Jelle van Snik
3 years ago
1 changed files with 0 additions and 134 deletions
@ -1,134 +0,0 @@ |
|||||||
const corsHeaders = { |
|
||||||
"Access-Control-Allow-Origin": "*", |
|
||||||
"Access-Control-Allow-Methods": "GET,HEAD,POST,OPTIONS", |
|
||||||
"Access-Control-Max-Age": "86400", |
|
||||||
} |
|
||||||
|
|
||||||
const allowedDomains = [ |
|
||||||
'https://v2.sg.media-imdb.com', |
|
||||||
'https://gomo.to', |
|
||||||
'https://lookmovie.io', |
|
||||||
'https://gomoplayer.com', |
|
||||||
'https://api.opensubtitles.org', |
|
||||||
'https://www.vmovee.watch' |
|
||||||
]; |
|
||||||
|
|
||||||
async function handleRequest(request, destinationUrl, iteration = 0) { |
|
||||||
console.log(`PROXYING ${destinationUrl}${iteration ? ' ON ITERATION ' + iteration : ''}`); |
|
||||||
|
|
||||||
// Rewrite request to point to API url. This also makes the request mutable
|
|
||||||
// so we can add the correct Origin header to make the API server think
|
|
||||||
// that this request isn't cross-site.
|
|
||||||
request = new Request(destinationUrl, request); |
|
||||||
request.headers.set("Origin", new URL(destinationUrl).origin); |
|
||||||
|
|
||||||
// Set PHPSESSID cookie
|
|
||||||
if (request.headers.get('PHPSESSID')) { |
|
||||||
request.headers.set('Cookie', `PHPSESSID=${request.headers.get('PHPSESSID')};`); |
|
||||||
} |
|
||||||
|
|
||||||
// Set User Agent
|
|
||||||
request.headers.set('User-Agent', ' Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/93.0'); |
|
||||||
|
|
||||||
let response = await fetch(request); |
|
||||||
|
|
||||||
if ((response.status === 302 || response.status === 301) && response.headers.get('location')) { |
|
||||||
if (iteration > 5) { |
|
||||||
event.respondWith( |
|
||||||
new Response('418 Too many redirects', { |
|
||||||
status: 418 |
|
||||||
}), |
|
||||||
); |
|
||||||
} |
|
||||||
|
|
||||||
return await handleRequest(request, response.headers.get('location'), iteration + 1) |
|
||||||
} |
|
||||||
|
|
||||||
// Recreate the response so we can modify the headers
|
|
||||||
response = new Response(response.body, response); |
|
||||||
|
|
||||||
// Set CORS headers
|
|
||||||
response.headers.set("Access-Control-Allow-Origin", '*'); |
|
||||||
response.headers.set('Access-Control-Expose-Headers', '*'); |
|
||||||
|
|
||||||
// Get and set PHPSESSID cookie
|
|
||||||
const cookies = response.headers.get('Set-Cookie'); |
|
||||||
if (cookies && cookies.includes('PHPSESSID') && cookies.includes(';')) { |
|
||||||
let phpsessid = cookies.slice(cookies.search('PHPSESSID') + 10); |
|
||||||
phpsessid = phpsessid.slice(0, phpsessid.search(';')); |
|
||||||
response.headers.set('PHPSESSID', phpsessid); |
|
||||||
} |
|
||||||
|
|
||||||
// Append to/Add Vary header so browser will cache response correctly
|
|
||||||
response.headers.append("Vary", "Origin"); |
|
||||||
|
|
||||||
return response; |
|
||||||
} |
|
||||||
|
|
||||||
function handleOptions(request) { |
|
||||||
// Make sure the necessary headers are present
|
|
||||||
// for this to be a valid pre-flight request
|
|
||||||
let headers = request.headers; |
|
||||||
|
|
||||||
if (headers.get("Origin") !== null && headers.get("Access-Control-Request-Method") !== null && headers.get("Access-Control-Request-Headers") !== null ) { |
|
||||||
return new Response(null, { |
|
||||||
headers: { |
|
||||||
...corsHeaders, |
|
||||||
// Allow all future content Request headers to go back to browser
|
|
||||||
// such as Authorization (Bearer) or X-Client-Name-Version
|
|
||||||
"Access-Control-Allow-Headers": request.headers.get("Access-Control-Request-Headers"), |
|
||||||
}, |
|
||||||
}); |
|
||||||
} |
|
||||||
else { |
|
||||||
// Handle standard OPTIONS request
|
|
||||||
return new Response(null, { |
|
||||||
headers: { |
|
||||||
Allow: "GET, HEAD, POST, OPTIONS", |
|
||||||
}, |
|
||||||
}) |
|
||||||
} |
|
||||||
} |
|
||||||
|
|
||||||
addEventListener("fetch", event => { |
|
||||||
const request = event.request |
|
||||||
const url = new URL(request.url); |
|
||||||
const destinationUrl = url.searchParams.get("destination"); |
|
||||||
|
|
||||||
console.log(`HTTP ${request.method} - ${request.url}` ); |
|
||||||
|
|
||||||
|
|
||||||
if (request.method === "OPTIONS") { |
|
||||||
// Handle CORS preflight requests
|
|
||||||
event.respondWith(handleOptions(request)); |
|
||||||
} |
|
||||||
else if (!destinationUrl) { |
|
||||||
event.respondWith( |
|
||||||
new Response('200 OK', { |
|
||||||
status: 200, |
|
||||||
headers: { |
|
||||||
'Allow': "GET, HEAD, POST, OPTIONS", |
|
||||||
'Access-Control-Allow-Origin': '*' |
|
||||||
}, |
|
||||||
}), |
|
||||||
); |
|
||||||
} |
|
||||||
// else if (!allowedDomains.find(domain => destinationUrl.startsWith(domain))) {
|
|
||||||
// event.respondWith(
|
|
||||||
// new Response('404 Not Found', {
|
|
||||||
// status: 404,
|
|
||||||
// }),
|
|
||||||
// );
|
|
||||||
// }
|
|
||||||
else if (request.method === "GET" || request.method === "HEAD" || request.method === "POST") { |
|
||||||
// Handle request
|
|
||||||
event.respondWith(handleRequest(request, destinationUrl)); |
|
||||||
} |
|
||||||
else { |
|
||||||
event.respondWith( |
|
||||||
new Response('404 Not Found', { |
|
||||||
status: 404, |
|
||||||
}), |
|
||||||
); |
|
||||||
} |
|
||||||
}); |
|
||||||
Loading…
Reference in new issue