mirror of
https://github.com/gnh1201/welsonjs.git
synced 2025-05-07 12:16:04 +00:00
Enhance a performance and security in PR
This commit is contained in:
parent
e2c9169121
commit
4e78905bbc
|
@ -72,7 +72,7 @@ namespace WelsonJS.Launcher
|
|||
{
|
||||
try
|
||||
{
|
||||
ProcessRequest(await _listener.GetContextAsync());
|
||||
await ProcessRequest(await _listener.GetContextAsync());
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
|
@ -82,7 +82,7 @@ namespace WelsonJS.Launcher
|
|||
}
|
||||
}
|
||||
|
||||
private void ProcessRequest(HttpListenerContext context)
|
||||
private async Task ProcessRequest(HttpListenerContext context)
|
||||
{
|
||||
string path = context.Request.Url.AbsolutePath.TrimStart('/');
|
||||
|
||||
|
@ -105,7 +105,7 @@ namespace WelsonJS.Launcher
|
|||
const string devtoolsPrefix = "devtools/";
|
||||
if (path.StartsWith(devtoolsPrefix, StringComparison.OrdinalIgnoreCase))
|
||||
{
|
||||
ServeDevTools(context, path.Substring(devtoolsPrefix.Length - 1)).GetAwaiter().GetResult(); ;
|
||||
await ServeDevTools(context, path.Substring(devtoolsPrefix.Length - 1));
|
||||
return;
|
||||
}
|
||||
|
||||
|
@ -113,7 +113,7 @@ namespace WelsonJS.Launcher
|
|||
const string whoisPrefix = "whois/";
|
||||
if (path.StartsWith(whoisPrefix, StringComparison.OrdinalIgnoreCase))
|
||||
{
|
||||
ServeWhoisRequest(context, path.Substring(whoisPrefix.Length)).GetAwaiter().GetResult();
|
||||
await ServeWhoisRequest(context, path.Substring(whoisPrefix.Length));
|
||||
return;
|
||||
}
|
||||
|
||||
|
@ -176,13 +176,21 @@ namespace WelsonJS.Launcher
|
|||
|
||||
private async Task ServeWhoisRequest(HttpListenerContext context, string query)
|
||||
{
|
||||
if (string.IsNullOrWhiteSpace(query) || query.Length > 255)
|
||||
{
|
||||
ServeResource(context, "<error>Invalid query parameter</error>", "application/xml", 400);
|
||||
return;
|
||||
}
|
||||
|
||||
string whoisServerUrl = "https://xn--c79as89aj0e29b77z.xn--3e0b707e";
|
||||
|
||||
using (var client = new HttpClient())
|
||||
{
|
||||
client.Timeout = TimeSpan.FromSeconds(10);
|
||||
|
||||
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Post, $"{whoisServerUrl}/kor/whois.jsc")
|
||||
{
|
||||
Content = new StringContent($"query={query}&ip=141.101.82.1", Encoding.UTF8, "application/x-www-form-urlencoded")
|
||||
Content = new StringContent($"query={Uri.EscapeDataString(query)}&ip=141.101.82.1", Encoding.UTF8, "application/x-www-form-urlencoded")
|
||||
};
|
||||
|
||||
request.Headers.Add("Accept", "*/*");
|
||||
|
@ -194,7 +202,7 @@ namespace WelsonJS.Launcher
|
|||
HttpResponseMessage response = await client.SendAsync(request);
|
||||
string responseBody = await response.Content.ReadAsStringAsync();
|
||||
|
||||
ServeResource(context, responseBody, "text/html", (int)response.StatusCode);
|
||||
ServeResource(context, responseBody, "text/plain", (int)response.StatusCode);
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
|
|
|
@ -87,6 +87,7 @@
|
|||
</script>
|
||||
<script src="https://unpkg.com/axios/dist/axios.min.js"></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/fast-xml-parser/4.5.1/fxparser.min.js"></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/dompurify/3.2.4/purify.min.js"></script>
|
||||
<script src="https://cdn.metroui.org.ua/dev/metro.js"></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/monaco-editor/0.52.2/min/vs/loader.min.js"></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/monaco-editor/0.52.2/min/vs/editor/editor.main.js"></script>
|
||||
|
@ -266,10 +267,7 @@
|
|||
}
|
||||
|
||||
axios.get(`${serverBaseUrl}/whois/${hostname}`).then(response => {
|
||||
const responseText = response.data
|
||||
.replace(/<script[^>]*>[\s\S]*?<\/script>/gi, '')
|
||||
.replace(/<\/?[^>]+(>|$)/g, '')
|
||||
.replace(/^[\r\n]+|[\r\n]+$/g, '');
|
||||
const responseText = DOMPurify.sanitize(response.data, { ALLOWED_TAGS: [], ALLOWED_ATTR: [] });
|
||||
|
||||
appendTextToEditor(`/*\n${responseText}\n*/`);
|
||||
}).catch(error => {
|
||||
|
|
Loading…
Reference in New Issue
Block a user