首頁 探索 說明
註冊 登入
Apq
/
mindoc
镜像来自 https://github.com/mindoc-org/mindoc.git
1
0
複刻 0
檔案 問題管理 0 Wiki
目錄樹: 84b947d148
分支列表 標籤列表
mindoc
/
static
/
js
/
x-frame-bypass-1.0.2.js

x-frame-bypass-1.0.2.js 2.6 KB
文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687 
  1. customElements.define('x-frame-bypass', class extends HTMLIFrameElement {
    2. 

  2. 	static get observedAttributes() {
    3. 

  3. 		return ['src']
    4. 

  4. 	}
    5. 

  5. 	constructor () {
    6. 

  6. 		super()
    7. 

  7. 	}
    8. 

  8. 	attributeChangedCallback () {
    9. 

  9. 		this.load(this.src)
    10. 

  10. 	}
    11. 

  11. 	connectedCallback () {
    12. 

  12. 		this.sandbox = '' + this.sandbox || 'allow-forms allow-modals allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-same-origin allow-scripts allow-top-navigation-by-user-activation' // all except allow-top-navigation
    13. 

  13. 	}
    14. 

  14. 	load (url, options) {
    15. 

  15. 		if (!url || !url.startsWith('http'))
    16. 

  16. 			throw new Error(`X-Frame-Bypass src ${url} does not start with http(s)://`)
    17. 

  17. 		console.log('X-Frame-Bypass loading:', url)
    18. 

  18. 		this.srcdoc = `<html>
    19. 

  19. <head>
    20. 

  20. 	<style>
    21. 

  21. 	.loader {
    22. 

  22. 		position: absolute;
    23. 

  23. 		top: calc(50% - 25px);
    24. 

  24. 		left: calc(50% - 25px);
    25. 

  25. 		width: 50px;
    26. 

  26. 		height: 50px;
    27. 

  27. 		background-color: #333;
    28. 

  28. 		border-radius: 50%;  
    29. 

  29. 		animation: loader 1s infinite ease-in-out;
    30. 

  30. 	}
    31. 

  31. 	@keyframes loader {
    32. 

  32. 		0% {
    33. 

  33. 		transform: scale(0);
    34. 

  34. 		}
    35. 

  35. 		100% {
    36. 

  36. 		transform: scale(1);
    37. 

  37. 		opacity: 0;
    38. 

  38. 		}
    39. 

  39. 	}
    40. 

  40. 	</style>
    41. 

  41. </head>
    42. 

  42. <body>
    43. 

  43. 	<div class="loader"></div>
    44. 

  44. </body>
    45. 

  45. </html>`
    46. 

  46. 		this.fetchProxy(url, options, 0).then(res => res.text()).then(data => {
    47. 

  47. 			if (data)
    48. 

  48. 				this.srcdoc = data.replace(/<head([^>]*)>/i, `<head$1>
    49. 

  49. 	<base href="${url}">
    50. 

  50. 	<script>
    51. 

  51. 	// X-Frame-Bypass navigation event handlers
    52. 

  52. 	document.addEventListener('click', e => {
    53. 

  53. 		if (frameElement && document.activeElement && document.activeElement.href) {
    54. 

  54. 			e.preventDefault()
    55. 

  55. 			frameElement.load(document.activeElement.href)
    56. 

  56. 		}
    57. 

  57. 	})
    58. 

  58. 	document.addEventListener('submit', e => {
    59. 

  59. 		if (frameElement && document.activeElement && document.activeElement.form && document.activeElement.form.action) {
    60. 

  60. 			e.preventDefault()
    61. 

  61. 			if (document.activeElement.form.method === 'post')
    62. 

  62. 				frameElement.load(document.activeElement.form.action, {method: 'post', body: new FormData(document.activeElement.form)})
    63. 

  63. 			else
    64. 

  64. 				frameElement.load(document.activeElement.form.action + '?' + new URLSearchParams(new FormData(document.activeElement.form)))
    65. 

  65. 		}
    66. 

  66. 	})
    67. 

  67. 	</script>`)
    68. 

  68. 		}).catch(e => console.error('Cannot load X-Frame-Bypass:', e))
    69. 

  69. 	}
    70. 

  70. 	fetchProxy (url, options, i) {
    71. 

  71. 		const proxies = (options || {}).proxies || [
    72. 

  72. 		    window.BASE_URL + 'cors-anywhere?url=',
    73. 

  73. 			'https://cors-anywhere.herokuapp.com/',
    74. 

  74. 			'https://yacdn.org/proxy/',
    75. 

  75. 			'https://api.codetabs.com/v1/proxy/?quest='
    76. 

  76. 		]
    77. 

  77. 		return fetch(proxies[i] + url, options).then(res => {
    78. 

  78. 			if (!res.ok)
    79. 

  79. 				throw new Error(`${res.status} ${res.statusText}`);
    80. 

  80. 			return res
    81. 

  81. 		}).catch(error => {
    82. 

  82. 			if (i === proxies.length - 1)
    83. 

  83. 				throw error
    84. 

  84. 			return this.fetchProxy(url, options, i + 1)
    85. 

  85. 		})
    86. 

  86. 	}
    87. 

  87. }, {extends: 'iframe'})
    88.