DarkCat09/python-aternos
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Server.js: improved security

Browse source
This commit is contained in:
DarkCat09 2022-12-26 16:20:33 +04:00
parent 69a8f83c9c
commit 1f93640139
3 changed files with 12 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.gitignore vendored
View file

@ -110,3 +110,7 @@ cython_debug/
# Credentials for unittest # Credentials for unittest
tests/samples/login_pswd.txt tests/samples/login_pswd.txt
# NPM
node_modules/
package-lock.json

5
python_aternos/data/package.json Normal file
View file

@ -0,0 +1,5 @@
{
"dependencies": {
"vm2": "^3.9.13"
}
}

4
python_aternos/data/server.js
View file

@ -1,6 +1,8 @@
const http = require('http') const http = require('http')
const process = require('process') const process = require('process')
const { VM } = require('vm2')
args = process.argv.slice(2) args = process.argv.slice(2)
const port = args[0] || 8000 const port = args[0] || 8000
@ -16,7 +18,7 @@ const listener = (req, res) => {
req.on('end', () => { req.on('end', () => {
let resp let resp
try { resp = JSON.stringify(eval(body)) } try { resp = JSON.stringify(new VM().run(body)) }
catch (ex) { resp = ex.message } catch (ex) { resp = ex.message }
res.writeHead(200) res.writeHead(200)
res.end(resp) res.end(resp)