-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.js
106 lines (84 loc) · 2.35 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
const
express = require("express"),
rateLimit = require("express-rate-limit"),
helmet = require("helmet"),
xss = require("xss-clean"),
hpp = require("hpp"),
cors = require("cors"),
fetch = require("node-fetch"),
cheerio = require("cheerio");
const
app = express(),
port = process.env.PORT || 3070;
// Allows cross-origin requests
app.use(cors());
// Sets HTTP security headers
app.use(helmet());
// Limits amount of requests for the same API
const limiter = rateLimit({
max: 1500,
windowMs: 60 * 60 * 1000,
message: "Too many requests from this IP; please, try again in one hour."
});
app.use("/api", limiter);
// Scrubs data against XSS (removes malicious HTML code sent by the user)
app.use(xss());
// Prevents parameter pollution.
app.use(hpp());
// Functions
const fetchText = async (url) => {
try {
const response = await fetch(url);
const responseText = await response.text();
return responseText;
} catch (e) {
const msg = `Error fetching URL "${url}": ${e.message}`;
console.warn(msg, e);
throw new Error(msg);
}
};
const extractIframeSrc = $ => {
const iframe = $('.game_frame [data-iframe]').attr('data-iframe')
const $iframe = cheerio.load(iframe);
return $iframe('iframe').attr('src');
}
const extractBitsyText = $ => {
const $bitsyScript = $('script[type="text/bitsyGameData"]');
return $bitsyScript.html().replace(/^\n/, '');
}
// Main API route
app.get("/api/v1/*", async function(req, res) {
const remoteURL = `http://${req.params[0]}`;
let accessedURL;
try {
const mainPage = await fetchText(remoteURL);
const $ = cheerio.load(mainPage);
const src = extractIframeSrc($);
let scriptText;
if (src) {
const gameURL = `http:${src}`;
const gamePage = await fetchText(gameURL);
const $game = cheerio.load(gamePage);
scriptText = extractBitsyText($game);
} else {
// FIXME: Causes the error "Cannot read property 'parent' of undefined"
scriptText = extractBitsyText($);
}
if (!scriptText) {
throw new Error('Bitsy script not found.');
}
res.setHeader('Content-Type', 'text/plain');
res.send(scriptText);
} catch (e) {
console.error(e);
res.status(500);
res.send(e.message);
}
});
app.get("*", function(req, res) {
res.status(404);
res.send("Invalid API URL");
});
app.listen(port, function(err) {
console.log("running server on from port:::::::" + port);
});