From a3d55a3274f28d4d714407cb4669cf232c7ce78c Mon Sep 17 00:00:00 2001
From: Toby Chui <tobychui@users.noreply.github.com>
Date: Sun, 20 Aug 2023 14:50:25 +0800
Subject: [PATCH] Patching redirection bug

+ Added wip basic auth editor custom exception rules
+ Added custom logic to handle apache screw up redirect header
---
 src/main.go                          |  2 +-
 src/mod/dynamicproxy/dpcore/utils.go |  4 +++-
 src/reverseproxy.go                  |  4 ++--
 src/web/components/rules.html        |  3 ++-
 src/web/snippet/basicAuthEditor.html | 29 +++++++++++++++++++++++++++-
 5 files changed, 36 insertions(+), 6 deletions(-)

diff --git a/src/main.go b/src/main.go
index 96d7d3f..434ce57 100644
--- a/src/main.go
+++ b/src/main.go
@@ -44,7 +44,7 @@ var (
 	name        = "Zoraxy"
 	version     = "2.6.6"
 	nodeUUID    = "generic"
-	development = false //Set this to false to use embedded web fs
+	development = true //Set this to false to use embedded web fs
 	bootTime    = time.Now().Unix()
 
 	/*
diff --git a/src/mod/dynamicproxy/dpcore/utils.go b/src/mod/dynamicproxy/dpcore/utils.go
index 7f99fb4..27459b6 100644
--- a/src/mod/dynamicproxy/dpcore/utils.go
+++ b/src/mod/dynamicproxy/dpcore/utils.go
@@ -25,7 +25,9 @@ func replaceLocationHost(urlString string, rrr *ResponseRewriteRuleSet, useTLS b
 	//E.g. Proxy config: blog.example.com -> example.com/blog
 	//Check if it is actually redirecting to example.com instead of a new domain
 	//like news.example.com.
-	if rrr.ProxyDomain != u.Host {
+	// The later check bypass apache screw up method of redirection header
+	// e.g. https://imuslab.com -> http://imuslab.com:443
+	if rrr.ProxyDomain != u.Host && !strings.Contains(u.Host, rrr.OriginalHost+":") {
 		//New location domain not matching proxy target domain.
 		//Do not modify location header
 		return urlString, nil
diff --git a/src/reverseproxy.go b/src/reverseproxy.go
index 000653c..1e032a4 100644
--- a/src/reverseproxy.go
+++ b/src/reverseproxy.go
@@ -644,7 +644,7 @@ func HandleIncomingPortSet(w http.ResponseWriter, r *http.Request) {
 
 	newIncomingPortInt, err := strconv.Atoi(newIncomingPort)
 	if err != nil {
-		utils.SendErrorResponse(w, "invalid incoming port given")
+		utils.SendErrorResponse(w, "Invalid incoming port given")
 		return
 	}
 
@@ -652,7 +652,7 @@ func HandleIncomingPortSet(w http.ResponseWriter, r *http.Request) {
 	if dynamicProxyRouter.Root == nil || dynamicProxyRouter.Root.Domain == "" {
 		//Check if proxy root is set before checking recursive listen
 		//Fixing issue #43
-		utils.SendErrorResponse(w, "Proxy root not set")
+		utils.SendErrorResponse(w, "Set Proxy Root before changing inbound port")
 		return
 	}
 
diff --git a/src/web/components/rules.html b/src/web/components/rules.html
index b70a6ab..a952ed8 100644
--- a/src/web/components/rules.html
+++ b/src/web/components/rules.html
@@ -377,7 +377,8 @@
                 column.empty().append(`<div class="ui checkbox" style="margin-top: 0.4em;">
                     <input type="checkbox" class="RequireBasicAuth" ${checkstate}>
                     <label>Require Basic Auth</label>
-                </div> <button class="ui basic tiny button" style="margin-left: 0.4em;" onclick="editBasicAuthCredentials('${endpointType}','${uuid}');"><i class="ui blue lock icon"></i> Edit Credentials</button>`);
+                    </div>
+                    <button class="ui basic tiny button" style="margin-left: 0.4em; margin-top: 0.4em;" onclick="editBasicAuthCredentials('${endpointType}','${uuid}');"><i class="ui blue lock icon"></i> Edit Settings</button>`);
 
             }else if (datatype == 'action'){
                 column.empty().append(`
diff --git a/src/web/snippet/basicAuthEditor.html b/src/web/snippet/basicAuthEditor.html
index f9934d9..4b80546 100644
--- a/src/web/snippet/basicAuthEditor.html
+++ b/src/web/snippet/basicAuthEditor.html
@@ -11,10 +11,12 @@
         <div class="ui container">
             <div class="ui header">
                 <div class="content">
-                    Basic Auth Credential
+                    Basic Auth Settings
                     <div class="sub header" id="epname"></div>
                 </div>
             </div>
+            <div class="ui divider"></div>
+            <h3 class="ui header">Basic Auth Credential</h3>
             <div class="scrolling content ui form">
                 <div id="inlineEditBasicAuthCredentials" class="field">
                     <p>Enter the username and password for allowing them to access this proxy endpoint</p>
@@ -49,6 +51,31 @@
                     </div>
                 </div>
             </div>
+            <div class="ui divider"></div>
+            <h3 class="ui header">No-Auth Paths</h3>
+            <div class="scrolling content ui form">
+                <p>Exclude specific paths from the basic auth interface. Useful if you are hosting services require remote API access.</p>
+                    <table class="ui very basic compacted unstackable celled table">
+                        <thead>
+                        <tr>
+                            <th>Username</th>
+                            <th>Password</th>
+                            <th>Remove</th>
+                        </tr></thead>
+                        <tbody id="inlineEditExclusionPaths">
+                        <tr>
+                            <td colspan="3"><i class="ui green circle check icon"></i> No Path Excluded</td>
+                        </tr>
+                        </tbody>
+                    </table>
+                    <div class="field">
+                        <input id="inlineEditExclusionPath" type="text" placeholder="/api" autocomplete="off">
+                    </div>
+                    <div class="field" >
+                        <button class="ui basic button" onclick="addCredentialsToEditingList();"><i class="blue add icon"></i> Add Credential</button>
+                    </div>
+            </div>
+
         </div>
         <script>
             let editingCredentials = [];