satisfy cloudflare DDoS protection

2025-08-17 09:02:15 -06:00 · 2022-07-03 16:04:28 +02:00 · 2022-07-03 16:04:28 +02:00 · 6e445487b1
parent 6605e461c7
commit 6e445487b1
8 changed files with 72 additions and 3 deletions
--- a/copyparty/httpcli.py
+++ b/copyparty/httpcli.py
@ -545,6 +545,10 @@ class HttpCli(object):
            static_path = os.path.join(E.mod, "web/", self.vpath[5:])
            return self.tx_file(static_path)

+        if "cf_challenge" in self.uparam:
+            self.reply(self.j2s("cf").encode("utf-8", "replace"))
+            return True
+
        if not self.can_read and not self.can_write and not self.can_get:
            if self.vpath:
                self.log("inaccessible: [{}]".format(self.vpath))
@ -911,6 +915,9 @@ class HttpCli(object):
        except:
            raise Pebkac(422, "you POSTed invalid json")

+        # self.reply(b" DDoS Protection ", 503)
+        # return True
+
        if "srch" in self.uparam or "srch" in body:
            return self.handle_search(body)

--- a/copyparty/httpsrv.py
+++ b/copyparty/httpsrv.py
@ -81,7 +81,7 @@ class HttpSrv(object):
        env.loader = jinja2.FileSystemLoader(os.path.join(E.mod, "web"))
        self.j2 = {
            x: env.get_template(x + ".html")
-            for x in ["splash", "browser", "browser2", "msg", "md", "mde"]
+            for x in ["splash", "browser", "browser2", "msg", "md", "mde", "cf"]
        }
        self.prism = os.path.exists(os.path.join(E.mod, "web", "deps", "prism.js.gz"))

--- a/copyparty/util.py
+++ b/copyparty/util.py
@ -127,6 +127,7 @@ HTTPCODE = {
    429: "Too Many Requests",
    500: "Internal Server Error",
    501: "Not Implemented",
+    503: "Service Unavailable",
 }


--- a/copyparty/web/browser.js
+++ b/copyparty/web/browser.js
@ -248,6 +248,7 @@ var Ls = {
 		"md_eshow": "cannot show ",

 		"xhr403": "403: Access denied\n\ntry pressing F5, maybe you got logged out",
+		"cf_ok": "sorry about that -- DDoS protection kicked in\n\nthings should resume in about 30 sec\n\nif nothing happens, hit F5 to reload the page",
 		"tl_xe1": "could not list subfolders:\n\nerror ",
 		"tl_xe2": "404: Folder not found",
 		"fl_xe1": "could not list files in folder:\n\nerror ",
@ -572,6 +573,7 @@ var Ls = {
 		"md_eshow": "kan ikke vise ",

 		"xhr403": "403: Tilgang nektet\n\nkanskje du ble logget ut? prøv å trykk F5",
+		"cf_ok": "beklager -- liten tilfeldig kontroll, alt OK\n\nting skal fortsette om ca. 30 sekunder\n\nhvis ikkeno skjer, trykk F5 for å laste siden på nytt",
 		"tl_xe1": "kunne ikke hente undermapper:\n\nfeil ",
 		"tl_xe2": "404: Mappen finnes ikke",
 		"fl_xe1": "kunne ikke hente filer i mappen:\n\nfeil ",
--- a/copyparty/web/cf.html
+++ b/copyparty/web/cf.html
@ -0,0 +1,27 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+	<meta charset="utf-8">
+	<title>{{ svcname }}</title>
+	<meta http-equiv="X-UA-Compatible" content="IE=edge">
+	<meta name="viewport" content="width=device-width, initial-scale=0.8">
+</head>
+
+<body>
+	<div id="box" style="opacity: 0; font-family: sans-serif">
+		<h3>please press F5 to reload the page</h3>
+		<p>sorry for the inconvenience</p>
+	</div>
+
+	<script>
+		setTimeout(function() {
+			document.getElementById('box').style.opacity = 1;
+		}, 500);
+
+		parent.toast.ok(30, parent.L.cf_ok);
+		parent.qsr('#cf_frame');
+	</script>
+</body>
+
+</html>
--- a/copyparty/web/ui.css
+++ b/copyparty/web/ui.css
@ -190,6 +190,18 @@ html.y #tth {
 	color: #000;
 	background: #fff;
 }
+#cf_frame {
+	position: fixed;
+	z-index: 573;
+	top: 3em;
+	left: 50%;
+	width: 40em;
+	height: 30em;
+	margin-left: -20.2em;
+	border-radius: .4em;
+	border: .4em solid var(--fg);
+	box-shadow: 0 2em 4em 1em var(--bg-max);
+}
 #modal {
 	position: fixed;
    overflow: auto;
--- a/copyparty/web/util.js
+++ b/copyparty/web/util.js
@ -1455,6 +1455,7 @@ var favico = (function () {
 })();


+var cf_ddos_t = 0;
 function xhrchk(xhr, prefix, e404) {
    if (xhr.status < 400 && xhr.status >= 200)
        return true;
@ -1465,6 +1466,24 @@ function xhrchk(xhr, prefix, e404) {
    if (xhr.status == 404)
        return toast.err(0, prefix + e404);

-    return toast.err(0, prefix + xhr.status + ": " + (
-        (xhr.response && xhr.response.err) || xhr.responseText));
+    var errtxt = (xhr.response && xhr.response.err) || xhr.responseText,
+        fun = toast.err;
+
+    if (xhr.status == 503 && /\bDDoS [Pp]rotection|>Just a moment|#cf-bubbles|Checking your browser/.test(errtxt)) {
+        var now = Date.now(), td = now - cf_ddos_t;
+        if (td < 15000)
+            return;
+
+        cf_ddos_t = now;
+        errtxt = 'Cloudflare DDoS protection kicked in\n\n<strong>trying to fix it...</strong>';
+        fun = toast.warn;
+
+        qsr('#cf_frame');
+        var fr = mknod('iframe');
+        fr.src = '/?cf_challenge';
+        fr.setAttribute('id', 'cf_frame');
+        document.body.appendChild(fr);
+    }
+
+    return fun(0, prefix + xhr.status + ": " + errtxt);
 }
--- a/scripts/sfx.ls
+++ b/scripts/sfx.ls
@ -43,6 +43,7 @@ copyparty/web/browser.html,
 copyparty/web/browser.js,
 copyparty/web/browser2.html,
 copyparty/web/copyparty.gif,
+copyparty/web/cf.html,
 copyparty/web/dd,
 copyparty/web/dd/2.png,
 copyparty/web/dd/3.png,