Skip to content
This repository has been archived by the owner on Jan 6, 2023. It is now read-only.

Commit

Permalink
增加远程抓取图片时对私有地址的过滤
Browse files Browse the repository at this point in the history
  • Loading branch information
zhangzhenyang committed Aug 24, 2015
1 parent a182014 commit cfa764d
Show file tree
Hide file tree
Showing 2 changed files with 106 additions and 0 deletions.
45 changes: 45 additions & 0 deletions asp/Uploader.Class.asp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -104,8 +104,53 @@ Class Uploader
DoUpload stream, filename
End Function
Private Function RegExpTest(patrn, str)
Dim regEx, Match, Matches
Set regEx = New RegExp
regEx.Pattern = patrn
regEx.IgnoreCase = False
regEx.Global = True
Set Matches = regEx.Execute(str)
For Each Match in Matches
RetStr = RetStr & Match.value &" "
RetStr = RetStr & vbCRLF
Next
RegExpTest = RetStr
End Function
Private Function IpToNumber( ip )
arr=split(ip,".")
IpToNumber=256*256*256*clng(arr(0))+256*256*clng(arr(1))+256*clng(arr(2))+clng(arr(3))
End Function
Private Function IsPrivateIp( url )
Dim ip
ip = RegExpTest("\d+\.\d+\.\d+\.\d*", url)
If ip = "" Then
If RegExpTest("([\w-]+\.)+[\w-]+", url) <> "" Then
IsPrivateIp = False:Exit Function
End If
IsPrivateIp = True:Exit Function
End If
If instr(ip,"127.")=1 Then
IsPrivateIp = true:Exit Function
End If
ABegin = IpToNumber("10.0.0.0"):AEnd = IpToNumber("10.255.255.255")
BBegin = IpToNumber("172.16.0.0"):BEnd = IpToNumber("172.31.255.255")
CBegin = IpToNumber("192.168.0.0"):CEnd = IpToNumber("192.168.255.255")
IpNum = IpToNumber(ip)
IsPrivateIp = (ABegin <= IpNum and IpNum <= AEnd) or (BBegin <= IpNum and IpNum <= BEnd) or (CBegin <= IpNum and IpNum <= CEnd)
End Function
Public Function UploadRemote( url )
Dim stream, filename
If IsPrivateIp(url) Then
rsState = "Failed":Exit Function
End If
filename = Right( url, Len(url) - InStrRev(url, "/") )
Set stream = CrawlImage( url )
Expand Down
61 changes: 61 additions & 0 deletions net/App_Code/CrawlerHandler.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,11 @@ public Crawler(string sourceUrl, HttpServerUtility server)

public Crawler Fetch()
{
if (!IsExternalIPAddress(this.SourceUrl))
{
State = "INVALID_URL";
return this;
}
var request = HttpWebRequest.Create(this.SourceUrl) as HttpWebRequest;
using (var response = request.GetResponse() as HttpWebResponse)
{
Expand Down Expand Up @@ -100,4 +105,60 @@ public Crawler Fetch()
return this;
}
}

private bool IsExternalIPAddress(string url)
{
var uri = new Uri(url);
switch (uri.HostNameType)
{
case UriHostNameType.Dns:
var ipHostEntry = Dns.GetHostEntry(uri.DnsSafeHost);
foreach (IPAddress ipAddress in ipHostEntry.AddressList)
{
byte[] ipBytes = ipAddress.GetAddressBytes();
if (ipAddress.AddressFamily == System.Net.Sockets.AddressFamily.InterNetwork)
{
if (!IsPrivateIP(ipAddress))
{
return true;
}
}
}
break;

case UriHostNameType.IPv4:
return !IsPrivateIP(IPAddress.Parse(uri.DnsSafeHost));
}
return false;
}

private bool IsPrivateIP(IPAddress myIPAddress)
{
if (IPAddress.IsLoopback(myIPAddress)) return true;
if (myIPAddress.AddressFamily == System.Net.Sockets.AddressFamily.InterNetwork)
{
byte[] ipBytes = myIPAddress.GetAddressBytes();
// 10.0.0.0/24
if (ipBytes[0] == 10)
{
return true;
}
// 172.16.0.0/16
else if (ipBytes[0] == 172 && ipBytes[1] == 16)
{
return true;
}
// 192.168.0.0/16
else if (ipBytes[0] == 192 && ipBytes[1] == 168)
{
return true;
}
// 169.254.0.0/16
else if (ipBytes[0] == 169 && ipBytes[1] == 254)
{
return true;
}
}
return false;
}
}

0 comments on commit cfa764d

Please sign in to comment.