diff --git a/browser.js b/browser.js new file mode 100644 index 0000000..87591e6 --- /dev/null +++ b/browser.js @@ -0,0 +1,4 @@ +function executeUserScript() { + var userScript = document.getElementById('userScript').value; + eval(userScript); +} \ No newline at end of file diff --git a/index.js b/index.js new file mode 100644 index 0000000..5fdfabd --- /dev/null +++ b/index.js @@ -0,0 +1,61 @@ +const express = require('express'); +const axios = require('axios'); +const { URL } = require('url'); +const dns = require('dns').promises; +const app = express(); + + +function isPrivateIp(ip) { + return ip === '::1' || + /^127\./.test(ip) || + /^10\./.test(ip) || + /^192\.168\./.test(ip) || + /^172\.(1[6-9]|2[0-9]|3[0-1])\./.test(ip) || + ip.startsWith('fc') || ip.startsWith('fd') || + ip.startsWith('fe80:'); + } + +app.get('/', (req, res) => { + res.send('Hello World'); +}); + + +app.get('/fetch', async (req, res) => { + const url = req.query.url; + let parsedUrl; + try { + parsedUrl = new URL(url); + } catch (e) { + return res.status(400).send('Invalid URL'); + } + const hostname = parsedUrl.hostname; + if (!['http:', 'https:'].includes(parsedUrl.protocol) || + hostname === 'localhost' || + hostname === '127.0.0.1' || + hostname === '::1' || + /^(10|127)\./.test(hostname) || + /^172\.(1[6-9]|2[0-9]|3[0-1])\./.test(hostname) || + /^192\.168\./.test(hostname)) { + return res.status(400).send('URL not allowed'); + } + try { + // DNS resolution to prevent DNS rebinding + try { + const addresses = await dns.lookup(parsedUrl.hostname, { all: true }); + for (const { address } of addresses) { + if (isPrivateIp(address)) { + return res.status(400).send('URL not allowed'); + } + } + } catch (e) { + return res.status(400).send('Invalid hostname'); + } + + const resp = await axios.get(url); + res.send(resp.data); + } catch (e) { + res.status(500).send(e.message); + } + }); + + app.listen(3000, () => console.log('HTTP server on port 3000')); \ No newline at end of file diff --git a/index.php b/index.php new file mode 100644 index 0000000..4b07485 --- /dev/null +++ b/index.php @@ -0,0 +1,5 @@ +" +$_GET["search"] + ""; + +?> \ No newline at end of file