feat(system-security): Added 444 and 500 responses for unauthenticated settings (#7143)

zhengkunwang223 · web-flow · commit c2fd02ac4857 · 2024-11-21T17:46:13.000+08:00
diff --git a/backend/constant/common.go b/backend/constant/common.go
@@ -99,6 +99,22 @@ var WebUrlMap = map[string]struct{}{
 	"/websites/runtimes/python": {},
 
 	"/login": {},
+
+	"/xpack":                   {},
+	"/xpack/waf/dashboard":     {},
+	"/xpack/waf/global":        {},
+	"/xpack/waf/websites":      {},
+	"/xpack/waf/log":           {},
+	"/xpack/waf/block":         {},
+	"/xpack/monitor/dashboard": {},
+	"/xpack/monitor/setting":   {},
+	"/xpack/monitor/rank":      {},
+	"/xpack/monitor/log":       {},
+	"/xpack/tamper":            {},
+	"/xpack/gpu":               {},
+	"/xpack/alert/dashboard":   {},
+	"/xpack/alert/log":         {},
+	"/xpack/setting":           {},
 }
 
 var DynamicRoutes = []string{
diff --git a/backend/init/router/router.go b/backend/init/router/router.go
@@ -90,6 +90,11 @@ func handleNoRoute(c *gin.Context) {
 		c.String(http.StatusInternalServerError, "Internal Server Error")
 		return
 	}
+	if resPage == "444" {
+		c.String(444, "")
+		return
+	}
+
 	file := fmt.Sprintf("html/%s.html", resPage)
 	if resPage == "200" && c.GetHeader("Accept-Language") == "en" {
 		file = "html/200_en.html"
diff --git a/cmd/server/res/html/500.html b/cmd/server/res/html/500.html
@@ -1,7 +1,7 @@
 <!DOCTYPE html>
 <html lang="en">
-<head><title>400 Bad Request</title></head>
+<head><title>Internal Server Error</title></head>
 <body>
-<center><h1>400 Bad Request</h1></center>
+<center><h1>Internal Server Error</h1></center>
 <hr><center>nginx</center>
 </body>
diff --git a/frontend/src/lang/modules/en.ts b/frontend/src/lang/modules/en.ts
@@ -1586,6 +1586,8 @@ const message = {
         error404: 'Not Found',
         error408: 'Request Timeout',
         error416: 'Range Not Satisfiable',
+        error444: 'Connection closed',
+        error500: 'Server error',
 
         https: 'Setting up HTTPS protocol access for the panel can enhance the security of panel access.',
         certType: 'Certificate type',
diff --git a/frontend/src/lang/modules/tw.ts b/frontend/src/lang/modules/tw.ts
@@ -1519,6 +1519,8 @@ const message = {
         error404: '未找到',
         error408: '請求超時',
         error416: '無效請求',
+        error444: '關閉連線',
+        error500: '伺服器錯誤',
 
         https: '為面板設置 https 協議訪問，提升面板訪問安全性',
         certType: '證書類型',
diff --git a/frontend/src/lang/modules/zh.ts b/frontend/src/lang/modules/zh.ts
@@ -1520,6 +1520,8 @@ const message = {
         error404: '未找到',
         error408: '请求超时',
         error416: '无效请求',
+        error444: '关闭连接',
+        error500: '服务器错误',
 
         https: '为面板设置 https 协议访问，提升面板访问安全性',
         certType: '证书类型',
diff --git a/frontend/src/views/setting/safe/response/index.vue b/frontend/src/views/setting/safe/response/index.vue
@@ -90,6 +90,14 @@ const options = [
         value: '416',
         label: '416 - ' + i18n.global.t('setting.error416'),
     },
+    {
+        value: '444',
+        label: '444 - ' + i18n.global.t('setting.error444'),
+    },
+    {
+        value: '500',
+        label: '500 - ' + i18n.global.t('setting.error500'),
+    },
 ];
 
 interface DialogProps {
