TRKJ/EdgeCommon
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeCommon.git synced 2025-11-09 00:20:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

增加CC防护相关API定义、配置

Browse Source
This commit is contained in:
GoEdgeLab
2023-03-09 12:10:31 +08:00
parent 0145758e70
commit 0e49f880e1
7 changed files with 647 additions and 306 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
build/rpc.json
View File

@@ -3399,6 +3399,24 @@
], ],
"isDeprecated": false "isDeprecated": false
}, },
{
"name": "updateHTTPWebCC",
"requestMessageName": "UpdateHTTPWebCCRequest",
"responseMessageName": "RPCSuccess",
"code": "rpc updateHTTPWebCC(UpdateHTTPWebCCRequest) returns (RPCSuccess);",
"doc": "修改CC设置",
"roles": [],
"isDeprecated": false
},
{
"name": "findHTTPWebCC",
"requestMessageName": "FindHTTPWebCCRequest",
"responseMessageName": "FindHTTPWebCCResponse",
"code": "rpc findHTTPWebCC(FindHTTPWebCCRequest) returns (FindHTTPWebCCResponse);",
"doc": "查找UAM设置",
"roles": [],
"isDeprecated": false
},
{ {
"name": "updateHTTPWebReferers", "name": "updateHTTPWebReferers",
"requestMessageName": "UpdateHTTPWebReferersRequest", "requestMessageName": "UpdateHTTPWebReferersRequest",
@@ -17934,6 +17952,16 @@
"code": "message FindHTTPAccessLogResponse {\n\tHTTPAccessLog httpAccessLog = 1;\n}", "code": "message FindHTTPAccessLogResponse {\n\tHTTPAccessLog httpAccessLog = 1;\n}",
"doc": "" "doc": ""
}, },
{
"name": "FindHTTPWebCCRequest",
"code": "message FindHTTPWebCCRequest {\n\tint64 httpWebId = 1;\n}",
"doc": "查找服务UAM设置"
},
{
"name": "FindHTTPWebCCResponse",
"code": "message FindHTTPWebCCResponse {\n\tbytes ccJSON = 1;\n}",
"doc": ""
},
{ {
"name": "FindHTTPWebHostRedirectsRequest", "name": "FindHTTPWebHostRedirectsRequest",
"code": "message FindHTTPWebHostRedirectsRequest {\n\tint64 httpWebId = 1;\n}", "code": "message FindHTTPWebHostRedirectsRequest {\n\tint64 httpWebId = 1;\n}",
@@ -20959,6 +20987,11 @@
"code": "message UpdateHTTPWebAuthRequest {\n\tint64 httpWebId = 1;\n\tbytes authJSON = 2;\n}", "code": "message UpdateHTTPWebAuthRequest {\n\tint64 httpWebId = 1;\n\tbytes authJSON = 2;\n}",
"doc": "更改认证设置" "doc": "更改认证设置"
}, },
{
"name": "UpdateHTTPWebCCRequest",
"code": "message UpdateHTTPWebCCRequest {\n\tint64 httpWebId = 1;\n\tbytes ccJSON = 2;\n}",
"doc": "修改服务CC设置"
},
{ {
"name": "UpdateHTTPWebCacheRequest", "name": "UpdateHTTPWebCacheRequest",
"code": "message UpdateHTTPWebCacheRequest {\n\tint64 httpWebId = 1;\n\tbytes cacheJSON = 2; // @link json:http_cache_config\n}", "code": "message UpdateHTTPWebCacheRequest {\n\tint64 httpWebId = 1;\n\tbytes cacheJSON = 2; // @link json:http_cache_config\n}",

826
pkg/rpc/pb/service_http_web.pb.go
View File

File diff suppressed because it is too large Load Diff

21
pkg/rpc/protos/service_http_web.proto
View File

@@ -101,6 +101,12 @@ service HTTPWebService {
// 查找UAM设置 // 查找UAM设置
rpc findHTTPWebUAM(FindHTTPWebUAMRequest) returns (FindHTTPWebUAMResponse); rpc findHTTPWebUAM(FindHTTPWebUAMRequest) returns (FindHTTPWebUAMResponse);
// 修改CC设置
rpc updateHTTPWebCC(UpdateHTTPWebCCRequest) returns (RPCSuccess);
// 查找UAM设置
rpc findHTTPWebCC(FindHTTPWebCCRequest) returns (FindHTTPWebCCResponse);
// 修改防盗链设置 // 修改防盗链设置
rpc updateHTTPWebReferers(UpdateHTTPWebReferersRequest) returns (RPCSuccess); rpc updateHTTPWebReferers(UpdateHTTPWebReferersRequest) returns (RPCSuccess);
@@ -321,6 +327,21 @@ message FindHTTPWebUAMResponse {
bytes uamJSON = 1; bytes uamJSON = 1;
} }
// 修改服务CC设置
message UpdateHTTPWebCCRequest {
int64 httpWebId = 1;
bytes ccJSON = 2;
}
// 查找服务UAM设置
message FindHTTPWebCCRequest {
int64 httpWebId = 1;
}
message FindHTTPWebCCResponse {
bytes ccJSON = 1;
}
// 修改防盗链设置 // 修改防盗链设置
message UpdateHTTPWebReferersRequest { message UpdateHTTPWebReferersRequest {
int64 httpWebId = 1; int64 httpWebId = 1;

33
pkg/serverconfigs/http_cc_config.go
View File

@@ -1,47 +1,22 @@
// Copyright 2023 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn . // Copyright 2023 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
//go:build !plus
package serverconfigs package serverconfigs
import "strings"
// HTTPCCConfig HTTP CC防护配置 // HTTPCCConfig HTTP CC防护配置
type HTTPCCConfig struct { type HTTPCCConfig struct {
IsPrior bool `yaml:"isPrior" json:"isPrior"` // 是否覆盖父级 IsPrior bool `yaml:"isPrior" json:"isPrior"` // 是否覆盖父级
IsOn bool `yaml:"isOn" json:"isOn"` // 是否启用 IsOn bool `yaml:"isOn" json:"isOn"` // 是否启用
WithRequestPath bool `yaml:"withRequestPath" json:"withRequestPath"` // 根据URL路径区分请求
PeriodSeconds int32 `yaml:"periodSeconds" json:"periodSeconds"` // 计算周期
MaxRequests int32 `yaml:"maxRequests" json:"maxRequests"` // 请求数最大值
MaxConnections int32 `yaml:"maxConnections" json:"maxConnections"` // 连接数最大值
IgnoreCommonFiles bool `yaml:"ignoreCommonFiles" json:"ignoreCommonFiles"` // 忽略常用文件如CSS、JS等
IgnoreCommonAgents bool `yaml:"ignoreCommonAgents" json:"ignoreCommonAgents"` // 忽略常见搜索引擎等
Action string `yaml:"action" json:"action"` // 动作比如block、captcha等
fullKey string
} }
func NewHTTPCCConfig() *HTTPCCConfig { func NewHTTPCCConfig() *HTTPCCConfig {
return &HTTPCCConfig{ return &HTTPCCConfig{}
WithRequestPath: false,
PeriodSeconds: 10,
MaxRequests: 60,
MaxConnections: 10,
IgnoreCommonFiles: false,
IgnoreCommonAgents: true,
Action: "captcha",
}
} }
func (this *HTTPCCConfig) Init() error { func (this *HTTPCCConfig) Init() error {
// 组合Key
var keys = []string{"${remoteAddr}"}
if this.WithRequestPath {
keys = append(keys, "${requestPath}")
}
this.fullKey = strings.Join(keys, "@")
return nil return nil
} }
func (this *HTTPCCConfig) Key() string { func (this *HTTPCCConfig) MatchURL(url string) bool {
return this.fullKey return false
} }

2
pkg/serverconfigs/http_web_config.go
View File

@@ -51,7 +51,7 @@ type HTTPWebConfig struct {
// UAM, CC ... // UAM, CC ...
UAM *UAMConfig `yaml:"uam" json:"uam"` UAM *UAMConfig `yaml:"uam" json:"uam"`
CC *UAMConfig `yaml:"cc" json:"cc"` CC *HTTPCCConfig `yaml:"cc" json:"cc"`
} }
func (this *HTTPWebConfig) Init() error { func (this *HTTPWebConfig) Init() error {

6
pkg/serverconfigs/shared/url_pattern.go
View File

@@ -34,7 +34,11 @@ func (this *URLPattern) Init() error {
for index, piece := range pieces { for index, piece := range pieces {
pieces[index] = regexp.QuoteMeta(piece) pieces[index] = regexp.QuoteMeta(piece)
} }
reg, err := regexp.Compile("(?i)" /** 大小写不敏感 **/ + "^" + strings.Join(pieces, "(.*)") + "$") var pattern = strings.Join(pieces, "(.*)")
if len(pattern) > 0 && pattern[0] == '/' {
pattern = "(http|https)://[\\w.-]+" + pattern
}
reg, err := regexp.Compile("(?i)" /** 大小写不敏感 **/ + "^" + pattern + "$")
if err != nil { if err != nil {
return err return err
} }

26
pkg/serverconfigs/shared/url_pattern_test.go
View File

@@ -4,13 +4,10 @@ package shared_test
import ( import (
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/shared" "github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/shared"
"github.com/iwind/TeaGo/assert"
"testing" "testing"
) )
func TestURLPattern_Match(t *testing.T) { func TestURLPattern_Match(t *testing.T) {
var a = assert.NewAssertion(t)
type unitTest struct { type unitTest struct {
patternType string patternType string
pattern string pattern string
@@ -55,6 +52,24 @@ func TestURLPattern_Match(t *testing.T) {
url: "https://example.com", url: "https://example.com",
result: false, result: false,
}, },
{
patternType: "wildcard",
pattern: "https://example.com",
url: "https://example.com",
result: true,
},
{
patternType: "wildcard",
pattern: "/hello/world",
url: "https://example-test.com/hello/world",
result: true,
},
{
patternType: "wildcard",
pattern: "/hello/world",
url: "https://example-test.com/123/hello/world",
result: false,
},
{ {
patternType: "regexp", patternType: "regexp",
pattern: ".*", pattern: ".*",
@@ -94,6 +109,9 @@ func TestURLPattern_Match(t *testing.T) {
if err != nil { if err != nil {
t.Fatal(err) t.Fatal(err)
} }
a.IsTrue(p.Match(ut.url) == ut.result) var b = p.Match(ut.url) == ut.result
if !b {
t.Fatal("not matched pattern:", ut.pattern, "url:", ut.url)
}
} }
} }