| |
| |
| |
| |
| |
| |
| "use strict"; |
|
|
| const https = require("https"); |
| const http = require("http"); |
|
|
| let PROXY_URL = process.env.CLOUDFLARE_PROXY_URL; |
| if ( |
| PROXY_URL && |
| !PROXY_URL.startsWith("http://") && |
| !PROXY_URL.startsWith("https://") |
| ) { |
| PROXY_URL = `https://${PROXY_URL}`; |
| } |
|
|
| const DEBUG = process.env.CLOUDFLARE_PROXY_DEBUG === "true"; |
| const PROXY_SHARED_SECRET = (process.env.CLOUDFLARE_PROXY_SECRET || "").trim(); |
|
|
| |
| const PROXY_DOMAINS = |
| process.env.CLOUDFLARE_PROXY_DOMAINS || |
| "api.telegram.org,discord.com,discordapp.com,gateway.discord.gg,status.discord.com"; |
| const BLOCKED_DOMAINS = PROXY_DOMAINS.split(",").map((d) => d.trim()); |
| const PROXY_ALL = PROXY_DOMAINS === "*"; |
|
|
| if (PROXY_URL) { |
| try { |
| const proxy = new URL(PROXY_URL); |
| const originalHttpsRequest = https.request; |
| const originalHttpRequest = http.request; |
|
|
| const patch = (original, isHttps) => { |
| return function (options, callback) { |
| let hostname = ""; |
| let path = ""; |
| let headers = {}; |
|
|
| |
| if (typeof options === "string") { |
| const u = new URL(options); |
| hostname = u.hostname; |
| path = u.pathname + u.search; |
| } else if (options instanceof URL) { |
| hostname = options.hostname; |
| path = options.pathname + options.search; |
| headers = options.headers || {}; |
| } else { |
| hostname = |
| options.hostname || |
| (options.host ? options.host.split(":")[0] : ""); |
| path = options.path || "/"; |
| headers = options.headers || {}; |
| } |
|
|
| |
| const isInternal = |
| hostname === "localhost" || |
| hostname === "127.0.0.1" || |
| hostname.endsWith(".hf.space") || |
| hostname.endsWith(".huggingface.co") || |
| hostname === "huggingface.co"; |
|
|
| let shouldProxy = false; |
| if (PROXY_ALL) { |
| shouldProxy = !isInternal; |
| } else { |
| shouldProxy = BLOCKED_DOMAINS.some( |
| (domain) => hostname === domain || hostname.endsWith("." + domain), |
| ); |
| } |
|
|
| const alreadyProxied = |
| options._proxied || (headers && headers["x-target-host"]); |
|
|
| if (shouldProxy && !alreadyProxied) { |
| if (DEBUG) |
| console.log( |
| `[cloudflare-proxy] Redirecting ${hostname}${path} -> ${proxy.hostname}`, |
| ); |
|
|
| |
| const newOptions = |
| typeof options === "string" || options instanceof URL |
| ? { protocol: "https:", path: path } |
| : { ...options }; |
|
|
| |
| if (typeof newOptions !== "object") |
| return original.apply(this, arguments); |
|
|
| newOptions._proxied = true; |
| newOptions.protocol = "https:"; |
| newOptions.hostname = proxy.hostname; |
| newOptions.port = proxy.port || 443; |
|
|
| |
| newOptions.servername = proxy.hostname; |
| delete newOptions.host; |
| delete newOptions.agent; |
|
|
| |
| newOptions.headers = { |
| ...(newOptions.headers || {}), |
| host: proxy.host, |
| "x-target-host": hostname, |
| }; |
|
|
| if (PROXY_SHARED_SECRET) { |
| newOptions.headers["x-proxy-key"] = PROXY_SHARED_SECRET; |
| } |
|
|
| |
| return originalHttpsRequest.call(https, newOptions, callback); |
| } |
|
|
| return original.apply(this, arguments); |
| }; |
| }; |
|
|
| https.request = patch(originalHttpsRequest, true); |
| http.request = patch(originalHttpRequest, false); |
|
|
| if (DEBUG) { |
| if (PROXY_ALL) { |
| console.log( |
| `[cloudflare-proxy] Transparent proxy active in WILDCARD mode (Proxying ALL except HF internal)`, |
| ); |
| } else { |
| console.log( |
| `[cloudflare-proxy] Transparent proxy active for: ${BLOCKED_DOMAINS.join(", ")}`, |
| ); |
| } |
| console.log(`[cloudflare-proxy] Target proxy: ${proxy.hostname}`); |
| } |
| } catch (e) { |
| if (DEBUG) |
| console.error(`[cloudflare-proxy] Failed to initialize: ${e.message}`); |
| } |
| } |
|
|
