41 lines
1.4 KiB
JavaScript
41 lines
1.4 KiB
JavaScript
addEventListener('fetch', event => {
|
|
event.respondWith(handleRequest(event.request))
|
|
})
|
|
|
|
async function handleRequest(request) {
|
|
const url = new URL(request.url)
|
|
|
|
// 目标服务器地址,加上路径和查询字符串
|
|
const targetUrl = `https://read.disbaidu.com:33333${url.pathname}${url.search}`
|
|
const headers = new Headers(request.headers)
|
|
|
|
// 创建请求到目标服务器
|
|
const response = await fetch(targetUrl, {
|
|
method: request.method,
|
|
headers: headers,
|
|
body: request.method === 'POST' ? request.body : null,
|
|
redirect: 'manual' // 不自动处理重定向
|
|
})
|
|
|
|
// 创建新的响应对象以修改响应头
|
|
const newResponse = new Response(response.body, {
|
|
status: response.status,
|
|
statusText: response.statusText,
|
|
headers: response.headers
|
|
})
|
|
|
|
// 删除可能泄露服务器信息的响应头
|
|
newResponse.headers.delete('Server')
|
|
newResponse.headers.delete('X-Powered-By')
|
|
newResponse.headers.delete('Via')
|
|
newResponse.headers.delete('X-AspNet-Version')
|
|
|
|
// 也可以选择添加其他安全相关的响应头
|
|
newResponse.headers.set('X-Frame-Options', 'DENY')
|
|
newResponse.headers.set('X-Content-Type-Options', 'nosniff')
|
|
newResponse.headers.set('Referrer-Policy', 'no-referrer')
|
|
|
|
// 返回修改后的响应
|
|
return newResponse
|
|
}
|
|
|