Squashed 'vendor/whistle/' changes from 5ff01575d..19133a06e

19133a06e Update headerReplace.md
12db14ff0 docs: update icp link
43f46945a refactor: refine serialNumber
67ff33789 fix: SEC_ERROR_REUSED_ISSUER_AND_SERIAL
76dcc215a refactor: refine code
2bbb98e1e refactor: add req.originalHttpsUrl
457d5a6e9 refactor: refine code
edd7107a3 req.url => req.originalUrl
7e6d2734a refactor: refine code
0959b12d6 feat: add weakRule props
52e011d14 Release v2.8.10
95c03a0cb refactor: refine code
25f9be412 feat: add flag isEstablished
522ccbada refactor: refine code
d280f5905 refactor: handle sniCallback return false
b734ecd41 docs: update icp
c5e665c2e refactor: refine newConf.projectPluginPath
ae3c9dfe6 perf: nly trigger visible tab
7350e89ab refactor: add session.isStream
c386d9895 refactor: add state events
5015590a0 Release v2.8.9
f03b55b05 refactor: add session ready event
22f0c7de3 refactor: add onSessionReadyEvent
051082860 refactor: refine code
68e150b50 style: handle plugins changed
81e2425e4 refactor: refine code
e3ab9bcf7 refactor: refine code
8c0ce331e refactor: refine code
d2c4afdae style: refine code
fb547871a refactor: refine code
5c462d558 style: refine code
8f8896a37 style: push active session
67f0e7713 style: init inspector.html
60bfe6248 style: refine ui
a70df3c16 style: refine code
2ca423685 style: handle push sessions
aee314b08 style: update plugin tabs in time
a6c55fa50 style: refine ui
64ac4f60a style: refine ui
33bb54b24 style: handle click plugin tabs
3f56da3b5 feat: add api
95933c2b1 style: handle select custom tab
6d3e77a3e refactor: customTabs -> inspectorTabs
fa5ebd504 feat: export decodeBase64
ad90fa57c feat: custom tab
d7dbad2c0 style: refine ui
cfaada33e style: add initCustomTabWhistleBridge
b9da1b861 style: refine code
edc6888f2 style: refine context menu
4a104826f refactor: refine code
a4bf84f50 style: refine ui
e3184ecb7 feat: resovle custom tabs from whistleConfig
d080efeb7 style: init getReqTabs & getResTabs
5f2d8a1f7 style: init plugins tabs
cb00e5cb5 feat: enable://bigData
7dcadbb3a refactor: refine code
d1a8db5e9 feat: allow to disable://abort
7c4674c80 refactor: refine code
6dd37df45 refactor: refine code
9a568adac refactor: refine code
104e5bdcb feat: add shadowValues
bf087f17f refactor: refine shadowRules
a78d3e36b refactor: refine code
88e031a75 refactor: refine code
b2ed310b4 fix: mtime remains unchanged after the plugin is installed
86e3c4ebe feat: add tpl & filter vars: remoteAddress & remotePort
e36b08231 feat: add headers x-whistle-remote-address & x-whistle-remote-port to ui requests
75a4f7846 refactor: refine code
020be58f4 refactor: refine code
0ce7e28da Release v2.8.8
c46ee229d style: add api.selectIndex
cc75c4e18 feat: add originalReq.remoteAddress & originalReq.remotePort
26e9a01c0 feat: add getRemotePort & getRemoteAddr
c36f51a69 refactor: refine ui
058788666 style: refine ui
ebb52a430 Release v2.8.8
7c5831c47 Release v2.8.8
1e17a3745 refactor: refine code
083f9b3be Release v2.8.8
283e9b467 refactor: refine code
8d74314f1 refactor: add default port for internal request
5a48f8cf3 refactor: refine the request host of weinre & log
8718d3972 refactor: refine dns timeout
de0a3df8a docs: update
6b4c8c62b refactor: refine code
b0282fe40 refactor: from=httpsPort
f4b24ba09 Release v2.8.7
ca86236b9 style: refine ui
6bf069ddd Release v2.8.7
13c8fb992 refactor: refine code
fcd1d91f1 refactor: add default cert
d3ae2e030 feat: allow https server to load cert from plugin
3ca42255e refactor: extract loadCert function
f2b2d5310 refactor: refine code
a2aa80c2e refactor: refine code
f4851a7e1 refactor: add req.isHttpsServer
b0304f8a7 refactor: refine code
b32c54292 feat: add xxxFilter://from=httpServer & xxxFilter://from=httpsServer
b1ad2f87a refactor: refine code
d8a0181b2 chore: refine cli tips
3fd4b2a26 style: output cert dir
901e01576 Release v2.8.6
f9a6489dc refactor: refine upload root ca
87e5f1192 refactor: reset certs cache
8c7ae4eaa refactor: utimes
2b3e3ce65 style: refine code
105de81e7 style: refine filter
8257f8f53 refactor: refine code
0c538341b refactor: refine code
4637feb48 Release v2.8.5
8f07572e7 style: set MAX_CERT_SIZE = 128k
4110caf89 refactor: limit filename length
0d763f978 refactor: refine code
87f5103b7 refactor: addContext -> setSecureContext
fd0f47c62 refactor: refine code
ff163a409 reefactor: update agent
43fe448b1 style: refine ui
a81d067d4 refactor: refine code
2f97eb803 style: refine ui
b3a379076 Release v2.8.5
91980cc11 feat: handle upload certs
10e6c866d style: read upload certs from disk files
e9443a4f8 refactor: refine code
8391dc7ae feat: keep uploaded certificate within 64K
15e168129 feat: add upload certs button
b7ae91471 style: remove cert
4a9c28c29 style: remove cert
b0052c29b style: show read only certs
417608515 refactor: refine removeCert & updloadCerts
4b3d3fe4b feat: add removeCert & uploadCerts
19b720dce refactor: refine code
ac3b65517 refactor: use req.useSNI to determine whether the request uses SNI in auth hook
97aafd4d2 Release v2.8.5
5de0a4cae refactor: non-sni requests can also customize the certificate through the plugin
0b0f0bec5 feat: xxxFilter://from=sni
0b56ba598 refactor: refine code
dbde132e9 refactor: prevent access to user-uploaded certificates
11f6e2f81 refactor: refine code
e77c00bf6 feat: allow update custom in non-sni request
0501950ac refactor: use sni first
3e929e0d2 Release v2.8.5
001db3462 feat: ignore://-*
25af27052 refactor: refine code
d6d3dbdb9 feat: refine pac proxy
e506d8188 refactor: refine code
017e765dc feat: lineProps://proxyHostOnly
f59ccdd5e fix: proxy request
ca1680109 Release v2.8.4
4aafd34ee fix: the problem that the callback may be triggered multiple times
ef3a8b06a fix: resolve frames from saz file
0c2a64b6b Release v2.8.3
a2a5775ca refactor: refine proxy connection cache
d667f46af feat: enable://authCapture
0b4453fde feat: enable://authCapture
15d929de5 feat: enable://authCapture
1d4d6e85b refactor: tunnelAuth -> tunnelAuthHeader
f59af28d7 refactor: refine auth hooks
ca45eaf52 refactor: refine code
1db26c5ec feat: disable://tunnelAuth
1c525532f feat: filter rules by xxxFilter://from=tunnel xxxFilter://from=composer
fcb55c842 feat: add req.fromTunnel
883214478 style: 64 -> 128
5ce10218c refactor: add request tag
8e553a2ae refactor: import remote sessions by url query.sessionsUrl
8ebe26f34 feat: tunnel.writeHead
38865ed29 feat: add master mode
2b5be7793 refactor: ensure export order
1f5dc0df9 feat: x-forwarded-xxx headers is not used by default
070aedd18 Release v2.8.3
4da2afca6 refactor: resWriteForce -> forceReqWrite
4c1ac0f3c refactor: reqWriteForce -> forceReqWrite, resWriteForce -> forceReqWrite
4c70eae7a refactor: remove enable://xxxWriteDefault
4cd38b698 refactor: refine code
c40b337d2 feat: enable://reqWriteForce|resWriteForce|reqWriteDefault|resWriteDefault
8597ab74e feat: enable://forceReqWrite|forceResWrite
8a2d6beab refactor: refine code
abee96b3b chore: ignore hidden files
464235f3b refactor: refine code
5657941fb refactor: refine code
6282b1bba Release v2.8.3
59a6582d9 refactor: refine code
2a86352d4 feat: add setReqRules
b7a486ff4 feat: header rules first if the request from plugin
16dd6b803 feat: allow plugin request to modify respone by whistle rules
946eb04ce refactor: refine code
94ebe08de refactor: update starting
61536cd6d Release v2.8.3
f51ac7238 docs: add icp
b2f087504 config: fix disableForwardedProto typo

git-subtree-dir: vendor/whistle
git-subtree-split: 19133a06e09ce56fe71af160b3b036a7f7038243

Author: shejinxin

.npmignore

@@ -54,7 +54,8 @@ node_modules
 .gitignore
 .npmignore
 .travis.yml
-.eslintrc.js
+.eslintrc
+.editorconfig
 .eslintignore
 .babelrc
 test

CHANGELOG.md

@@ -1,3 +1,43 @@
+# v2.8.10
+1. fix: 插件的 sniCallback 返回 `false` 请求没有重新走 TUNNEL 代理问题
+2. refactor: 如果插件接收到的请求是 https，则 `req.url` 将为完整的路径
+
+# v2.8.9
+1. feat: 支持自定义 `inspectors tab`，详见：https://github.com/whistle-plugins/examples/tree/master/whistle.view-md5
+2. feat: 支持通过 `disable://abort` 禁用 `enable://abort`
+3. feat: Whistle 默认显示的抓包数据不超过 1.5m，可以通过 `enable://bigData` 扩大到 `2.5m`
+
+# v2.8.8
+1. feat: 支持通过 `enable://useLocalHost` 和 `enable://useSafePort` 修改 log 和 weinre 请求 URL 的域名或端口
+2. style: 界面提供 `api.selectIndex` 选中指定下标的抓包数据
+3. feat: 支持插件获取 `originalReq.remoteAddress` 与 `originalReq.remotePort`
+
+# v2.8.7
+1. feat: `--httpsPort` 启动的 HTTPS Server 支持从插件获取证书
+2. feat: 支持通过 `excludeFilter://from=httpServer`、`includeFilter://from=httpsServer`、`excludeFilter://from=httpServer`、`includeFilter://from=httpsServer` 过滤请求
+
+# v2.8.6
+1. refactor: 禁止通过页面上传根证书 `root.key & root.crt`
+2. refactor: Whistle 自动生成的证书过期时自动续期（有效期一年）
+
+# v2.8.5
+1. feat: 支持通过 `ignore://-*` 过滤 `ignore://*`
+2. feat: 支持 `proxy` 和 `pac` 配置 `lineProps://proxyHostOnly`，当用户配置了 `host` 代理才会生效
+3. feat: 非 SNI 请求也支持通过插件自定义证书，且支持直接上传和删除用户自定义证书
+
+# v2.8.4
+1. fix: 可能无法导入 saz 文件问题
+
+# v2.8.3
+1. fix: https://github.com/avwo/whistle/pull/657
+2. feat: 插件 `server` 钩子支持通过 `req.setReqRules & req.setResRules` 设置动态规则
+3. feat: 支持通过 `enable://forceReqWrite` 和 `enable://forceResWrite` 强制 `reqWrite`、`reqWriteRaw` 和 `resWrite`、`resWriteRaw`
+4. feat: `reqWrite:///path/to/` 和 `reqWrite:///path/to` 加以区别，前者会自动把根路径补成 `index.html`
+5. feat: 插件的 auth hook 默认情况下如果开启了捕获 https，则对这部分请求只会对解析后的 https 请求生效，如果需要对隧道代理生效可以设置 `enable://authCapture`
+6. feat: 默认不启用 `x-forwarded-host` 和 `x-forwarded-proto` 直接放过，可以通过以下方式启用：
+	- 启动参数 `-M x-forwarded-host|x-forwarded-proto`
+	- 请求进入 Whistle 之前设置请求头 `x-whistle-forwarded-props: host,proto,for,clientIp,ip`
+
 # v2.8.2
 1. feat: `resMerge://json1 resMerge://json2` 默认采用 `extend({}, json1, json2)`，新版支持通过 `resMerge://json1 resMerge://json2 resMerge://true` 开启  `extend(true, {}, json1, json2)`
 2. refactor: 插件规则里面的 req 和 res rules 分开执行

assets/inspector.html

@@ -0,0 +1,124 @@
+<script>
+  ;(function() {
+    var config = window.whistleInspectorConfig;
+    var activeList = [];
+    var stateList = [1];
+    var getActiveSession;
+    var getSelectedSessionList;
+    var listenersList = [];
+
+    function initState(flag) {
+      stateList[1] = flag;
+      stateList[2] = flag;
+      stateList[3] = flag;
+    }
+
+    function updateState(item) {
+      if (!item || item.lost || item.endTime) {
+        return  initState(1);
+      }
+      initState();
+      if (item.responseTime) {
+        stateList[2] = 1;
+      }
+      if (item.requestTime) {
+        stateList[1] = 1;
+      }
+    }
+
+    function emitListeners(item, state) {
+      if (stateList[state] && item !== activeList[state]) {
+        activeList[state] = item;
+        var listeners = listenersList[state];
+        listeners.forEach(function(l) {
+          l(item);
+        });
+      }
+    }
+
+    function emitAll(item) {
+      updateState(item);
+      emitListeners(item, 0);
+      emitListeners(item, 1);
+      emitListeners(item, 2);
+      emitListeners(item, 3);
+    }
+
+    window.__pushWhistle5b6af7b9884e1165SessionActive__ = emitAll;
+
+    function getAddEventHandler(state) {
+      state = state || 0;
+      listenersList[state] = [];
+      return function(l) {
+        if (typeof l !== 'function') {
+          return;
+        }
+        var item = getActiveSession();
+        emitAll(item);
+        activeList[state] = item;
+        if (stateList[state]) {
+          l(item);
+        }
+        var listeners = listenersList[state];
+        listeners.indexOf(l) === -1 && listeners.push(l);
+      };
+    }
+
+    function getRemoveEventListener(state) {
+      state = state || 0;
+      return function(l) {
+        var listeners = listenersList[state];
+        var index = listeners.indexOf(l);
+        index !== -1 && listeners.splice(index, 1);
+      };
+    }
+
+    function getRemoveEventListeners(state) {
+      state = state || 0;
+      return function(l) {
+        listenersList[state] = [];
+      };
+    }
+
+    var toast = {};
+    var whistleBridge = {
+      config: config,
+      toast: toast,
+      addSessionActiveListener: getAddEventHandler(),
+      removeSessionActiveListener: getRemoveEventListener(),
+      removeSessionActiveListeners: getRemoveEventListeners(),
+      addSessionRequestListener: getAddEventHandler(1),
+      removeSessionRequestListener: getRemoveEventListener(1),
+      removeSessionRequestListeners: getRemoveEventListeners(1),
+      addSessionResponseListener: getAddEventHandler(2),
+      removeSessionResponseListener: getRemoveEventListener(2),
+      removeSessionResponseListeners: getRemoveEventListeners(2),
+      addSessionCompleteListener: getAddEventHandler(3),
+      removeSessionCompleteListener: getRemoveEventListener(3),
+      removeSessionCompleteListeners: getRemoveEventListeners(3)
+    };
+
+    try {
+      window.parent.onWhistleInspectorCustomTabReady(function(options) {
+        Object.keys(options.msgBox).forEach(function(name) {
+          toast[name] = options.msgBox[name];
+        });
+        getActiveSession = options.getActiveSession;
+        getSelectedSessionList = options.getSelectedSessionList;
+        whistleBridge.decodeBase64 = options.decodeBase64;
+        whistleBridge.importSessions = options.importSessions;
+        whistleBridge.request = options.request;
+        whistleBridge.createRequest = options.createRequest;
+        whistleBridge.showModal = options.showModal;
+        whistleBridge.getSelectedSessionList = getSelectedSessionList;
+        whistleBridge.getActiveSession = whistleBridge.getSession = whistleBridge.getSelectedSession = getActiveSession;
+        whistleBridge.importRules = options.importRules;
+        whistleBridge.importValues = options.importValues;
+        whistleBridge.getServerInfo = options.getServerInfo;
+        whistleBridge.alert = options.alert;
+        whistleBridge.confirm = options.confirm;
+      });
+    } catch (e) {}
+    window.whistleBridge = whistleBridge;
+  })();
+</script>

assets/menu.html

@@ -53,10 +53,8 @@
       window.addEventListener('load', delayOnLoad);
     } catch (e) {}
     var toast = {};
-    var modal = {};
-    window.whistleBridge = {
+    var whistleBridge = {
       config: config,
-      modal: modal,
       toast: toast,
       addNetworkListener: function(l) {
         if (typeof l === 'function' && networkListeners.indexOf(l) === -1) {
@@ -107,15 +105,20 @@
         Object.keys(options.msgBox).forEach(function(name) {
           toast[name] = options.msgBox[name];
         });
-        window.whistleBridge.importSessions = options.importSessions;
-        window.whistleBridge.request = options.request;
-        window.whistleBridge.createRequest = options.createRequest;
-        window.whistleBridge.showModal = options.showModal;
-        window.whistleBridge.createModal = options.createModal;
-        window.whistleBridge.importRules = options.importRules;
-        window.whistleBridge.importValues = options.importValues;
+        whistleBridge.decodeBase64 = options.decodeBase64;
+        whistleBridge.importSessions = options.importSessions;
+        whistleBridge.request = options.request;
+        whistleBridge.createRequest = options.createRequest;
+        whistleBridge.showModal = options.showModal;
+        whistleBridge.createModal = options.createModal;
+        whistleBridge.importRules = options.importRules;
+        whistleBridge.importValues = options.importValues;
+        whistleBridge.getServerInfo = options.getServerInfo;
+        whistleBridge.alert = options.alert;
+        whistleBridge.confirm = options.confirm;
       };
       window.parent.onPluginContextMenuReady(window);
     } catch (e) {}
+    window.whistleBridge = whistleBridge;
   })();
 </script>

bin/plugin.js

@@ -95,6 +95,13 @@ function install(cmd, name, argv) {
           removeDir(installPath);
         } catch (e) {}
       }
+      try {
+        var pkgPath = path.join(realPath, 'node_modules', name, 'package.json');
+        if (fs.statSync(pkgPath).mtime.getFullYear() < 2010) {
+          var now = new Date();
+          fs.utimesSync(pkgPath, now, now);
+        }
+      } catch (e) {}
     }
   });
 }

bin/util.js

@@ -76,7 +76,7 @@ function showUsage(isRunning, options, restart) {
   var list = options.host ? [options.host] : getIpList();
   info('[i] 1. use your device to visit the following URL list, gets the ' + colors.bold('IP') + ' of the URL you can access:');
   info(list.map(function(ip) {
-    return '       http://' + colors.bold(ip) + (port ? ':' + port : '') + '/';
+    return '       http://' + colors.bold(ip) + (port && port != 80 ? ':' + port : '') + '/';
   }).join('\n'));
 
   warn('       Note: If all the above URLs are unable to access, check the firewall settings');

biz/webui/cgi-bin/certs/all.js

@@ -0,0 +1,8 @@
+var ca = require('../../../../lib/https/ca');
+
+module.exports = function(req, res) {
+  res.json({
+    certs: ca.getCustomCertsFiles(),
+    dir: ca.CUSTOM_CERTS_DIR
+  });
+};

biz/webui/cgi-bin/certs/remove.js

@@ -0,0 +1,8 @@
+var ca = require('../../../../lib/https/ca');
+
+
+module.exports = function(req, res) {
+  ca.removeCert(req.body.filename);
+  var isparsed = req.query.dataType === 'parsed';
+  res.json(isparsed ? ca.getCustomCertsInfo() : ca.getCustomCertsFiles());
+};

biz/webui/cgi-bin/certs/upload.js

@@ -0,0 +1,8 @@
+var ca = require('../../../../lib/https/ca');
+
+
+module.exports = function(req, res) {
+  ca.uploadCerts(req.body);
+  var isparsed = req.query.dataType === 'parsed';
+  res.json(isparsed ? ca.getCustomCertsInfo() : ca.getCustomCertsFiles());
+};

biz/webui/cgi-bin/composer.js

@@ -217,7 +217,7 @@ module.exports = function(req, res) {
   var clientId = req.headers[config.CLIENT_ID_HEADER];
   var headers = parseHeaders(req.body.headers, rawHeaderNames, clientId);
   delete headers[config.WEBUI_HEAD];
-  headers[config.WHISTLE_REQ_FROM_HEADER] = 'W2COMPOSER';
+  headers[config.REQ_FROM_HEADER] = 'W2COMPOSER';
   headers.host = options.host;
   options.clientId = clientId;
   var clientIp = util.getClientIp(req);