更新 v0.1.0

Author: EtherDream

README.md

@@ -1,25 +1,21 @@
 
 # 更新
 
-* 2019-06-22 [cfworker 无服务器版](cf-worker) 发布，长期使用演示服务的请使用该版本。
-
-* 2019-06-11 前端脚本调整，首页可离线访问（如果长时间加载中，尝试多刷新几次或者隐身模式访问）
-
-* 2019-05-30 更新 cfworker，对 ytb 视频进行了优化（推荐选 1080p+，不会增加服务器压力）
+* 2019-07-24 [v0.1.0](tree/0.1.0) 发布，主要修复了缓存失效的问题。网络接口和之前版本不兼容，请及时更新服务端和 cfworker。
 
-* 2019-05-29 nginx 增加静态资源服务，可同时支持代理接口和首页访问
-
-* 2019-05-27 增加 nio.io、sslip.io 后备域名，减少申请失败的几率
-
-* 2019-05-26 安装时自动申请证书（使用 xip.io 域名），安装后即可预览
+* 2019-06-22 [cfworker 无服务器版](cf-worker) 发布，长期使用演示服务的请使用该版本。
 
 [查看更多](changelogs)
 
 
 # 安装
 
 ```bash
+<<<<<<< HEAD
 curl https://raw.githubusercontent.com/EtherDream/jsproxy/master/i.sh | bash
+=======
+curl https://raw.githubusercontent.com/EtherDream/jsproxy/0.1.0/i.sh | bash
+>>>>>>> dev
 ```
 
 * 自动安装目前只支持 Linux x64，并且需要 root 权限

api.conf

@@ -15,7 +15,7 @@ location = /error {
   more_set_headers
     'access-control-allow-origin: *'
     'access-control-expose-headers: gateway-err--'
-    'gateway-err--: {"msg": "$arg_msg", "addr": "$upstream_addr"}'
+    'gateway-err--: {"msg": "$arg_msg", "addr": "$upstream_addr", "url": "$arg_url"}'
   ;
   return              204;
 }
@@ -27,15 +27,20 @@ location = /preflight {
   more_set_headers
     'access-control-allow-origin: *'
     'access-control-allow-methods: GET,POST,PUT,PATCH,TRACE,DELETE,HEAD,OPTIONS'
-    'access-control-allow-headers: --raw-info,--level,--url,--referer,--cookie,--origin,--ext,--aceh,--ver,--type,--mode,accept,accept-charset,accept-encoding,accept-language,accept-datetime,authorization,cache-control,content-length,content-type,date,if-match,if-modified-since,if-none-match,if-range,if-unmodified-since,max-forwards,pragma,range,te,upgrade,upgrade-insecure-requests,x-requested-with,chrome-proxy,purpose'
     'access-control-max-age: 1728000'
   ;
   return              204;
 }
 
+# 该接口已作废
+location = /http {
+  access_log          off;
+  more_set_headers    'access-control-allow-origin: *';
+  return              200  "该接口已作废，请更新前端脚本";
+}
 
 # HTTP(S) Proxy
-location = /http {
+location /http/ {
   # see ./allowed-sites.conf
   if ($_origin_id = '') {
     rewrite             ^   /error?msg=ORIGIN_NOT_ALLOWED;
@@ -47,7 +52,7 @@ location = /http {
   proxy_set_header      Connection  $http_connection;
 
 
-  if ($http_access_control_request_headers) {
+  if ($http_access_control_request_methods) {
     rewrite             ^   /preflight;
   }
 

cf-worker/.eslintrc.json

@@ -1,7 +1,8 @@
 {
   "env": {
     "browser": true,
-    "es6": true
+    "es6": true,
+    "serviceworker": true
   },
   "extends": "eslint:recommended",
   "globals": {
@@ -13,10 +14,8 @@
     "sourceType": "module"
   },
   "rules": {
-    "no-console": "warn",
     "no-empty": "warn",
     "no-unused-vars": "warn",
-    "no-debugger": "warn",
     "no-constant-condition": "warn"
   }
 }

cf-worker/README.md

@@ -23,27 +23,10 @@
 
 如果不够用，可注册多个 Worker，在 `conf.js` 中配置多线路负载均衡。或者升级到 $5 的高级版本，每月可用 1000 万次请求（超出部分 $0.5/百万次请求）。
 
-如果远不够用，建议和服务器组合使用。因为 cfworker 是按请求次数计费的，所以小文件更适合通过服务器代理，大文件走 cfworker 才合算。可参考下面的 `加速功能`。
-
 
 # 修改配置
 
-默认情况下，静态资源从 `https://zjcqoo.github.io` 反向代理，可通过代码中 `ASSET_URL` 配置，从而可使用自定义的 `conf.js` 配置。
-
-
-# 加速功能
-
-如果你已有服务器，也可通过 CloudFlare Worker 分担大文件的代理。
-
-前端修改：`conf.js` 的 `cfworker` 节点 `lines` 配置。
-
-后端修改：`lua/http-enc-res-hdr.lua` 的 [114-116 行](https://github.com/EtherDream/jsproxy/blob/master/lua/http-enc-res-hdr.lua#L114-L116) 注释打开，重启服务生效。
-
-可在 [84行](https://github.com/EtherDream/jsproxy/blob/master/lua/http-enc-res-hdr.lua#L84) 处修改大于多少字节的静态资源走加速。
-
-该功能目前还在实验中，有问题或者更好的思路可交流。
-
-（推荐下行流量免费且不限速的服务器，可节省大量费用）
+默认情况下，静态资源从 `https://etherdream.github.io/jsproxy` 反向代理，可通过代码中 `ASSET_URL` 配置，从而可使用自定义的 `conf.js` 配置。
 
 
 # 存在问题

cf-worker/index.js

@@ -3,46 +3,60 @@
 /**
  * static files (404.html, sw.js, conf.js)
  */
-const ASSET_URL = 'https://zjcqoo.github.io'
+const ASSET_URL = 'https://etherdream.github.io/jsproxy'
 
-const JS_VER = 8
+const JS_VER = 10
 const MAX_RETRY = 1
 
-
+/** @type {RequestInit} */
 const PREFLIGHT_INIT = {
   status: 204,
   headers: new Headers({
     'access-control-allow-origin': '*',
     'access-control-allow-methods': 'GET,POST,PUT,PATCH,TRACE,DELETE,HEAD,OPTIONS',
-    'access-control-allow-headers': '--raw-info,--level,--url,--referer,--cookie,--origin,--ext,--aceh,--ver,--type,--mode,accept,accept-charset,accept-encoding,accept-language,accept-datetime,authorization,cache-control,content-length,content-type,date,if-match,if-modified-since,if-none-match,if-range,if-unmodified-since,max-forwards,pragma,range,te,upgrade,upgrade-insecure-requests,x-requested-with,chrome-proxy,purpose',
     'access-control-max-age': '1728000',
   }),
 }
 
 /**
- * @param {string} message
+ * @param {any} body
  * @param {number} status
- * @param {any} headers
+ * @param {Object<string, string>} headers
  */
-function makeRes(message, status = 200, headers = {}) {
-  headers['cache-control'] = 'no-cache'
-  headers['vary'] = '--url'
+function makeRes(body, status = 200, headers = {}) {
+  headers['--ver'] = JS_VER
   headers['access-control-allow-origin'] = '*'
-  return new Response(message, {status, headers})
+  return new Response(body, {status, headers})
+}
+
+
+/**
+ * @param {string} urlStr 
+ */
+function newUrl(urlStr) {
+  try {
+    return new URL(urlStr)
+  } catch (err) {
+    return null
+  }
 }
 
 
 addEventListener('fetch', e => {
   const ret = fetchHandler(e)
-    .catch(err => makeRes('cfworker error:' + err, 502))
+    .catch(err => makeRes('cfworker error:\n' + err.stack, 502))
   e.respondWith(ret)
 })
 
 
-function fetchHandler(e) {
+/**
+ * @param {FetchEvent} e 
+ */
+async function fetchHandler(e) {
   const req = e.request
   const urlStr = req.url
   const urlObj = new URL(urlStr)
+  const path = urlObj.href.substr(urlObj.origin.length)
 
   if (urlObj.protocol === 'http:') {
     urlObj.protocol = 'https:'
@@ -52,25 +66,29 @@ function fetchHandler(e) {
     })
   }
 
-  switch (urlObj.pathname) {
+  if (path.startsWith('/http/')) {
+    return httpHandler(req, path.substr(6))
+  }
+
+  switch (path) {
   case '/http':
-    return httpHandler(req)
+    return makeRes('请更新 cfworker 到最新版本!')
   case '/ws':
     return makeRes('not support', 400)
   case '/works':
     return makeRes('it works')
   default:
     // static files
-    return fetch(ASSET_URL + urlObj.pathname)
+    return fetch(ASSET_URL + path)
   }
 }
 
 
-
 /**
  * @param {Request} req
+ * @param {string} pathname
  */
-async function httpHandler(req) {
+function httpHandler(req, pathname) {
   const reqHdrRaw = req.headers
   if (reqHdrRaw.has('x-jsproxy')) {
     return Response.error()
@@ -83,8 +101,6 @@ async function httpHandler(req) {
     return new Response(null, PREFLIGHT_INIT)
   }
 
-  let urlObj = null
-  let extHdrs = null
   let acehOld = false
   let rawSvr = ''
   let rawLen = ''
@@ -93,52 +109,51 @@ async function httpHandler(req) {
   const reqHdrNew = new Headers(reqHdrRaw)
   reqHdrNew.set('x-jsproxy', '1')
 
-  for (const [k, v] of reqHdrRaw.entries()) {
-    if (!k.startsWith('--')) {
-      continue
-    }
-    reqHdrNew.delete(k)
-
-    const k2 = k.substr(2)
-    switch (k2) {
-    case 'url':
-      urlObj = new URL(v)
-      break
-    case 'aceh':
-      acehOld = true
-      break
-    case 'raw-info':
-      [rawSvr, rawLen, rawEtag] = v.split('|')
-      break
-    case 'level':
-    case 'mode':
-    case 'type':
-      break
-    case 'ext':
-      extHdrs = JSON.parse(v)
-      break
-    default:
+  // 此处逻辑和 http-dec-req-hdr.lua 大致相同
+  // https://github.com/EtherDream/jsproxy/blob/master/lua/http-dec-req-hdr.lua
+  const refer = reqHdrNew.get('referer')
+  const query = refer.substr(refer.indexOf('?') + 1)
+  if (!query) {
+    return makeRes('missing params', 403)
+  }
+  const param = new URLSearchParams(query)
+
+  for (const [k, v] of Object.entries(param)) {
+    if (k.substr(0, 2) === '--') {
+      // 系统信息
+      switch (k.substr(2)) {
+      case 'aceh':
+        acehOld = true
+        break
+      case 'raw-info':
+        [rawSvr, rawLen, rawEtag] = v.split('|')
+        break
+      }
+    } else {
+      // 还原 HTTP 请求头
       if (v) {
-        reqHdrNew.set(k2, v)
+        reqHdrNew.set(k, v)
       } else {
-        reqHdrNew.delete(k2)
+        reqHdrNew.delete(k)
       }
-      break
     }
   }
-  if (extHdrs) {
-    for (const [k, v] of Object.entries(extHdrs)) {
-      reqHdrNew.set(k, v)
-    }
+  if (!param.has('referer')) {
+    reqHdrNew.delete('referer')
   }
+
+  // cfworker 会把路径中的 `//` 合并成 `/`
+  const urlStr = pathname.replace(/^(https?):\/+/, '$1://')
+  const urlObj = newUrl(urlStr)
   if (!urlObj) {
-    return makeRes('missing url param', 403)
+    return makeRes('invalid proxy url: ' + urlStr, 403)
   }
 
   /** @type {RequestInit} */
   const reqInit = {
     method: req.method,
     headers: reqHdrNew,
+    redirect: 'manual',
   }
   if (req.method === 'POST') {
     reqInit.body = req.body
@@ -159,7 +174,6 @@ async function proxy(urlObj, reqInit, acehOld, rawLen, retryTimes) {
   const resHdrNew = new Headers(resHdrOld)
 
   let expose = '*'
-  let vary = '--url'
 
   for (const [k, v] of resHdrOld.entries()) {
     if (k === 'access-control-allow-origin' ||
@@ -174,9 +188,6 @@ async function proxy(urlObj, reqInit, acehOld, rawLen, retryTimes) {
       }
       resHdrNew.delete(k)
     }
-    else if (k === 'vary') {
-      vary = vary + ',' + v
-    }
     else if (acehOld &&
       k !== 'cache-control' &&
       k !== 'content-language' &&
@@ -206,8 +217,9 @@ async function proxy(urlObj, reqInit, acehOld, rawLen, retryTimes) {
           return proxy(urlObj, reqInit, acehOld, rawLen, retryTimes + 1)
         }
       }
-      return makeRes('error', 400, {
-        '--error': 'bad len:' + newLen
+      return makeRes(res.body, 400, {
+        '--error': `bad len: ${newLen}, except: ${rawLen}`,
+        'access-control-expose-headers': '--error',
       })
     }
 
@@ -220,12 +232,12 @@ async function proxy(urlObj, reqInit, acehOld, rawLen, retryTimes) {
 
   resHdrNew.set('access-control-expose-headers', expose)
   resHdrNew.set('access-control-allow-origin', '*')
-  resHdrNew.set('vary', vary)
   resHdrNew.set('--s', status)
   resHdrNew.set('--ver', JS_VER)
 
   resHdrNew.delete('content-security-policy')
   resHdrNew.delete('content-security-policy-report-only')
+  resHdrNew.delete('clear-site-data')
 
   if (status === 301 ||
       status === 302 ||