核心目标是 把现有产物变成“可维护的 source-of-truth”,并且保证重新打包后 asar 内结构与原始 out 结构完全一致 ,最快且可控的做法就是: 把 out 作为源码进行结构化落盘到 src ,后续编译/打包阶段做“同步输出”,
1, 修改mainjs里面的sentry,直接注释掉即可
// Sentry.init
2, 修改代理,在main.js中注册协议
import { flags, deviceLogin } from "../proxy";
// 必须在 app ready 之前调用
electron_1.protocol.registerSchemesAsPrivileged([
{
scheme: "pencil-proxy",
privileges: {
standard: true, // 像 http 一样处理
secure: true, // 标记为安全来源
supportFetchAPI: true, // 允许 fetch
corsEnabled: true, // 允许跨域
stream: true, // 支持流
},
},
]);
electron_1.protocol.handle("pencil-proxy", async (request) => {
logger.debug("Skipping protocol handler 222 (dev mode)");
const url = new URL(request.url);
const path = url.pathname; // 获取请求路径
// console.log(url, path, "========");
// 监控配置
if (url.hostname === "postai.com" && path === "/i/v0/e/") {
return new Response(JSON.stringify({ status: "Ok" }), {
status: 200,
headers: { "content-type": "application/json; charset=utf-8" },
});
}
if (url.hostname === "postai.com" && path === "/flags/") {
return new Response(JSON.stringify(flags), {
status: 200,
headers: { "content-type": "application/json; charset=utf-8" },
});
}
// 登录相关接口
if (url.hostname === "api.pencilai.dev" && path === "/auth/request-code") {
// 发送邮件
return new Response(JSON.stringify({ message: "Code sent" }), {
status: 200,
headers: { "content-type": "application/json; charset=utf-8" },
});
}
if (url.hostname === "api.pencilai.dev" && path === "/auth/check-token") {
// 发送邮件,直接返回已经送达的状态
return new Response(JSON.stringify({ status: "delivered" }), {
status: 200,
headers: { "content-type": "application/json; charset=utf-8" },
});
}
if (url.hostname === "api.pencilai.dev" && path === "/auth/device-login") {
// 确认登录接口
return new Response(JSON.stringify(deviceLogin), {
status: 200,
headers: { "content-type": "application/json; charset=utf-8" },
});
}
// 1. 模拟特定路径的响应
// if (path.includes("/api/v1/status")) {
// return new Response(
// JSON.stringify({ status: "ok", source: "intercepted-by-main" }),
// {
// status: 200,
// headers: { "content-type": "application/json" },
// },
// );
// }
// 3. 其他路径则正常转发 HTTPS 请求
// const actualUrl = request.url.replace("pencil-proxy://", "https://");
return new Response("Access Denied", { status: 403 });
// return net.fetch(actualUrl, {
// method: request.method,
// headers: request.headers,
// body: request.body,
// });
});- 修改editor/index.html,添加CSP
<meta http-equiv="Content-Security-Policy"
content="default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.posthog.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' pencil-proxy: https://*.postai.com http://localhost:3001 http://api.localhost:3001 https://api.pencil.dev https://api.reve.com https://*.vercel.app https://*.ingest.us.sentry.io https://*.posthog.com https://fonts.gstatic.com https://fonts.googleapis.com https://unpkg.com https://hctfc8iexhqk0x3o.public.blob.vercel-storage.com https://images.unsplash.com; img-src 'self' data: blob: https://images.unsplash.com https://*.public.blob.vercel-storage.com; font-src 'self' data: blob: https://fonts.gstatic.com https://unpkg.com https://hctfc8iexhqk0x3o.public.blob.vercel-storage.com; worker-src 'self' blob: data:; child-src 'self' blob:;">- 修改src/editor/assets/index.js中的协议名称为pencil-proxy
https://api.pencil.dev 替换为: pencil-proxy://api.pencilai.dev https://us.i.posthog.com 替换为: pencil-proxy://postai.com https://908a8bdbc113924254b644219323ea6f@o4510271844122624.ingest.us.sentry.io 替换为: pencil-proxy://sentryai.com
const Dge = !1 , Fze = "0.1.73" , x1 = "pencil-proxy://api.pencil.dev" , Bze = "phc_2wPD6fAAVKHsNwHZW6VjSAYE9ZebYNUA8ybuPhXkGO2" , jze = "pencil-proxy://us.i.posthog.com" , zze = "pencil-proxy://908a8bdbc113924254b644219323ea6f@o4510271844122624.ingest.us.sentry.io/4510271928598528";