From 3048ae7ff1180a10581809f8646f43bf5270fc7b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E7=8E=8B=E8=89=AF?= <841369634@qq.com>
Date: Tue, 26 Mar 2024 14:46:42 +0800
Subject: [PATCH] =?UTF-8?q?feature:=20=E6=96=B0=E5=A2=9E=20OPTIONS=20?=
 =?UTF-8?q?=E8=AF=B7=E6=B1=82=E6=8B=A6=E6=88=AA=E5=99=A8=E3=80=82=20(#280)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 README.md                                     | 12 +++--
 packages/core/start.js                        |  2 -
 packages/core/start2.js                       |  1 -
 .../src/lib/interceptor/impl/req/OPTIONS.js   | 52 +++++++++++++++++++
 .../mitmproxy/src/lib/interceptor/index.js    |  3 ++
 packages/mitmproxy/src/utils/os.util.js       |  6 ---
 6 files changed, 62 insertions(+), 14 deletions(-)
 delete mode 100644 packages/core/start.js
 delete mode 100644 packages/core/start2.js
 create mode 100644 packages/mitmproxy/src/lib/interceptor/impl/req/OPTIONS.js
 delete mode 100644 packages/mitmproxy/src/utils/os.util.js

diff --git a/README.md b/README.md
index 9434b02..ad5792a 100644
--- a/README.md
+++ b/README.md
@@ -181,11 +181,13 @@ const intercepts = {
      //需要拦截url的正则表达式
      '/.*/.*/releases/download/': {
         //拦截类型
-        // redirect: url,  临时重定向(url会变，一些下载资源可以通过此方式配置)
-        // proxy: url,     代理（url不会变，没有跨域问题）
-        // abort: true,    取消请求（适用于被***封锁的资源，找不到替代，直接取消请求，快速失败，节省时间）
-        // success: true,  直接返回成功请求（某些请求不想发出去，可以伪装成功返回）
-        // cacheDays: 1,   GET请求的缓存时间，单位天（常用于一些静态资源）
+        // redirect: url,          // 临时重定向（url会变，一些下载资源可以通过此方式配置）
+        // proxy: url,             // 代理（url不会变，没有跨域问题）
+        // abort: true,            // 取消请求（适用于被***封锁的资源，找不到替代，直接取消请求，快速失败，节省时间）
+        // success: true,          // 直接返回成功请求（某些请求不想发出去，可以伪装成功返回）
+        // cacheDays: 1,           // GET请求的使用缓存，单位：天（常用于一些静态资源）
+        // options: true,          // OPTIONS请求直接返回成功请求（该功能存在一定风险，请谨慎使用）
+        // optionsMaxAge: 2592000, // OPTIONS请求缓存时间，默认：2592000（一个月）
         redirect: 'download.fastgit.org'
       },
       '.*':{
diff --git a/packages/core/start.js b/packages/core/start.js
deleted file mode 100644
index 9a797dd..0000000
--- a/packages/core/start.js
+++ /dev/null
@@ -1,2 +0,0 @@
-// eslint-disable-next-line no-unused-vars
-const start = require('./start/index.js')
diff --git a/packages/core/start2.js b/packages/core/start2.js
deleted file mode 100644
index 6eaa8fb..0000000
--- a/packages/core/start2.js
+++ /dev/null
@@ -1 +0,0 @@
-const https = require('https')
diff --git a/packages/mitmproxy/src/lib/interceptor/impl/req/OPTIONS.js b/packages/mitmproxy/src/lib/interceptor/impl/req/OPTIONS.js
new file mode 100644
index 0000000..09e4a83
--- /dev/null
+++ b/packages/mitmproxy/src/lib/interceptor/impl/req/OPTIONS.js
@@ -0,0 +1,52 @@
+const defaultAllowHeaders = '*'
+const defaultAllowMethods = 'GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH' // CONNECT、TRACE被认为是不安全的请求，通常不建议允许跨域
+
+function readConfig (config, defaultConfig) {
+  if (config) {
+    if (Object.isArray(config)) {
+      config = config.join(',')
+    }
+  } else {
+    config = defaultConfig
+  }
+  return config
+}
+
+module.exports = {
+  requestIntercept (context, interceptOpt, req, res, ssl, next) {
+    const { rOptions, log } = context
+
+    // 不是 OPTIONS 请求，或请求头中不含 origin 时，跳过当前拦截器
+    if (rOptions.method !== 'OPTIONS' || rOptions.headers.origin == null) {
+      return
+    }
+
+    // 从请求头中获取跨域相关信息；如果不存在，则从配置中获取的值；如果还不存在，则使用默认值
+    const allowHeaders = rOptions.headers['access-control-request-headers'] || readConfig(interceptOpt.optionsAllowHeaders, defaultAllowHeaders)
+    const allowMethods = rOptions.headers['access-control-request-method'] || readConfig(interceptOpt.optionsAllowMethods, defaultAllowMethods)
+
+    const headers = {
+      // 允许跨域
+      'Dev-Sidecar-Interceptor': 'options',
+      'Access-Control-Allow-Origin': rOptions.headers.origin,
+      'Access-Control-Allow-Headers': allowHeaders,
+      'Access-Control-Allow-Methods': allowMethods,
+      'Access-Control-Max-Age': interceptOpt.optionsMaxAge > 0 ? interceptOpt.optionsMaxAge : 2592000, // 默认有效一个月
+      Date: new Date().toUTCString()
+    }
+
+    // 判断是否允许
+    if (interceptOpt.optionsCredentials !== false && interceptOpt.optionsCredentials !== 'false') {
+      headers['Access-Control-Allow-Credentials'] = 'true'
+    }
+
+    res.writeHead(200, headers)
+    res.end()
+
+    log.info('options intercept:', (rOptions.original || rOptions).url)
+    return true // true代表请求结束
+  },
+  is (interceptOpt) {
+    return !!interceptOpt.options
+  }
+}
diff --git a/packages/mitmproxy/src/lib/interceptor/index.js b/packages/mitmproxy/src/lib/interceptor/index.js
index 1f22d76..8f4a722 100644
--- a/packages/mitmproxy/src/lib/interceptor/index.js
+++ b/packages/mitmproxy/src/lib/interceptor/index.js
@@ -1,4 +1,6 @@
 // request interceptor impls
+const OPTIONS = require('./impl/req/OPTIONS.js')
+
 const success = require('./impl/req/success')
 const redirect = require('./impl/req/redirect')
 const abort = require('./impl/req/abort')
@@ -14,6 +16,7 @@ const script = require('./impl/res/script')
 
 module.exports = [
   // request interceptor impls
+  OPTIONS,
   success, redirect, abort,
   cacheReq,
   proxy, sni,
diff --git a/packages/mitmproxy/src/utils/os.util.js b/packages/mitmproxy/src/utils/os.util.js
deleted file mode 100644
index 9f8aaf7..0000000
--- a/packages/mitmproxy/src/utils/os.util.js
+++ /dev/null
@@ -1,6 +0,0 @@
-const os = require('os')
-module.exports = {
-  isWindows7 () {
-    const version = os.release()
-  }
-}