mirror of
https://git.sr.ht/~cadence/cloudtube
synced 2025-01-08 17:27:21 +00:00
eb111a44c4
We can add more authorized paths to authorizedPaths if we need more resources to be pulled from the NewLeaf/Invidious backend on the same domain. This route forwards to the client a few headers like Bibliogram https://git.sr.ht/~cadence/bibliogram/tree/ea7cd5d5/item/src/site/api/proxy.js#L28-29 so we can also use this route to possibly proxy videos in the future. We are strict about the url parameter not overriding the NewLeaf/Invidious backend (instanceOrigin) by ensuring fetchURL has instanceOrigin as prefix.
28 lines
1.2 KiB
JavaScript
28 lines
1.2 KiB
JavaScript
const {proxy} = require("pinski/plugins")
|
|
const {getUser} = require("../utils/getuser")
|
|
const constants = require("../utils/constants.js")
|
|
|
|
// list of paths relative to the backend this route is authorized to serve
|
|
const authorizedPaths = [`/api/v1/captions/(${constants.regex.video_id})`]
|
|
|
|
// headers relayed as-is from the proxied backend to the client
|
|
const proxiedHeaders = ["content-type", "date", "last-modified", "expires", "cache-control", "accept-ranges", "content-range", "origin", "etag", "content-length", "transfer-encoding"]
|
|
|
|
module.exports = [
|
|
{
|
|
route: `/proxy`, methods: ["GET"], code: async ({req, fill, url}) => {
|
|
const instanceOrigin = getUser(req).getSettingsOrDefaults().instance
|
|
const remotePath = url.searchParams.get("url")
|
|
const fetchURL = new URL(remotePath, instanceOrigin)
|
|
if (!fetchURL.toString().startsWith(instanceOrigin) || !authorizedPaths.some(element => fetchURL.pathname.match(new RegExp(`^${element}$`)))) {
|
|
return {
|
|
statusCode: 401,
|
|
content: "CloudTube: Unauthorized",
|
|
contentType: "text/plain"
|
|
}
|
|
}
|
|
return proxy(fetchURL, {}, (h) => Object.keys(h).filter(key => proxiedHeaders.includes(key)).reduce((res, key) => (res[key] = h[key], res), {}))
|
|
}
|
|
}
|
|
]
|