forked from masterking32/MasterHttpRelayVPN
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathCode.gs
More file actions
182 lines (159 loc) · 5.33 KB
/
Code.gs
File metadata and controls
182 lines (159 loc) · 5.33 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
/**
* DomainFront Relay — Google Apps Script
*
* TWO modes:
* 1. Single: POST { k, m, u, h, b, ct, r } → { s, h, b }
* 2. Batch: POST { k, q: [{m,u,h,b,ct,r}, ...] } → { q: [{s,h,b}, ...] }
* Uses UrlFetchApp.fetchAll() — all URLs fetched IN PARALLEL.
*
* DEPLOYMENT:
* 1. Go to https://script.google.com → New project
* 2. Delete the default code, paste THIS entire file
* 3. Click Deploy → New deployment
* 4. Type: Web app | Execute as: Me | Who has access: Anyone
* 5. Copy the Deployment ID into config.json as "script_id"
*
* CHANGE THE AUTH KEY BELOW TO YOUR OWN SECRET!
*/
const AUTH_KEY = "CHANGE_ME_TO_A_STRONG_SECRET";
// Keep browser capability headers (sec-ch-ua*, sec-fetch-*) intact.
// Some modern apps, notably Google Meet, use them for browser gating.
// Maximum seconds to wait for any single upstream fetch.
// Matches the Python client's 25s timeout. Without this, a slow upstream
// can hold up an entire batch until Apps Script's 6-minute execution limit.
const FETCH_DEADLINE = 25;
const SKIP_HEADERS = {
host: 1, connection: 1, "content-length": 1,
"transfer-encoding": 1, "proxy-connection": 1, "proxy-authorization": 1,
"priority": 1, te: 1,
};
function doPost(e) {
try {
var req = JSON.parse(e.postData.contents);
// Reject requests using the default key — deployer forgot to change it.
if (AUTH_KEY === "CHANGE_ME_TO_A_STRONG_SECRET") {
return _json({ e: "relay not configured: change AUTH_KEY before deploying" });
}
if (req.k !== AUTH_KEY) return _json({ e: "unauthorized" });
// Batch mode: { k, q: [...] }
if (Array.isArray(req.q)) return _doBatch(req.q);
// Single mode
return _doSingle(req);
} catch (err) {
return _json({ e: String(err) });
}
}
function _doSingle(req) {
if (!req.u || typeof req.u !== "string" || !req.u.match(/^https?:\/\//i)) {
return _json({ e: "bad url" });
}
// UrlFetchApp hard limit ~2048 chars — return 414 so client can retry as POST
if (req.u.length > 2000) {
return _json({ s: 414, h: {}, b: "" });
}
var opts = _buildOpts(req);
// HEAD is not supported by UrlFetchApp. Intercept and return empty success.
if (opts.method === "head") {
return _json({ s: 200, h: { "content-type": "text/plain" }, b: "" });
}
var resp = UrlFetchApp.fetch(req.u, opts);
return _json({
s: resp.getResponseCode(),
h: _respHeaders(resp),
b: Utilities.base64Encode(resp.getContent()),
});
}
function _doBatch(items) {
var fetchArgs = [];
var results = new Array(items.length);
for (var i = 0; i < items.length; i++) {
var item = items[i];
if (!item.u || typeof item.u !== "string" || !item.u.match(/^https?:\/\//i)) {
results[i] = { e: "bad url" };
continue;
}
if (item.u.length > 2000) {
results[i] = { s: 414, h: {}, b: "" };
continue;
}
var opts = _buildOpts(item);
if (opts.method === "head") {
results[i] = { s: 200, h: { "content-type": "text/plain" }, b: "" };
continue;
}
opts.url = item.u;
fetchArgs.push({ _i: i, _o: opts });
}
// fetchAll() processes all requests in parallel inside Google.
// Wrapped in try-catch: if fetchAll itself throws (DNS failure, Apps Script
// memory limit, internal error), fill remaining slots with error objects
// so the client gets partial results instead of a top-level batch failure.
if (fetchArgs.length > 0) {
try {
var responses = UrlFetchApp.fetchAll(fetchArgs.map(function(x) { return x._o; }));
for (var j = 0; j < responses.length; j++) {
var resp = responses[j];
var originalIndex = fetchArgs[j]._i;
results[originalIndex] = {
s: resp.getResponseCode(),
h: resp.getHeaders(),
b: Utilities.base64Encode(resp.getContent()),
};
}
} catch (err) {
// Fill any slot not yet written with an error entry
for (var k = 0; k < fetchArgs.length; k++) {
var idx = fetchArgs[k]._i;
if (results[idx] === undefined) {
results[idx] = { e: "fetch failed: " + String(err) };
}
}
}
}
return _json({ q: results });
}
function _buildOpts(req) {
var opts = {
method: (req.m || "GET").toLowerCase(),
muteHttpExceptions: true,
followRedirects: req.r !== false,
validateHttpsCertificates: true,
escaping: false,
deadline: FETCH_DEADLINE,
};
if (req.h && typeof req.h === "object") {
var headers = {};
for (var k in req.h) {
if (req.h.hasOwnProperty(k) && !SKIP_HEADERS[k.toLowerCase()]) {
headers[k] = req.h[k];
}
}
opts.headers = headers;
}
if (req.b) {
opts.payload = Utilities.base64Decode(req.b);
if (req.ct) opts.contentType = req.ct;
}
return opts;
}
function _respHeaders(resp) {
try {
if (typeof resp.getAllHeaders === "function") {
return resp.getAllHeaders();
}
} catch (err) {}
return resp.getHeaders();
}
function doGet(e) {
return HtmlService.createHtmlOutput(
"<!DOCTYPE html><html><head><title>My App</title></head>" +
'<body style="font-family:sans-serif;max-width:600px;margin:40px auto">' +
"<h1>Welcome</h1><p>This application is running normally.</p>" +
"</body></html>"
);
}
function _json(obj) {
return ContentService.createTextOutput(JSON.stringify(obj)).setMimeType(
ContentService.MimeType.JSON
);
}