源站地址填写为HTTP时，自动检测HTTPS是否可用

2025-11-03 12:20:28 +08:00 · 2024-04-18 11:31:47 +08:00
parent 6be870d1d8
commit b2b6918329
9 changed files with 166 additions and 12 deletions
--- a/internal/web/actions/default/servers/server/settings/origins/detectHTTPS.go
+++ b/internal/web/actions/default/servers/server/settings/origins/detectHTTPS.go
@@ -0,0 +1,58 @@
+// Copyright 2024 GoEdge CDN goedge.cdn@gmail.com. All rights reserved. Official site: https://goedge.cn .
+
+package origins
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/configutils"
+	"net"
+	"net/url"
+	"strings"
+	"time"
+)
+
+type DetectHTTPSAction struct {
+	actionutils.ParentAction
+}
+
+func (this *DetectHTTPSAction) RunPost(params struct {
+	Addr string
+}) {
+	this.Data["isOk"] = false
+
+	// parse from url
+	if strings.HasPrefix(params.Addr, "http://") || strings.HasPrefix(params.Addr, "https://") {
+		u, err := url.Parse(params.Addr)
+		if err == nil {
+			params.Addr = u.Host
+		}
+	}
+
+	this.Data["addr"] = params.Addr
+
+	if len(params.Addr) == 0 {
+		this.Success()
+		return
+	}
+
+	var realHost = params.Addr
+	host, port, err := net.SplitHostPort(params.Addr)
+	if err == nil {
+		if port != "80" {
+			this.Success()
+			return
+		}
+		realHost = host
+	}
+
+	conn, err := net.DialTimeout("tcp", configutils.QuoteIP(realHost)+":443", 3*time.Second)
+	if err != nil {
+		this.Success()
+		return
+	}
+	_ = conn.Close()
+
+	this.Data["isOk"] = true
+
+	this.Success()
+}
--- a/internal/web/actions/default/servers/server/settings/origins/init.go
+++ b/internal/web/actions/default/servers/server/settings/origins/init.go
@@ -15,6 +15,7 @@ func init() {
 			Post("/delete", new(DeleteAction)).
 			GetPost("/updatePopup", new(UpdatePopupAction)).
 			Post("/updateIsOn", new(UpdateIsOnAction)).
+			Post("/detectHTTPS", new(DetectHTTPSAction)).
 			EndAll()
 	})
 }
--- a/internal/web/helpers/user_must_auth.go
+++ b/internal/web/helpers/user_must_auth.go
@@ -224,12 +224,14 @@ func (this *userMustAuth) BeforeAction(actionPtr actions.ActionWrapper, paramNam
 	}

 	// 是否正在使用反向代理模式
-	action.Data["teaXFFPrompt"] = false
-	if !securityXFFPromptDisabled &&
-		(len(action.Header("X-Forwarded-For")) > 0 || len(action.Header("X-Real-Ip")) > 0 || len(action.Header("Cf-Connecting-Ip")) > 0) &&
-		securityConfig != nil &&
-		len(securityConfig.ClientIPHeaderNames) == 0 {
-		action.Data["teaXFFPrompt"] = true
+	if action.Request.Method == http.MethodGet {
+		action.Data["teaXFFPrompt"] = false
+		if !securityXFFPromptDisabled &&
+			(len(action.Header("X-Forwarded-For")) > 0 || len(action.Header("X-Real-Ip")) > 0 || len(action.Header("Cf-Connecting-Ip")) > 0) &&
+			securityConfig != nil &&
+			len(securityConfig.ClientIPHeaderNames) == 0 {
+			action.Data["teaXFFPrompt"] = true
+		}
 	}

 	// 检查用户是否存在
--- a/web/views/@default/servers/addOriginPopup.html
+++ b/web/views/@default/servers/addOriginPopup.html
@@ -36,9 +36,10 @@
 			<td>
 				<div class="ui input left labeled">
                    <span class="ui label">{{protocol.toLowerCase()}}://</span>
-                    <input type="text" name="addr" ref="focus" v-model="addr" @input="changeAddr"/>
+                    <input type="text" name="addr" ref="focus" v-model="addr" @input="changeAddr" @change="detectHTTPS"/>
                </div>
-				<p class="comment"><span class="red" v-if="addrError.length > 0">{{addrError}}</span>源站服务器地址，通常是一个IP（或域名）加端口<span v-if="serverType == 'httpProxy'">，不需要加 http:// 或 https://</span>。</p>
+                <p class="comment" style="padding-bottom: 0; margin-bottom: 0" v-if="addrError.length == 0 && adviceHTTPS && protocol == 'http'"><span class="red">系统检测到当前源站有HTTPS协议可用，是否切换到HTTPS协议？</span> <a href="" @click.prevent="switchToHTTPS">[点此切换]</a></p>
+				<p class="comment"><span class="red" v-if="addrError.length > 0">{{addrError}}</span>源站服务器地址，通常是一个IP（或域名）加端口，80和443端口可以省略<span v-if="serverType == 'httpProxy'">，不需要加 http:// 或 https://</span>。</p>
 			</td>
 		</tr>
        <tr v-if="(isHTTP || protocol == 'tls') && !isOSS">
--- a/web/views/@default/servers/addOriginPopup.js
+++ b/web/views/@default/servers/addOriginPopup.js
@@ -18,10 +18,18 @@ Tea.context(function () {
 	this.changeProtocol = function () {
 		this.isOSS = this.protocol.startsWith("oss:")

+		if (this.protocol == "http") {
+			this.detectHTTPS()
+		} else {
+			this.adviceHTTPS = false
+		}
+
 		this.checkPort()
 	}

 	this.changeAddr = function () {
+		this.adviceHTTPS = false
+
 		if (this.serverType == "httpProxy") {
 			if (this.addr.startsWith("http://")) {
 				this.protocol = "http"
@@ -54,4 +62,42 @@ Tea.context(function () {
 			}
 		}
 	}
+
+	this.adviceHTTPS = false
+
+	var isDetectingHTTPS = false
+	this.detectHTTPS = function () {
+		if (isDetectingHTTPS) {
+			return
+		}
+		isDetectingHTTPS = true
+
+		this.adviceHTTPS = false
+		if (this.protocol == "http") {
+			this.$post("/servers/server/settings/origins/detectHTTPS")
+				.params({
+					addr: this.addr
+				})
+				.success(function (resp) {
+					this.adviceHTTPS = resp.data.isOk
+					if (resp.data.isOk) {
+						this.addr = resp.data.addr
+					}
+				})
+				.done(function () {
+					isDetectingHTTPS = false
+				})
+		} else {
+			isDetectingHTTPS = false
+		}
+	}
+
+	this.switchToHTTPS = function () {
+		this.adviceHTTPS = false
+		this.protocol = "https"
+
+		if (this.addr.endsWith(":80")) {
+			this.addr = this.addr.substring(0, this.addr.length - (":80").length)
+		}
+	}
 })
--- a/web/views/@default/servers/create.js
+++ b/web/views/@default/servers/create.js
@@ -45,6 +45,7 @@ Tea.context(function () {

 	this.addOrigin = function () {
 		teaweb.popup("/servers/addOriginPopup?serverType=" + this.serverType, {
+			width: "45em",
 			height: "27em",
 			callback: function (resp) {
 				this.origins.push(resp.data.origin);
--- a/web/views/@default/servers/server/settings/origins/addPopup.html
+++ b/web/views/@default/servers/server/settings/origins/addPopup.html
@@ -38,10 +38,10 @@
 			<td>
                <div class="ui input left labeled">
                    <span class="ui label">{{protocol.toLowerCase()}}://</span>
-				    <input type="text" name="addr" ref="focus" v-model="addr" @input="changeAddr"/>
+				    <input type="text" name="addr" ref="focus" v-model="addr" @input="changeAddr" @change="detectHTTPS"/>
                </div>
-				<p class="comment"><span class="red" v-if="addrError.length > 0">{{addrError}}</span>
-                    源站服务器地址，通常是一个IP（或域名）加端口<span v-if="serverType == 'httpProxy'">，不需要加 http:// 或 https://</span>。</p>
+                <p class="comment" style="padding-bottom: 0; margin-bottom: 0" v-if="addrError.length == 0 && adviceHTTPS && protocol == 'http'"><span class="red">系统检测到当前源站有HTTPS协议可用，是否切换到HTTPS协议？</span> <a href="" @click.prevent="switchToHTTPS">[点此切换]</a></p>
+				<p class="comment"><span class="red" v-if="addrError.length > 0">{{addrError}}</span>源站服务器地址，通常是一个IP（或域名）加端口，80和443端口可以省略<span v-if="serverType == 'httpProxy'">，不需要加 http:// 或 https://</span>。</p>
 			</td>
 		</tr>
        <tr v-if="(isHTTP || protocol == 'tls') && !isOSS">
--- a/web/views/@default/servers/server/settings/origins/addPopup.js
+++ b/web/views/@default/servers/server/settings/origins/addPopup.js
@@ -16,10 +16,18 @@ Tea.context(function () {
 	this.changeProtocol = function () {
 		this.isOSS = this.protocol.startsWith("oss:")

+		if (this.protocol == "http") {
+			this.detectHTTPS()
+		} else {
+			this.adviceHTTPS = false
+		}
+
 		this.checkPort()
 	}

 	this.changeAddr = function () {
+		this.adviceHTTPS = false
+
 		if (this.serverType == "httpProxy") {
 			if (this.addr.startsWith("http://")) {
 				this.protocol = "http"
@@ -52,4 +60,41 @@ Tea.context(function () {
 			}
 		}
 	}
+
+	this.adviceHTTPS = false
+	var isDetectingHTTPS = false
+	this.detectHTTPS = function () {
+		if (isDetectingHTTPS) {
+			return
+		}
+		isDetectingHTTPS = true
+
+		this.adviceHTTPS = false
+		if (this.protocol == "http") {
+			this.$post(".detectHTTPS")
+				.params({
+					addr: this.addr
+				})
+				.success(function (resp) {
+					this.adviceHTTPS = resp.data.isOk
+					if (resp.data.isOk) {
+						this.addr = resp.data.addr
+					}
+				})
+				.done(function () {
+					isDetectingHTTPS = false
+				})
+		} else {
+			isDetectingHTTPS = false
+		}
+	}
+
+	this.switchToHTTPS = function () {
+		this.adviceHTTPS = false
+		this.protocol = "https"
+
+		if (this.addr.endsWith(":80")) {
+			this.addr = this.addr.substring(0, this.addr.length - (":80").length)
+		}
+	}
 })
--- a/web/views/@default/servers/server/settings/origins/updatePopup.html
+++ b/web/views/@default/servers/server/settings/origins/updatePopup.html
@@ -42,7 +42,7 @@
                    <span class="ui label">{{origin.protocol.toLowerCase()}}://</span>
 				    <input type="text" name="addr" ref="focus" v-model="origin.addr" @input="changeAddr"/>
                </div>
-				<p class="comment"><span class="red" v-if="addrError.length > 0">{{addrError}}</span>源站服务器地址，通常是一个IP（或域名）加端口<span v-if="serverType == 'httpProxy'">，不需要加 http:// 或 https://</span>。</p>
+				<p class="comment"><span class="red" v-if="addrError.length > 0">{{addrError}}</span>源站服务器地址，通常是一个IP（或域名）加端口，80和443端口可以省略<span v-if="serverType == 'httpProxy'">，不需要加 http:// 或 https://</span>。</p>
 			</td>
 		</tr>
        <tr v-if="(isHTTP || origin.protocol == 'tls') && !isOSS">