防盗链增加”同时检查Origin选项“

2025-11-11 18:30:25 +08:00 · 2023-05-02 17:05:35 +08:00
parent a517543e4e
commit 1194a829f3
4 changed files with 30 additions and 1 deletions
--- a/internal/web/actions/default/servers/server/settings/locations/referers/index.go
+++ b/internal/web/actions/default/servers/server/settings/locations/referers/index.go
@@ -38,6 +38,7 @@ func (this *IndexAction) RunGet(params struct {
 			AllowEmpty:      true,
 			AllowSameDomain: true,
 			AllowDomains:    nil,
 			CheckOrigin:     true,
 		}
 	}
--- a/internal/web/actions/default/servers/server/settings/referers/index.go
+++ b/internal/web/actions/default/servers/server/settings/referers/index.go
@@ -40,6 +40,7 @@ func (this *IndexAction) RunGet(params struct {
 			AllowEmpty:      true,
 			AllowSameDomain: true,
 			AllowDomains:    nil,
 			CheckOrigin:     true,
 		}
 	}
--- a/web/public/js/components/server/http-firewall-rules.js
+++ b/web/public/js/components/server/http-firewall-rules.js
@@ -261,6 +261,7 @@ Vue.component("http-firewall-checkpoint-referer-block", {
 		let allowSameDomain = true
 		let allowDomains = []
 		let denyDomains = []
 		let checkOrigin = true
 		let options = {}
 		if (window.parent.UPDATING_RULE != null) {
@@ -282,6 +283,9 @@ Vue.component("http-firewall-checkpoint-referer-block", {
 		if (options.denyDomains != null && typeof (options.denyDomains) == "object") {
 			denyDomains = options.denyDomains
 		}
 		if (typeof options.checkOrigin == "boolean") {
 			checkOrigin = options.checkOrigin
 		}
 		let that = this
 		setTimeout(function () {
@@ -293,6 +297,7 @@ Vue.component("http-firewall-checkpoint-referer-block", {
 			allowSameDomain: allowSameDomain,
 			allowDomains: allowDomains,
 			denyDomains: denyDomains,
 			checkOrigin: checkOrigin,
 			options: {},
 			value: 0
 		}
@@ -303,6 +308,9 @@ Vue.component("http-firewall-checkpoint-referer-block", {
 		},
 		allowSameDomain: function () {
 			this.change()
 		},
 		checkOrigin: function () {
 			this.change()
 		}
 	},
 	methods: {
@@ -332,6 +340,10 @@ Vue.component("http-firewall-checkpoint-referer-block", {
 					code: "denyDomains",
 					value: this.denyDomains
 				},
 				{
 					code: "checkOrigin",
 					value: this.checkOrigin
 				}
 			]
 		}
 	},
@@ -367,6 +379,13 @@ Vue.component("http-firewall-checkpoint-referer-block", {
 				<p class="comment">禁止的来源域名列表，比如<code-label>example.org</code-label>、<code-label>*.example.org</code-label>；除了这些禁止的来源域名外，其他域名都会被允许，除非限定了允许的来源域名。</p>
 			</td>
 		</tr>
 		<tr>
 			<td>同时检查Origin</td>
 			<td>
 				<checkbox v-model="checkOrigin"></checkbox>
 				<p class="comment">如果请求没有指定Referer Header，则尝试检查Origin Header，多用于跨站调用。</p>
 			</td>
 		</tr>
 	</table>
 </div>`
 })
--- a/web/public/js/components/server/http-referers-config-box.js
+++ b/web/public/js/components/server/http-referers-config-box.js
@@ -9,7 +9,8 @@ Vue.component("http-referers-config-box", {
 				allowEmpty: true,
 				allowSameDomain: true,
 				allowDomains: [],
-				denyDomains: []
+				denyDomains: [],
 				checkOrigin: true
 			}
 		}
 		if (config.allowDomains == null) {
@@ -84,6 +85,13 @@ Vue.component("http-referers-config-box", {
 				<p class="comment">禁止的来源域名列表，比如<code-label>example.org</code-label>、<code-label>*.example.org</code-label>；除了这些禁止的来源域名外，其他域名都会被允许，除非限定了允许的来源域名。</p>
 			</td>
 		</tr>
 		<tr>
 			<td>同时检查Origin</td>
 			<td>
 				<checkbox v-model="config.checkOrigin"></checkbox>
 				<p class="comment">如果请求没有指定Referer Header，则尝试检查Origin Header，多用于跨站调用。</p>
 			</td>
 		</tr>
 	</tbody>
 </table>
 <div class="ui margin"></div>