mirror of
https://github.com/tobychui/zoraxy.git
synced 2025-08-05 12:56:48 +02:00
de658a3c6c
- Added potential fix for #130 - Added fix for disabled virtual directory check (future features) - Updated version number to v3.0.3
66 lines
2.0 KiB
Go
66 lines
2.0 KiB
Go
package dynamicproxy
|
|
|
|
import (
|
|
"log"
|
|
"net/http"
|
|
"os"
|
|
"path/filepath"
|
|
|
|
"imuslab.com/zoraxy/mod/access"
|
|
"imuslab.com/zoraxy/mod/netutils"
|
|
)
|
|
|
|
// Handle access check (blacklist / whitelist), return true if request is handled (aka blocked)
|
|
// if the return value is false, you can continue process the response writer
|
|
func (h *ProxyHandler) handleAccessRouting(ruleID string, w http.ResponseWriter, r *http.Request) bool {
|
|
accessRule, err := h.Parent.Option.AccessController.GetAccessRuleByID(ruleID)
|
|
if err != nil {
|
|
//Unable to load access rule. Target rule not found?
|
|
log.Println("[Proxy] Unable to load access rule: " + ruleID)
|
|
w.WriteHeader(http.StatusInternalServerError)
|
|
w.Write([]byte("500 - Internal Server Error"))
|
|
return true
|
|
}
|
|
|
|
isBlocked, blockedReason := accessRequestBlocked(accessRule, h.Parent.Option.WebDirectory, w, r)
|
|
if isBlocked {
|
|
h.logRequest(r, false, 403, blockedReason, "")
|
|
}
|
|
return isBlocked
|
|
}
|
|
|
|
// Return boolean, return true if access is blocked
|
|
// For string, it will return the blocked reason (if any)
|
|
func accessRequestBlocked(accessRule *access.AccessRule, templateDirectory string, w http.ResponseWriter, r *http.Request) (bool, string) {
|
|
//Check if this ip is in blacklist
|
|
clientIpAddr := netutils.GetRequesterIP(r)
|
|
if accessRule.IsBlacklisted(clientIpAddr) {
|
|
w.Header().Set("Content-Type", "text/html; charset=utf-8")
|
|
w.WriteHeader(http.StatusForbidden)
|
|
template, err := os.ReadFile(filepath.Join(templateDirectory, "templates/blacklist.html"))
|
|
if err != nil {
|
|
w.Write(page_forbidden)
|
|
} else {
|
|
w.Write(template)
|
|
}
|
|
|
|
return true, "blacklist"
|
|
}
|
|
|
|
//Check if this ip is in whitelist
|
|
if !accessRule.IsWhitelisted(clientIpAddr) {
|
|
w.Header().Set("Content-Type", "text/html; charset=utf-8")
|
|
w.WriteHeader(http.StatusForbidden)
|
|
template, err := os.ReadFile(filepath.Join(templateDirectory, "templates/whitelist.html"))
|
|
if err != nil {
|
|
w.Write(page_forbidden)
|
|
} else {
|
|
w.Write(template)
|
|
}
|
|
return true, "whitelist"
|
|
}
|
|
|
|
//Not blocked.
|
|
return false, ""
|
|
}
|