| 本帖最后由 未完的歌 于 2022-5-27 11:02 编辑
因为有验证hash,我自己用,就先把这个注释掉
- // 允许的 CORS 来源
- const ALLOWED_REFERER = [
- /^https?://自己worker域名(:d*)?/.*$/,
- /^https?://([w-]+.)*w3schools.com(:d*)?/.*$/
- ];
- // 是否允许所有无 Referer 请求
- const ALLOW_NO_ORIGIN = true;
- //输入你的密码,密码加在path后面做SHA-1运算
- const MYSECRET = "123456";
-
-
- function validateReferer(req) {
- const referer = req.headers.get(‘Referer’);
- if (referer) {
- for (const el of ALLOWED_REFERER) {
- if (el.exec(referer)) {
- return true;
- }
- }
- return false;
- }
- return ALLOW_NO_ORIGIN; // 是否拒绝所有无 Referer 请求
- }
-
-
- async function handle(request) {
- let url = new URL(request.url);
- const acceptType = request.headers.get(‘Accept’);
- const hash_request = url.pathname.split("/")[1];
- const path_real = url.pathname.substring(1, url.pathname.length);
- url.hostname = "cdn.jsdelivr.net";
- url.pathname = path_real;
-
- // if (!(await validatePath(hash_request, path_real))) {
- // return new Response(‘Error Hash’, {
- // status: 403
- // });
- // }
-
- // if (!(validateReferer(request))) {
- // return new Response(‘Blocked Host’, {
- // status: 403
- // });
- // }
-
- return await fetch(url);
- }
-
- async function validatePath(hash_request, path_real) {
- const message = new TextEncoder().encode(path_real + MYSECRET);
- const myDigest = await crypto.subtle.digest(‘SHA-1’, message);
- const hashArray = Array.from(new Uint8Array(myDigest));
- const hashHex = hashArray.map(b => b.toString(16).padStart(2, ‘0’)).join(”);
- return (hashHex == hash_request);
- }
-
-
- addEventListener(‘fetch’,
- event => {
- event.respondWith(handle(event.request));
- })
复制代码
然后替换掉被墙的
cdn.jsdelivr.net
即可访问
https://cdn.upy.workers.dev/npm/[email protected]/dist/jquery.min.js
worker也被墙了,换成自己的域名即可
也可以自定义一个 密码 把验证去了,每次验证计算很麻烦。
大佬帖子:
https://hostloc.com/forum.php?mo … mp;highlight=worker
|