |
-
if (targetHost) {
|
| 47 |
-
if (!isAllowedHost(targetHost)) {
|
| 48 |
-
return new Response(`Forbidden: Host ${targetHost} is not allowed.`, { status: 403 });
|
| 49 |
-
}
|
| 50 |
-
targetBase = `https://${targetHost}`;
|
| 51 |
-
} else if (telegramStylePath) {
|
| 52 |
-
targetBase = "https://api.telegram.org";
|
| 53 |
-
} else {
|
| 54 |
-
return new Response("Invalid request: No target host provided.", { status: 400 });
|
| 55 |
-
}
|
| 56 |
-
|
| 57 |
-
const cleanSearch = new URLSearchParams(url.search);
|
| 58 |
-
cleanSearch.delete("proxy_target");
|
| 59 |
-
cleanSearch.delete("proxy_key");
|
| 60 |
-
const searchStr = cleanSearch.toString();
|
| 61 |
-
const targetUrl = targetBase + url.pathname + (searchStr ? `?${searchStr}` : "");
|
| 62 |
-
|
| 63 |
-
const headers = new Headers(request.headers);
|
| 64 |
-
for (const header of ["cf-connecting-ip", "cf-ray", "cf-visitor", "host", "x-real-ip", "x-target-host", "x-proxy-key"]) {
|
| 65 |
-
headers.delete(header);
|
| 66 |
-
}
|
| 67 |
-
|
| 68 |
-
try {
|
| 69 |
-
return await fetch(new Request(targetUrl, {
|
| 70 |
-
method: request.method,
|
| 71 |
-
headers,
|
| 72 |
-
body: request.body,
|
| 73 |
-
redirect: "follow",
|
| 74 |
-
}));
|
| 75 |
-
} catch (error) {
|
| 76 |
-
return new Response(`Proxy Error: ${error.message}`, { status: 502 });
|
| 77 |
-
}
|
| 78 |
-
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|