3.0.8 init

- Fixed rate limit bug #216 - Added HSTS auto subdomain include check
2025-06-06 23:57:21 +02:00 · 2024-06-25 18:10:39 +08:00 · 2024-06-25 18:10:39 +08:00 · 7e62fef879
commit 7e62fef879
parent a18413dd03
5 changed files with 39 additions and 6 deletions
--- a/src/main.go
+++ b/src/main.go
@ -55,9 +55,9 @@ var logOutputToFile = flag.Bool("log", true, "Log terminal output to file")

 var (
 	name        = "Zoraxy"
-	version     = "3.0.7"
+	version     = "3.0.8"
 	nodeUUID    = "generic"
-	development = false //Set this to false to use embedded web fs
+	development = true //Set this to false to use embedded web fs
 	bootTime    = time.Now().Unix()

 	/*
--- a/src/mod/dynamicproxy/customHeader.go
+++ b/src/mod/dynamicproxy/customHeader.go
@ -51,7 +51,13 @@ func (ept *ProxyEndpoint) SplitInboundOutboundHeaders() ([][]string, [][]string)

 	//Check if the endpoint require HSTS headers
 	if ept.HSTSMaxAge > 0 {
-		downstreamHeaders[downstreamHeaderCounter] = []string{"Strict-Transport-Security", "max-age=" + strconv.Itoa(int(ept.HSTSMaxAge))}
+		if ept.ContainsWildcardName(true) {
+			//Endpoint listening domain includes wildcards.
+			downstreamHeaders[downstreamHeaderCounter] = []string{"Strict-Transport-Security", "max-age=" + strconv.Itoa(int(ept.HSTSMaxAge)) + "; includeSubdomains"}
+		} else {
+			downstreamHeaders[downstreamHeaderCounter] = []string{"Strict-Transport-Security", "max-age=" + strconv.Itoa(int(ept.HSTSMaxAge))}
+		}
+
 		downstreamHeaderCounter++
 	}

--- a/src/mod/dynamicproxy/endpoints.go
+++ b/src/mod/dynamicproxy/endpoints.go
@ -133,6 +133,30 @@ func (ep *ProxyEndpoint) AddVirtualDirectoryRule(vdir *VirtualDirectoryEndpoint)
 	return readyRoutingRule, nil
 }

+// Check if the proxy endpoint hostname or alias name contains subdomain wildcard
+func (ep *ProxyEndpoint) ContainsWildcardName(skipAliasCheck bool) bool {
+	hostname := ep.RootOrMatchingDomain
+	aliasHostnames := ep.MatchingDomainAlias
+
+	wildcardCheck := func(hostname string) bool {
+		return len(hostname) > 0 && hostname[0] == '*'
+	}
+
+	if wildcardCheck(hostname) {
+		return true
+	}
+
+	if !skipAliasCheck {
+		for _, aliasHostname := range aliasHostnames {
+			if wildcardCheck(aliasHostname) {
+				return true
+			}
+		}
+	}
+
+	return false
+}
+
 // Create a deep clone object of the proxy endpoint
 // Note the returned object is not activated. Call to prepare function before pushing into runtime
 func (ep *ProxyEndpoint) Clone() *ProxyEndpoint {
--- a/src/reverseproxy.go
+++ b/src/reverseproxy.go
@ -475,9 +475,12 @@ func ReverseProxyHandleEditEndpoint(w http.ResponseWriter, r *http.Request) {
 		utils.SendErrorResponse(w, "invalid rate limit number")
 		return
 	}
-	if proxyRateLimit <= 0 {
+	
+	if  requireRateLimit && proxyRateLimit <= 0 {
 		utils.SendErrorResponse(w, "rate limit number must be greater than 0")
 		return
+	}else if proxyRateLimit < 0 {
+		proxyRateLimit = 1000
 	}

 	// Bypass WebSocket Origin Check
--- a/src/web/snippet/customHeaders.html
+++ b/src/web/snippet/customHeaders.html
@ -51,8 +51,8 @@
                    </tbody>
                </table>
                <p>
-                    <i class="angle double right blue icon"></i> Sent additional custom headers to origin server <br>
-                    <i class="angle double left orange icon"></i> Inject custom headers into origin server responses
+                    <i class="angle double right blue icon"></i> Add or remove headers before sending to origin server <br>
+                    <i class="angle double left orange icon"></i> Modify headers from origin server responses before sending to client
                </p>
                <div class="ui divider"></div>
                <h4>Edit Custom Header</h4>