From a2377d960e122daafc7b0834521b861d40e2bf1c Mon Sep 17 00:00:00 2001 From: midoks Date: Mon, 4 Sep 2023 12:47:12 +0800 Subject: [PATCH] =?UTF-8?q?=E7=BB=99=E9=98=B2=E7=9B=97=E9=93=BE=E5=A2=9E?= =?UTF-8?q?=E5=8A=A0=E7=A6=81=E6=AD=A2=E7=A9=BA=E6=9D=A5=E6=BA=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 15 ++------------ class/core/config_api.py | 2 +- class/core/site_api.py | 44 ++++++++++++++++++++++++++++++++-------- route/static/app/site.js | 33 +++++++++++++++++------------- 4 files changed, 58 insertions(+), 36 deletions(-) diff --git a/README.md b/README.md index 020ee003e..d9a03e87e 100644 --- a/README.md +++ b/README.md @@ -100,20 +100,9 @@ docker run -itd --name mw-server --privileged=true -p 7200:7200 -p 80:80 -p 443: ``` -### 版本更新 0.16.0 +### 版本更新 0.16.1 -yum install -y libargon2-devel -apt install -y libargon2-dev - -OP防火墙 - 重载即可 - -* 增加PHP83。 -* 面板日志单独为一页并加入日志审计功能。 -* 修复webssh服务器读取问题。 -* 站点批量删除修复。 -* OP防火墙-修复`自动强制验证`关闭不生效。 -* 新增OneDrive备份插件。 -* FTP备份优化。 +* 给防盗链增加禁止空来源。 ### JSDelivr安装地址 diff --git a/class/core/config_api.py b/class/core/config_api.py index c1511fdec..53f0e2b2d 100755 --- a/class/core/config_api.py +++ b/class/core/config_api.py @@ -27,7 +27,7 @@ from flask import request class config_api: - __version = '0.16.0' + __version = '0.16.1' __api_addr = 'data/api.json' def __init__(self): diff --git a/class/core/site_api.py b/class/core/site_api.py index a18bfc9f0..e7fca827a 100755 --- a/class/core/site_api.py +++ b/class/core/site_api.py @@ -1149,8 +1149,9 @@ class site_api: domains = request.form.get('domains', '') status = request.form.get('status', '') name = request.form.get('name', '') + none = request.form.get('none', '') sid = request.form.get('id', '') - return self.setSecurity(sid, name, fix, domains, status) + return self.setSecurity(sid, name, fix, domains, status, none) def getLogsApi(self): siteName = request.form.get('siteName', '') @@ -2430,9 +2431,28 @@ location ^~ {from} {\n\ tmp = re.search(rep, conf).group() data['fix'] = re.search( "\(.+\)\$", tmp).group().replace('(', '').replace(')$', '').replace('|', ',') - data['domains'] = ','.join(re.search( - "valid_referers\s+none\s+blocked\s+(.+);\n", tmp).groups()[0].split()) - data['status'] = True + + data['status'] = False + data['none'] = False + + valid_referers = re.search( + "valid_referers\s+(.+);\n", tmp) + valid_referers_none = re.search( + "valid_referers\s+none\s+blocked\s+(.+);\n", tmp) + + if valid_referers or valid_referers_none: + data['status'] = True + + if valid_referers_none: + domain_t = valid_referers_none.groups()[0].split() + data['domains'] = ','.join(domain_t) + data['none'] = True + elif valid_referers: + domain_t = valid_referers.groups()[0].split() + data['domains'] = ','.join(domain_t) + data['none'] = False + + # print(data) else: data['fix'] = 'jpg,jpeg,gif,png,js,css' domains = mw.M('domain').where( @@ -2442,19 +2462,27 @@ location ^~ {from} {\n\ tmp.append(domain['name']) data['domains'] = ','.join(tmp) data['status'] = False + data['none'] = False return mw.getJson(data) - def setSecurity(self, sid, name, fix, domains, status): + def setSecurity(self, sid, name, fix, domains, status, none=''): if len(fix) < 2: return mw.returnJson(False, 'URL后缀不能为空!') file = self.getHostConf(name) if os.path.exists(file): conf = mw.readFile(file) - if conf.find('SECURITY-START') != -1: + if status == 'false': rep = "\s{0,4}#SECURITY-START(\n|.){1,500}#SECURITY-END\n?" conf = re.sub(rep, '', conf) mw.writeLog('网站管理', '站点[' + name + ']已关闭防盗链设置!') else: + rep = "\s{0,4}#SECURITY-START(\n|.){1,500}#SECURITY-END\n?" + conf = re.sub(rep, '', conf) + + valid_referers = domains.strip().replace(',', ' ') + if none == 'true': + valid_referers = 'none blocked ' + valid_referers + pre_path = self.setupPath + "/php/conf" re_path = "include\s+" + pre_path + "/enable-php-" rconf = '''#SECURITY-START 防盗链配置 @@ -2462,13 +2490,13 @@ location ^~ {from} {\n\ { expires 30d; access_log /dev/null; - valid_referers none blocked %s; + valid_referers %s; if ($invalid_referer){ return 404; } } #SECURITY-END - include %s/enable-php-''' % (fix.strip().replace(',', '|'), domains.strip().replace(',', ' '), pre_path) + include %s/enable-php-''' % (fix.strip().replace(',', '|'), valid_referers, pre_path) conf = re.sub(re_path, rconf, conf) mw.writeLog('网站管理', '站点[' + name + ']已开启防盗链!') mw.writeFile(file, conf) diff --git a/route/static/app/site.js b/route/static/app/site.js index 36f3d4aab..b219c03e9 100755 --- a/route/static/app/site.js +++ b/route/static/app/site.js @@ -1108,11 +1108,13 @@ function getSiteErrorLogs(siteName){ function security(id,name){ var loadT = layer.msg(lan.site.the_msg,{icon:16,time:0,shade: [0.3, '#000']}); $.post('/site/get_security',{id:id,name:name},function(rdata){ + console.log(rdata); layer.close(loadT); var mbody = '
' +'

URL后缀

' +'

许可域名

' +'
' + +'
' +'