TRKJ/EdgeNode
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeNode.git synced 2025-11-03 23:20:25 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
c19be78e0da4ddc466383421ef12151635dc4c58
EdgeNode/internal/nodes/http_request_referers.go
GoEdgeLab c19be78e0d v1.4.1
2024-07-27 15:42:50 +08:00

79 lines
2.1 KiB
Go
Raw Blame History

// Copyright 2022 GoEdge goedge.cdn@gmail.com. All rights reserved. Official site: https://goedge.cloud .
package nodes
import (
"net/http"
"net/url"
)
func (this *HTTPRequest) doCheckReferers() (shouldStop bool) {
if this.web.Referers == nil {
return
}
// 检查URL
if !this.web.Referers.MatchURL(this.URL()) {
return
}
var origin = this.RawReq.Header.Get("Origin")
const cacheSeconds = "3600" // 时间不能过长,防止修改设置后长期无法生效
// 处理用到Origin的特殊功能
if this.web.Referers.CheckOrigin && len(origin) > 0 {
// 处理Websocket
if this.web.Websocket != nil && this.web.Websocket.IsOn && this.RawReq.Header.Get("Upgrade") == "websocket" {
originHost, _ := httpParseHost(origin)
if len(originHost) > 0 && this.web.Websocket.MatchOrigin(originHost) {
return
}
}
}
var refererURL = this.RawReq.Header.Get("Referer")
if len(refererURL) == 0 && this.web.Referers.CheckOrigin {
if len(origin) > 0 && origin != "null" {
if urlSchemeRegexp.MatchString(origin) {
refererURL = origin
} else {
refererURL = "https://" + origin
}
}
}
if len(refererURL) == 0 {
if this.web.Referers.MatchDomain(this.ReqHost, "") {
return
}
this.tags = append(this.tags, "refererCheck")
this.writer.Header().Set("Cache-Control", "max-age="+cacheSeconds)
this.writeCode(http.StatusForbidden, "The referer has been blocked.", "当前访问已被防盗链系统拦截。")
return true
}
u, err := url.Parse(refererURL)
if err != nil {
if this.web.Referers.MatchDomain(this.ReqHost, "") {
return
}
this.tags = append(this.tags, "refererCheck")
this.writer.Header().Set("Cache-Control", "max-age="+cacheSeconds)
this.writeCode(http.StatusForbidden, "The referer has been blocked.", "当前访问已被防盗链系统拦截。")
return true
}
if !this.web.Referers.MatchDomain(this.ReqHost, u.Host) {
this.tags = append(this.tags, "refererCheck")
this.writer.Header().Set("Cache-Control", "max-age="+cacheSeconds)
this.writeCode(http.StatusForbidden, "The referer has been blocked.", "当前访问已被防盗链系统拦截。")
return true
}
return
}
Reference in New Issue View Git Blame Copy Permalink