1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
|
from gevent import monkey
monkey.patch_all()
import gevent.socket
from gevent.pywsgi import WSGIServer
from youtube.youtube import youtube
import urllib
import socket
import socks
import subprocess
import re
import settings
BAN_FILE = "banned_addresses.txt"
try:
with open(BAN_FILE, 'r') as f:
banned_addresses = f.read().splitlines()
except FileNotFoundError:
banned_addresses = ()
def ban_address(address):
banned_addresses.append(address)
with open(BAN_FILE, 'a') as f:
f.write(address + "\n")
def youtu_be(env, start_response):
id = env['PATH_INFO'][1:]
env['PATH_INFO'] = '/watch'
env['QUERY_STRING'] = 'v=' + id
return youtube(env, start_response)
def proxy_site(env, start_response):
headers = {
'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; Win64; x64)',
'Accept': '*/*',
}
url = "https://" + env['SERVER_NAME'] + env['PATH_INFO']
if env['QUERY_STRING']:
url += '?' + env['QUERY_STRING']
req = urllib.request.Request(url, headers=headers)
response = urllib.request.urlopen(req, timeout = 10)
start_response('200 OK', response.getheaders() )
return response.read()
site_handlers = {
'youtube.com':youtube,
'youtu.be':youtu_be,
'ytimg.com': proxy_site,
'yt3.ggpht.com': proxy_site,
'lh3.googleusercontent.com': proxy_site,
}
def split_url(url):
''' Split https://sub.example.com/foo/bar.html into ('sub.example.com', '/foo/bar.html')'''
# XXX: Is this regex safe from REDOS?
# python STILL doesn't have a proper regular expression engine like grep uses built in...
match = re.match(r'(?:https?://)?([\w-]+(?:\.[\w-]+)+?)(/.*|$)', url)
if match is None:
raise ValueError('Invalid or unsupported url: ' + url)
return match.group(1), match.group(2)
def error_code(code, start_response):
start_response(code, ())
return code.encode()
def site_dispatch(env, start_response):
client_address = env['REMOTE_ADDR']
try:
method = env['REQUEST_METHOD']
path = env['PATH_INFO']
if client_address in banned_addresses:
yield error_code('403 Fuck Off', start_response)
return
if method=="POST" and client_address not in ('127.0.0.1', '::1'):
yield error_code('403 Forbidden', start_response)
return
if "phpmyadmin" in path or (path == "/" and method == "HEAD"):
ban_address(client_address)
start_response('403 Fuck Off', ())
yield b'403 Fuck Off'
return
'''if env['QUERY_STRING']:
path += '?' + env['QUERY_STRING']'''
#path_parts = urllib.parse.urlparse(path)
try:
env['SERVER_NAME'], env['PATH_INFO'] = split_url(path[1:])
except ValueError:
yield error_code('404 Not Found', start_response)
return
base_name = ''
for domain in reversed(env['SERVER_NAME'].split('.')):
if base_name == '':
base_name = domain
else:
base_name = domain + '.' + base_name
try:
handler = site_handlers[base_name]
except KeyError:
continue
else:
yield handler(env, start_response)
break
else: # did not break
yield error_code('404 Not Found', start_response)
return
except socket.error as e:
start_response('502 Bad Gateway', ())
print(str(e))
yield b'502 Bad Gateway'
except Exception:
start_response('500 Internal Server Error', ())
yield b'500 Internal Server Error'
raise
return
if settings.route_tor:
#subprocess.Popen(TOR_PATH)
socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, '127.0.0.1', 9150)
socket.socket = socks.socksocket
gevent.socket.socket = socks.socksocket
if settings.allow_foreign_addresses:
server = WSGIServer(('0.0.0.0', settings.port_number), site_dispatch)
else:
server = WSGIServer(('127.0.0.1', settings.port_number), site_dispatch)
print('Started httpserver on port ' , settings.port_number)
server.serve_forever()
|