付费2000求教，如何使用 cloudflare worker 反代 FB 且可以登录

RT，付费2000求教，有会的PM我

要求能实现登陆，并且不同的员工可以登陆自己的账号。

机场之类的不稳哈，还会影响电脑的网络，哪怕设置了规则也很烦。

付费求教实现方法，2000跟大佬交个朋友。

//替换成你想镜像的站点constupstream=google.com //如果那个站点有专门的移动适配站点，否则保持和上面一致constupstream_mobile=m.google.com //密码访问 constopenAuth=falseconstusername=usernameconstpassword=password //你希望禁止哪些国家访问constblocked_region=[RU] //禁止自访问constblocked_ip_address=[0.0.0.0,127.0.0.1] //替换成你想镜像的站点constreplace_dict={ $upstream:$custom_domain, //google.com:} functionunauthorized(){ returnnewResponse(Unauthorized,{ headers:{ WWW-Authenticate:Basicrealm="goindex", Access-Control-Allow-Origin: }, status:401 });} functionparseBasicAuth(auth){ try{ returnatob(auth.split().pop()).split(:); }catch(e){ return[]; }} functiondoBasicAuth(request){ constauth=request.headers.get(Authorization); if(!auth||!/^Basic[A-Za-z0-9._~+/-]+=$/i.test(auth)){ returnfalse; } const[user,pass]=parseBasicAuth(auth); returnuser===username&&pass===password;} asyncfunctionfetchAndApply(request){ if(request.method===OPTIONS)//allowpreflightrequest returnnewResponse(,{ status:200, headers:{ Access-Control-Allow-Origin:*, Access-Control-Allow-Headers:*, Access-Control-Allow-Methods:GET,POST,PUT,HEAD,OPTIONS } }); if(openAuth&&!doBasicAuth(request)){ returnunauthorized(); } constregion=request.headers.get(cf-ipcountry).toUpperCase(); constip_address=request.headers.get(cf-connecting-ip); constuser_agent=request.headers.get(user-agent); letresponse=null; leturl=newURL(request.url); leturl_host=url.host; if(url.protocol==http:){ url.protocol=https: response=Response.redirect(url.href); returnresponse; } if(awaitdevice_status(user_agent)){ upstream_domain=upstream }else{ upstream_domain=upstream_mobile } url.host=upstream_domain; if(blocked_region.includes(region)){ response=newResponse(Accessdenied:WorkersProxyisnotavailableinyourregionyet.,{ status:403 }); }elseif(blocked_ip_address.includes(ip_address)){ response=newResponse(Accessdenied:YourIPaddressisblockedbyWorkersProxy.,{ status:403 }); }else{ letmethod=request.method; letrequest_headers=request.headers; letnew_request_headers=newHeaders(request_headers); new_request_headers.set(Host,upstream_domain); new_request_headers.set(Referer,url.href); letoriginal_response=awaitfetch(url.href,{ method:method, headers:new_request_headers }) letoriginal_response_clone=original_response.clone(); letoriginal_text=null; letresponse_headers=original_response.headers; letnew_response_headers=newHeaders(response_headers); letstatus=original_response.status; new_response_headers.set(access-control-allow-origin,*); new_response_headers.set(access-control-allow-credentials,true); new_response_headers.delete(content-security-policy); new_response_headers.delete(content-security-policy-report-only); new_response_headers.delete(clear-site-data); constcontent_type=new_response_headers.get(content-type); if(content_type.includes(text/html)&&content_type.includes(UTF-8)){ original_text=awaitreplace_response_text(original_response_clone,upstream_domain,url_host); }else{ original_text=original_response_clone.body } response=newResponse(original_text,{ status, headers:new_response_headers }) } returnresponse;} addEventListener(fetch,event=>{ event.respondWith(fetchAndApply(event.request).catch(err=>{ console.error(err); newResponse(JSON.stringify(err.stack),{ status:500, headers:{ Content-Type:application/json } }); }));}) asyncfunctionreplace_response_text(response,upstream_domain,host_name){ lettext=awaitresponse.text() vari,j; for(iinreplace_dict){ j=replace_dict[i] if(i==$upstream){ i=upstream_domain }elseif(i==$custom_domain){ i=host_name } if(j==$upstream){ j=upstream_domain }elseif(j==$custom_domain){ j=host_name } letre=newRegExp(i,g) text=text.replace(re,j); } returntext;} asyncfunctiondevice_status(user_agent_info){ varagents=["Android","iPhone","SymbianOS","WindowsPhone","iPad","iPod"]; varflag=true; for(varv=0;v<agents.length;v++){if(user_agent_info.indexOf(agents[v])>0){ flag=false; break; } } returnflag;}


网友回复:

引用:回忆发表于2020-10-108:32

//替换成你想镜像的站点constupstream=google.com //如果那个站点有专门的移动适配站点，否则保...


网友回复:

刚刚看了下好像不行:fb的cookie设置了httponlyflag,会导致js无法读取,从而也没法改domain


网友回复:

不太好办fb有各种各样的来源过滤啥的，我觉得worker难搞


网友回复:

但是cf的ip地址已经被用烂了，很容易出现验证什么的


网友回复:

引用:edear发表于2020-10-110:30

这是为了cf的IP地址吧，理论上是可行的


网友回复:

是反代后直接可以登录还是用cookie登录一个员工一个网址