fix(gateway): content-type validation

lib/gateway/server.ts

@@ -167,8 +167,11 @@ export class Server {
     const contentType: string = content.headers['content-type'];
 
     if (
-      !contentType.includes('text/plain') ||
-      !contentType.includes('application/javascript')
+      !contentType ||
+      (
+        !contentType.includes('text/plain') &&
+        !contentType.includes('application/javascript')
+      )
     ) {
       ctx.throw(400, '该文件不是一个可转换的脚本文件');
       return;
@@ -204,6 +207,7 @@ export class Server {
     const contentType: string = content.headers['content-type'];
 
     if (
+      !contentType ||
       !contentType.includes('text/plain')
     ) {
       ctx.throw(400, '该文件不是一个可转换的文件');

test/gateway/index.test.ts

@@ -235,7 +235,7 @@ test('qx-rewrite-remote with binary', async t => {
   const surgioServer = gateway.createSurgioServer(fixture);
   const app = gateway.createKoaApp(surgioServer);
 
-  const res = await request(app.callback())
+  await request(app.callback())
     .get('/qx-rewrite-remote?url=https://github.com/crossutility/Quantumult-X/blob/master/sample.conf')
     .expect(400);
 

test/gateway/snapshots/index.test.ts.md

@@ -387,3 +387,125 @@ Generated by [AVA](https://ava.li).
     `🇺🇸US 1 = custom, us.example.com, 443, chacha20-ietf-poly1305, password, https://raw.githubusercontent.com/ConnersHua/SSEncrypt/master/SSEncrypt.module, obfs=tls, obfs-host=gateway-carry.icloud.com␊
     🇺🇸US 2 = custom, us.example.com, 443, chacha20-ietf-poly1305, password, https://raw.githubusercontent.com/ConnersHua/SSEncrypt/master/SSEncrypt.module␊
     🇺🇲 US = custom, us.example.com, 443, chacha20-ietf-poly1305, password, https://raw.githubusercontent.com/ConnersHua/SSEncrypt/master/SSEncrypt.module, udp-relay=true, obfs=tls, obfs-host=gateway-carry.icloud.com, tfo=true`
+
+## qx-script
+
+> Snapshot 1
+
+    `/**␊
+     * @supported 55BE3B10F8A1␊
+     * THIS COMMENT IS GENERATED BY SURGIO␊
+     */␊
+    ␊
+    /**␊
+     * @supported 23AD6B11CD4B 55BE3B10F8A1␊
+     * The above random generated device ID can be found at the bottom of Quantumult X additional menu, and may be changed when system restored.␊
+     * Indicate what device are supported by the file. This is necessary when the file is not loaded from local("On My iPhone - Quantumult X - Scripts").␊
+     */␊
+    ␊
+    // $request, $response, $notify(title, subtitle, message), console.log(message)␊
+    // $request.scheme, $request.method, $request.url, $request.path, $request.headers␊
+    // $response.statusCode, $response.headers, $response.body␊
+    // You can optional change the response headers at the same time by using $done({body: modifiedBody, headers: modifiedHeaders}); only change the response headers is not allowed for script-response-body. The modifiedHeaders can be copied and modified from $response.headers, please do not change the content length, type and encoding field.␊
+    // Response status can also be optional changed by using $done({body: modifiedBody, headers: modifiedHeaders, status: modifiedStatus}), the modifiedStatus should be like "HTTP/1.1 200 OK"␊
+    ␊
+    var body = $response.body;␊
+    var obj = JSON.parse(body);␊
+    ␊
+    obj['result'] = 0;␊
+    body = JSON.stringify(obj);␊
+    ␊
+    console.log(body);␊
+    ␊
+    $done(body);␊
+    `
+
+> Snapshot 2
+
+    `/**␊
+     * @supported abcdef␊
+     * THIS COMMENT IS GENERATED BY SURGIO␊
+     */␊
+    ␊
+    /**␊
+     * @supported 23AD6B11CD4B 55BE3B10F8A1␊
+     * The above random generated device ID can be found at the bottom of Quantumult X additional menu, and may be changed when system restored.␊
+     * Indicate what device are supported by the file. This is necessary when the file is not loaded from local("On My iPhone - Quantumult X - Scripts").␊
+     */␊
+    ␊
+    // $request, $response, $notify(title, subtitle, message), console.log(message)␊
+    // $request.scheme, $request.method, $request.url, $request.path, $request.headers␊
+    // $response.statusCode, $response.headers, $response.body␊
+    // You can optional change the response headers at the same time by using $done({body: modifiedBody, headers: modifiedHeaders}); only change the response headers is not allowed for script-response-body. The modifiedHeaders can be copied and modified from $response.headers, please do not change the content length, type and encoding field.␊
+    // Response status can also be optional changed by using $done({body: modifiedBody, headers: modifiedHeaders, status: modifiedStatus}), the modifiedStatus should be like "HTTP/1.1 200 OK"␊
+    ␊
+    var body = $response.body;␊
+    var obj = JSON.parse(body);␊
+    ␊
+    obj['result'] = 0;␊
+    body = JSON.stringify(obj);␊
+    ␊
+    console.log(body);␊
+    ␊
+    $done(body);␊
+    `
+
+> Snapshot 3
+
+    `/**␊
+     * @supported abcdef bcdefg␊
+     * THIS COMMENT IS GENERATED BY SURGIO␊
+     */␊
+    ␊
+    /**␊
+     * @supported 23AD6B11CD4B 55BE3B10F8A1␊
+     * The above random generated device ID can be found at the bottom of Quantumult X additional menu, and may be changed when system restored.␊
+     * Indicate what device are supported by the file. This is necessary when the file is not loaded from local("On My iPhone - Quantumult X - Scripts").␊
+     */␊
+    ␊
+    // $request, $response, $notify(title, subtitle, message), console.log(message)␊
+    // $request.scheme, $request.method, $request.url, $request.path, $request.headers␊
+    // $response.statusCode, $response.headers, $response.body␊
+    // You can optional change the response headers at the same time by using $done({body: modifiedBody, headers: modifiedHeaders}); only change the response headers is not allowed for script-response-body. The modifiedHeaders can be copied and modified from $response.headers, please do not change the content length, type and encoding field.␊
+    // Response status can also be optional changed by using $done({body: modifiedBody, headers: modifiedHeaders, status: modifiedStatus}), the modifiedStatus should be like "HTTP/1.1 200 OK"␊
+    ␊
+    var body = $response.body;␊
+    var obj = JSON.parse(body);␊
+    ␊
+    obj['result'] = 0;␊
+    body = JSON.stringify(obj);␊
+    ␊
+    console.log(body);␊
+    ␊
+    $done(body);␊
+    `
+
+> Snapshot 4
+
+    `/**␊
+     * @supported abcdef␊
+     * THIS COMMENT IS GENERATED BY SURGIO␊
+     */␊
+    ␊
+    /**␊
+     * @supported 23AD6B11CD4B 55BE3B10F8A1␊
+     * The above random generated device ID can be found at the bottom of Quantumult X additional menu, and may be changed when system restored.␊
+     * Indicate what device are supported by the file. This is necessary when the file is not loaded from local("On My iPhone - Quantumult X - Scripts").␊
+     */␊
+    ␊
+    // $request, $response, $notify(title, subtitle, message), console.log(message)␊
+    // $request.scheme, $request.method, $request.url, $request.path, $request.headers␊
+    // $response.statusCode, $response.headers, $response.body␊
+    // You can optional change the response headers at the same time by using $done({body: modifiedBody, headers: modifiedHeaders}); only change the response headers is not allowed for script-response-body. The modifiedHeaders can be copied and modified from $response.headers, please do not change the content length, type and encoding field.␊
+    // Response status can also be optional changed by using $done({body: modifiedBody, headers: modifiedHeaders, status: modifiedStatus}), the modifiedStatus should be like "HTTP/1.1 200 OK"␊
+    ␊
+    var body = $response.body;␊
+    var obj = JSON.parse(body);␊
+    ␊
+    obj['result'] = 0;␊
+    body = JSON.stringify(obj);␊
+    ␊
+    console.log(body);␊
+    ␊
+    $done(body);␊
+    `