d5a83be478
Change last stage of the noscript command option to bash instead of sh.
...
Even if a lot of distros just symlink sh > bash the script needs to do some substitutions not supported in sh, so it's more correct. Who doesnt have bash these days anyway?
2022-02-20 23:14:39 +11:00
640f80bb56
for noscript users, in pow only mode (not when hcaptcha enabled), the page now includes a small encoded script that will get the correct captcha value. Slower than javascript, but good enough.
2022-02-20 01:01:40 +11:00
1bf8992371
link to repo until new site ready
2022-01-27 22:39:13 +11:00
c3a3648469
readme update,
...
remove ssl from haproxy since its just the docker example
2022-01-22 13:00:31 +11:00
7ea0fe7dc8
improve check for captcha map fetches by domain and domain+path.
...
old code was just dumb, dunno what i was thinking.
now domain+path takes priority and can be lower or hight level, not just higher level than domain only.
2022-01-19 23:15:18 +11:00
e406ac46ca
Merge branch 'lua-httpclient-test'
2022-01-19 18:09:30 +11:00
d38713b4cb
haproxy snapshot fixes bug, and use url biuld query to make body for hcaptcha post
2022-01-19 18:01:08 +11:00
5007106c3a
space to 4 tabs
2022-01-03 01:16:46 +11:00
b63daef8e1
readme fix, improve, remove old shit cli and interaction diagram
2022-01-02 16:52:45 +11:00
52da926ed2
set ssl verify none on template servers
...
make trace for debug plain for no xss and add ms to timestamp
2022-01-02 01:31:21 +11:00
c2be84c4f8
body not sending, needs fix
2021-12-31 00:28:56 +11:00
9787471004
use POST for hcaptcha submission instead of get, since their docs says get is not supported even if it works
2021-12-30 23:50:25 +11:00
2fbba3c8f8
haproxy 2.5 docker
2021-12-30 17:42:24 +11:00
7e2e8d6de3
remove debug template page
2021-12-30 01:41:48 +11:00
83cecb6a18
fhdr for user-agent
2021-12-30 01:25:25 +11:00
ba2880a1d5
dont run setup_servers without the env vars
2021-12-30 00:24:49 +11:00
7de768d731
/cdn-cgi/trace test
2021-12-30 00:13:14 +11:00
e9111471b7
add simple cache and x-cache info header for example/testing
2021-12-28 01:25:15 +11:00
6e32998426
remove unused import
2021-12-28 01:17:59 +11:00
06b28c8650
add dataplaneapi for --save-map-files, and bugfix some small things. custom domain/backendip working pretty well now
2021-12-27 20:42:27 +11:00
9557c06aa1
update, dynamic backends based on hostname ,can be updated live control panel/management socket
2021-12-26 23:56:15 +11:00
6f52ee8977
improved, now handles domain OR path protection with 0, 1, 2 setting for none, pow, captcha
...
global override does POW only (for now --or can be easily changed for captcha+pow) until i make that customisable level too
no more confusing inverted map
use maps correctly as k:v
cleaned up some stuff
added comments
2021-12-04 21:42:27 +11:00
e6ed817746
update gitignore
2021-12-01 14:00:07 +11:00
727bca1623
close #2
2021-12-01 13:59:14 +11:00
2b0b15781e
fix useragent bug in utils due to not using req_fhdr instead of req_hdr http://cbonte.github.io/haproxy-dconv/2.4/configuration.html\#7.3.6-req.fhdr close #3
2021-12-01 13:55:05 +11:00
bc55ce5a93
reduce concurrency of client check again to max 4 thread
2021-12-01 13:54:21 +11:00
b21cc9e90d
expose port 80 in docker-compsoe example
2021-12-01 13:53:56 +11:00
54be416a39
add crypto.subtle check for lokinet and idiots using non-tor browser for .onion
2021-11-30 02:27:19 +11:00
876d0835bc
change script threads to hardwareconcurrency/2 instead of -1, because it can still cause browsers to be sluggish or crash moreso on powerful machines
2021-11-27 01:02:37 +11:00
6d9ec35d9d
readme improvement
2021-11-26 17:19:12 +11:00
e651d25dbb
remove unnecessary layer of tcp mode for stripping proxy, works just fine without it
2021-11-26 14:43:43 +11:00
c03a16214b
close #5
2021-11-26 00:48:50 +11:00
bec6bddf40
close #4
2021-11-26 00:27:47 +11:00
7b11645190
samesite strict and secure in hcaptcha script set-cookie
2021-11-25 18:31:22 +11:00
c16a554754
charset=utf8 to some service repsonses, "ray id" show in captcha page
2021-11-25 18:20:31 +11:00
85b0d6cd52
cli add nocaptcha list
2021-11-25 18:18:16 +11:00
a854ed9822
samesite and secure to pow cookie, fix broken legacy method, and share setTimeout method
2021-11-25 18:17:03 +11:00
48382434c4
change haproxy pathing from /usr/share/etc to /etc
2021-11-25 18:16:07 +11:00
0a6b21f93b
add "domain mode <domain>" to toggle domain in nocaptcha map, and add nocaptcha status in "domain status <domain>" close #1
2021-11-24 22:14:26 +11:00
5a4a02beba
switch 2 maps, one for ddos enabled, the other to disable captcha leaving only POW
...
minor change script messages
todo: update CLI to allow changing
2021-11-24 19:37:56 +11:00
5e04ebd962
fix footer overflow
2021-11-24 13:24:51 +11:00
508e45ae9c
change path for scripts
2021-11-24 12:09:38 +11:00
e6db267f5e
readme updates
2021-11-24 06:23:18 +11:00
77ad645815
visual tweaks and minor script improvement
2021-11-24 06:02:39 +11:00
9f26e53798
combine POW and captcha into one
2021-11-24 05:23:33 +11:00
5c7e796440
remove now unused and unnecessary resolving and hostname functions
2021-11-24 01:10:44 +11:00
0c0fa22d6f
change cookie to not expire instead of client-controlled expiry (duh)
...
use bucket duration as part of secret generation
xxh32 -> xxh64
2021-11-24 01:09:11 +11:00
f7f6ecd276
gitignore docker-compose, remove some unnecessary comments, change cookie name
2021-11-24 00:46:44 +11:00
6400d98975
make the useragent header fetch properly
...
add a salt to the generate_secret function -- that was kinda important right? lol
just pass through to `end` if not POST or GET
make it not use calls to hostname and dig in lua scripts, use haproxy backend resolving instead
improve the template a lot and make it theme-matched to my site and similar to ngx_http_js_challenge robot page
fix various bugs
2021-11-24 00:34:41 +11:00
7a1a91f0e8
feat: add per-user cookie generation
2021-06-14 23:00:04 +03:00
