UNPKG

code-server

Version:

Run VS Code on a remote server.

github.com/coder/code-server

coder/code-server

110 lines 4.76 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
"use strict"; var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } step((generator = generator.apply(thisArg, _arguments || [])).next()); }); }; Object.defineProperty(exports, "__esModule", { value: true }); exports.wsRouter = exports.router = void 0; const express_1 = require("express"); const http_1 = require("../../common/http"); const http_2 = require("../http"); const proxy_1 = require("../proxy"); const wsRouter_1 = require("../wsRouter"); exports.router = (0, express_1.Router)(); const proxyDomainToRegex = (matchString) => { const escapedMatchString = matchString.replace(/[.*+?^$()|[\]\\]/g, "\\$&"); // Replace {{port}} with a regex group to capture the port // Replace {{host}} with .+ to allow any host match (so rely on DNS record here) let regexString = escapedMatchString.replace("{{port}}", "(\\d+)"); regexString = regexString.replace("{{host}}", ".+"); regexString = regexString.replace(/[{}]/g, "\\$&"); //replace any '{}' that might be left return new RegExp("^" + regexString + "$"); }; let proxyRegexes = []; const proxyDomainsToRegex = (proxyDomains) => { if (proxyDomains.length !== proxyRegexes.length) { proxyRegexes = proxyDomains.map(proxyDomainToRegex); } return proxyRegexes; }; /** * Return the port if the request should be proxied. * * The proxy-domain should be of format anyprefix-{{port}}-anysuffix.{{host}}, where {{host}} is optional * e.g. code-8080.domain.tld would match for code-{{port}}.domain.tld and code-{{port}}.{{host}}. * */ const maybeProxy = (req) => { const reqDomain = (0, http_2.getHost)(req); if (reqDomain === undefined) { return undefined; } const regexs = proxyDomainsToRegex(req.args["proxy-domain"]); for (const regex of regexs) { const match = reqDomain.match(regex); if (match) { return match[1]; // match[1] contains the port } } return undefined; }; exports.router.all(/.*/, (req, res, next) => __awaiter(void 0, void 0, void 0, function* () { const port = maybeProxy(req); if (!port) { return next(); } (0, http_2.ensureProxyEnabled)(req); if (req.method === "OPTIONS" && req.args["skip-auth-preflight"]) { // Allow preflight requests with `skip-auth-preflight` flag return next(); } // Must be authenticated to use the proxy. const isAuthenticated = yield (0, http_2.authenticated)(req); if (!isAuthenticated) { // Let the assets through since they're used on the login page. if (req.path.startsWith("/_static/") && req.method === "GET") { return next(); } // Assume anything that explicitly accepts text/html is a user browsing a // page (as opposed to an xhr request). Don't use `req.accepts()` since // *every* request that I've seen (in Firefox and Chromium at least) // includes `*/*` making it always truthy. Even for css/javascript. if (req.headers.accept && req.headers.accept.includes("text/html")) { // Let the login through. if (/\/login\/?/.test(req.path)) { return next(); } // Redirect all other pages to the login. const to = (0, http_2.self)(req); return (0, http_2.redirect)(req, res, "login", { to: to !== "/" ? to : undefined, }); } // Everything else gets an unauthorized message. throw new http_1.HttpError("Unauthorized", http_1.HttpCode.Unauthorized); } proxy_1.proxy.web(req, res, { ignorePath: true, target: `http://0.0.0.0:${port}${req.originalUrl}`, }); })); exports.wsRouter = (0, wsRouter_1.Router)(); exports.wsRouter.ws(/.*/, (req, _, next) => __awaiter(void 0, void 0, void 0, function* () { const port = maybeProxy(req); if (!port) { return next(); } (0, http_2.ensureProxyEnabled)(req); (0, http_2.ensureOrigin)(req); yield (0, http_2.ensureAuthenticated)(req); proxy_1.proxy.ws(req, req.ws, req.head, { ignorePath: true, target: `http://0.0.0.0:${port}${req.originalUrl}`, }); })); //# sourceMappingURL=domainProxy.js.map