From c545c4b27c5478f31e8628d0ac4e9346c2e80ec6 Mon Sep 17 00:00:00 2001 From: CuriouzK0d3r Date: Tue, 18 Jul 2023 16:30:59 +0300 Subject: [PATCH 1/5] fix: replace grip url --- apps/artemis-web/components/hijack-info/hijack-info.tsx | 7 +++++-- apps/artemis-web/next.config.js | 9 +++++---- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/apps/artemis-web/components/hijack-info/hijack-info.tsx b/apps/artemis-web/components/hijack-info/hijack-info.tsx index 04308c8f..720bdffe 100644 --- a/apps/artemis-web/components/hijack-info/hijack-info.tsx +++ b/apps/artemis-web/components/hijack-info/hijack-info.tsx @@ -67,8 +67,11 @@ class HijackInfoComponent extends Component { const type = this.getEventType(hijackDataState["type"]); try { - const resp = await fetch(`https://api.grip.caida.org/v1/json/events?event_type=${type}&asns=${asn}&pfxs=${prefix}`, { + // https://api.grip.inetintel.cc.gatech.edu/json/events?event_type=moas&asns=209242&pfxs=23.26.222.0/23 + const resp = await fetch(`https://api.grip.inetintel.cc.gatech.edu/json/events?event_type=${type}&asns=${asn}&pfxs=${prefix}`, { method: 'GET', + mode: 'cors', + cache: "default", headers: { Accept: 'application/json', 'Content-Type': 'application/json', @@ -310,7 +313,7 @@ class HijackInfoComponent extends Component { type="button" className={`btn btn-primary } btn-lg`} - onClick={() => window.open(`https://grip-dev.caida.org/events/${type}/${this.eventRef.current.value}`, "_blank")} + onClick={() => window.open(`https://grip.inetintel.cc.gatech.edu/events/${type}/${this.eventRef.current.value}`, "_blank")} > Go to GRIP event diff --git a/apps/artemis-web/next.config.js b/apps/artemis-web/next.config.js index 26a73875..53439dda 100644 --- a/apps/artemis-web/next.config.js +++ b/apps/artemis-web/next.config.js @@ -40,18 +40,19 @@ module.exports = { 'https://localhost/api/graphql', 'http://localhost/api/graphql', 'https://demo.artemis-pc.duckdns.org/api/graphql', - 'https://accounts.google.com/o/oauth2/v2/auth' + 'https://accounts.google.com/o/oauth2/v2/auth', + 'https://api.grip.inetintel.cc.gatech.edu' ], - frameAncestors: "'none", + // frameAncestors: "'none", imgSrc: ["'self'", 'data:'], - objectSrc: "'none", + // objectSrc: "'none", }, }, forceHTTPSRedirect: [ true, { maxAge: 60 * 60 * 24 * 4, includeSubDomains: true }, ], - referrerPolicy: 'origin', + referrerPolicy: 'same-origin', }), }, ]; From b1830de20887f42f1052a9f0f53e6eddff21f506 Mon Sep 17 00:00:00 2001 From: CuriouzK0d3r Date: Wed, 19 Jul 2023 12:46:42 +0300 Subject: [PATCH 2/5] fix: add cors anywhere --- apps/artemis-web/components/hijack-info/hijack-info.tsx | 4 +++- apps/artemis-web/next.config.js | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/apps/artemis-web/components/hijack-info/hijack-info.tsx b/apps/artemis-web/components/hijack-info/hijack-info.tsx index 720bdffe..0895fc11 100644 --- a/apps/artemis-web/components/hijack-info/hijack-info.tsx +++ b/apps/artemis-web/components/hijack-info/hijack-info.tsx @@ -68,13 +68,15 @@ class HijackInfoComponent extends Component { try { // https://api.grip.inetintel.cc.gatech.edu/json/events?event_type=moas&asns=209242&pfxs=23.26.222.0/23 - const resp = await fetch(`https://api.grip.inetintel.cc.gatech.edu/json/events?event_type=${type}&asns=${asn}&pfxs=${prefix}`, { + const resp = await fetch(`https://cors-anywhere.herokuapp.com/https://api.grip.inetintel.cc.gatech.edu/json/events?event_type=moas&asns=8522&pfxs=192.67.249.0/24`, { method: 'GET', mode: 'cors', cache: "default", headers: { Accept: 'application/json', 'Content-Type': 'application/json', + origin: 'localhost', + 'x-requested-with': 'artemis' }, }); const json = await resp.json(); diff --git a/apps/artemis-web/next.config.js b/apps/artemis-web/next.config.js index 53439dda..82b1a993 100644 --- a/apps/artemis-web/next.config.js +++ b/apps/artemis-web/next.config.js @@ -41,7 +41,7 @@ module.exports = { 'http://localhost/api/graphql', 'https://demo.artemis-pc.duckdns.org/api/graphql', 'https://accounts.google.com/o/oauth2/v2/auth', - 'https://api.grip.inetintel.cc.gatech.edu' + 'https://cors-anywhere.herokuapp.com' ], // frameAncestors: "'none", imgSrc: ["'self'", 'data:'], From 299d6283a2e3771667186102fb0ae7d381c22a82 Mon Sep 17 00:00:00 2001 From: CuriouzK0d3r Date: Wed, 19 Jul 2023 18:28:02 +0300 Subject: [PATCH 3/5] fix: add cors anywhere --- apps/artemis-web/components/hijack-info/hijack-info.tsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/artemis-web/components/hijack-info/hijack-info.tsx b/apps/artemis-web/components/hijack-info/hijack-info.tsx index 0895fc11..7ccadd7a 100644 --- a/apps/artemis-web/components/hijack-info/hijack-info.tsx +++ b/apps/artemis-web/components/hijack-info/hijack-info.tsx @@ -68,7 +68,7 @@ class HijackInfoComponent extends Component { try { // https://api.grip.inetintel.cc.gatech.edu/json/events?event_type=moas&asns=209242&pfxs=23.26.222.0/23 - const resp = await fetch(`https://cors-anywhere.herokuapp.com/https://api.grip.inetintel.cc.gatech.edu/json/events?event_type=moas&asns=8522&pfxs=192.67.249.0/24`, { + const resp = await fetch(`https://cors-anywhere.herokuapp.com/https://api.grip.inetintel.cc.gatech.edu/json/events?event_type=${type}&asns=${asn}&pfxs=${prefix}`, { method: 'GET', mode: 'cors', cache: "default", From 045b5de7532846be5af7e957b2cedd48ca56a649 Mon Sep 17 00:00:00 2001 From: CuriouzK0d3r Date: Wed, 19 Jul 2023 18:36:28 +0300 Subject: [PATCH 4/5] fix: add cors anywhere --- apps/artemis-web/components/hijack-info/hijack-info.tsx | 1 - 1 file changed, 1 deletion(-) diff --git a/apps/artemis-web/components/hijack-info/hijack-info.tsx b/apps/artemis-web/components/hijack-info/hijack-info.tsx index 7ccadd7a..5ea7ba10 100644 --- a/apps/artemis-web/components/hijack-info/hijack-info.tsx +++ b/apps/artemis-web/components/hijack-info/hijack-info.tsx @@ -67,7 +67,6 @@ class HijackInfoComponent extends Component { const type = this.getEventType(hijackDataState["type"]); try { - // https://api.grip.inetintel.cc.gatech.edu/json/events?event_type=moas&asns=209242&pfxs=23.26.222.0/23 const resp = await fetch(`https://cors-anywhere.herokuapp.com/https://api.grip.inetintel.cc.gatech.edu/json/events?event_type=${type}&asns=${asn}&pfxs=${prefix}`, { method: 'GET', mode: 'cors', From 2cfda4862c34b785baf0aa0f365868273ac909d7 Mon Sep 17 00:00:00 2001 From: CuriouzK0d3r Date: Fri, 21 Jul 2023 15:59:18 +0300 Subject: [PATCH 5/5] fix: cors --- .../components/hijack-info/hijack-info.tsx | 2 +- apps/artemis-web/next.config.js | 3 +- apps/artemis-web/scripts/entrypoint | 1 + apps/artemis-web/scripts/proxy.js | 12 +++++++ docker-compose.prod.yml | 1 + package.json | 3 +- yarn.lock | 31 +++++++++++++++++++ 7 files changed, 50 insertions(+), 3 deletions(-) create mode 100644 apps/artemis-web/scripts/proxy.js diff --git a/apps/artemis-web/components/hijack-info/hijack-info.tsx b/apps/artemis-web/components/hijack-info/hijack-info.tsx index 5ea7ba10..1c46f2ad 100644 --- a/apps/artemis-web/components/hijack-info/hijack-info.tsx +++ b/apps/artemis-web/components/hijack-info/hijack-info.tsx @@ -67,7 +67,7 @@ class HijackInfoComponent extends Component { const type = this.getEventType(hijackDataState["type"]); try { - const resp = await fetch(`https://cors-anywhere.herokuapp.com/https://api.grip.inetintel.cc.gatech.edu/json/events?event_type=${type}&asns=${asn}&pfxs=${prefix}`, { + const resp = await fetch(`http://${window.location.host}:8088/https://api.grip.inetintel.cc.gatech.edu/json/events?event_type=${type}&asns=${asn}&pfxs=${prefix}`, { method: 'GET', mode: 'cors', cache: "default", diff --git a/apps/artemis-web/next.config.js b/apps/artemis-web/next.config.js index 82b1a993..349e0603 100644 --- a/apps/artemis-web/next.config.js +++ b/apps/artemis-web/next.config.js @@ -41,7 +41,8 @@ module.exports = { 'http://localhost/api/graphql', 'https://demo.artemis-pc.duckdns.org/api/graphql', 'https://accounts.google.com/o/oauth2/v2/auth', - 'https://cors-anywhere.herokuapp.com' + 'https://127.0.0.1:8088/https://api.grip.inetintel.cc.gatech.edu/', + 'http://localhost:8088/https://api.grip.inetintel.cc.gatech.edu/' ], // frameAncestors: "'none", imgSrc: ["'self'", 'data:'], diff --git a/apps/artemis-web/scripts/entrypoint b/apps/artemis-web/scripts/entrypoint index 6052bc44..8062a8a5 100755 --- a/apps/artemis-web/scripts/entrypoint +++ b/apps/artemis-web/scripts/entrypoint @@ -1,6 +1,7 @@ #!/bin/bash ./wait-for -h ${MONGODB_HOST} -p ${MONGODB_PORT} -t 0 node query.js +node proxy.js& if [ -z "$SERVICE_ACCOUNT_PATH" ]; then (yarn start:notification&); fi NODE_ENV=production NEXT_PUBLIC_REVISION=$(git rev-parse HEAD) yarn run nx serve artemis-web --prod diff --git a/apps/artemis-web/scripts/proxy.js b/apps/artemis-web/scripts/proxy.js new file mode 100644 index 00000000..29c94390 --- /dev/null +++ b/apps/artemis-web/scripts/proxy.js @@ -0,0 +1,12 @@ +var host = process.env.HOST || '0.0.0.0'; +// Listen on a specific port via the PORT environment variable +var port = process.env.PORT || 8088; + +var cors_proxy = require('cors-anywhere'); +cors_proxy.createServer({ + originWhitelist: [], // Allow all origins + requireHeader: ['origin', 'x-requested-with'], + removeHeaders: ['cookie', 'cookie2'] +}).listen(port, host, function() { + console.log('Running CORS Anywhere on ' + host + ':' + port); +}); diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml index f3c24c40..290bb0c5 100644 --- a/docker-compose.prod.yml +++ b/docker-compose.prod.yml @@ -30,6 +30,7 @@ services: - .env ports: - 4200:4200 + - 8088:8088 depends_on: - mongodb mongodb: diff --git a/package.json b/package.json index 8022144e..6ce582bf 100644 --- a/package.json +++ b/package.json @@ -40,6 +40,7 @@ "chance": "^1.1.8", "codemirror": "^5.63.3", "cors": "^2.8.5", + "cors-anywhere": "^0.4.4", "cross-fetch": "^3.1.4", "diff_match_patch": "^0.1.1", "draft-js": "^0.11.7", @@ -144,4 +145,4 @@ "pre-push": "yarn run affected:test" } } -} \ No newline at end of file +} diff --git a/yarn.lock b/yarn.lock index 631cc295..acbbd3a1 100644 --- a/yarn.lock +++ b/yarn.lock @@ -6475,6 +6475,14 @@ core-util-is@~1.0.0: resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.3.tgz#a6042d3634c2b27e9328f837b965fac83808db85" integrity sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ== +cors-anywhere@^0.4.4: + version "0.4.4" + resolved "https://registry.yarnpkg.com/cors-anywhere/-/cors-anywhere-0.4.4.tgz#98892fcab55f408fff13a63e125135c18dc22ca8" + integrity sha512-8OBFwnzMgR4mNrAeAyOLB2EruS2z7u02of2bOu7i9kKYlZG+niS7CTHLPgEXKWW2NAOJWRry9RRCaL9lJRjNqg== + dependencies: + http-proxy "1.11.1" + proxy-from-env "0.0.1" + cors@^2.8.5: version "2.8.5" resolved "https://registry.yarnpkg.com/cors/-/cors-2.8.5.tgz#eac11da51592dd86b9f06f6e7ac293b3df875d29" @@ -7839,6 +7847,11 @@ eventemitter2@6.4.7: resolved "https://registry.yarnpkg.com/eventemitter2/-/eventemitter2-6.4.7.tgz#a7f6c4d7abf28a14c1ef3442f21cb306a054271d" integrity sha512-tYUSVOGeQPKt/eC1ABfhHy5Xd96N3oIijJvN3O9+TsC28T5V9yX9oEfEK5faP0EFSNVOG97qtAS68GBrQB2hDg== +eventemitter3@1.x.x: + version "1.2.0" + resolved "https://registry.yarnpkg.com/eventemitter3/-/eventemitter3-1.2.0.tgz#1c86991d816ad1e504750e73874224ecf3bec508" + integrity sha512-DOFqA1MF46fmZl2xtzXR3MPCRsXqgoFqdXcrCVYM3JNnfUeHTm/fh/v/iU7gBFpwkuBmoJPAm5GuhdDfSEJMJA== + eventemitter3@^3.1.0: version "3.1.2" resolved "https://registry.yarnpkg.com/eventemitter3/-/eventemitter3-3.1.2.tgz#2d3d48f9c346698fce83a85d7d664e98535df6e7" @@ -8972,6 +8985,14 @@ http-proxy-middleware@^2.0.3: is-plain-obj "^3.0.0" micromatch "^4.0.2" +http-proxy@1.11.1: + version "1.11.1" + resolved "https://registry.yarnpkg.com/http-proxy/-/http-proxy-1.11.1.tgz#71df55757e802d58ea810df2244019dda05ae85d" + integrity sha512-qz7jZarkVG3G6GMq+4VRJPSN4NkIjL4VMTNhKGd8jc25BumeJjWWvnY3A7OkCGa8W1TTxbaK3dcE0ijFalITVA== + dependencies: + eventemitter3 "1.x.x" + requires-port "0.x.x" + http-proxy@^1.18.1: version "1.18.1" resolved "https://registry.yarnpkg.com/http-proxy/-/http-proxy-1.18.1.tgz#401541f0534884bbf95260334e72f88ee3976549" @@ -13001,6 +13022,11 @@ proxy-addr@~2.0.7: forwarded "0.2.0" ipaddr.js "1.9.1" +proxy-from-env@0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/proxy-from-env/-/proxy-from-env-0.0.1.tgz#b27c4946e9e6d5dbadb7598a6435d3014c4cfd49" + integrity sha512-B9Hnta3CATuMS0q6kt5hEezOPM+V3dgaRewkFtFoaRQYTVNsHqUvFXmndH06z3QO1ZdDnRELv5vfY6zAj/gG7A== + proxy-from-env@1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/proxy-from-env/-/proxy-from-env-1.0.0.tgz#33c50398f70ea7eb96d21f7b817630a55791c7ee" @@ -13557,6 +13583,11 @@ require-from-string@^2.0.2: resolved "https://registry.yarnpkg.com/require-from-string/-/require-from-string-2.0.2.tgz#89a7fdd938261267318eafe14f9c32e598c36909" integrity sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw== +requires-port@0.x.x: + version "0.0.1" + resolved "https://registry.yarnpkg.com/requires-port/-/requires-port-0.0.1.tgz#4b4414411d9df7c855995dd899a8c78a2951c16d" + integrity sha512-AzPDCliPoWDSvEVYRQmpzuPhGGEnPrQz9YiOEvn+UdB9ixBpw+4IOZWtwctmpzySLZTy7ynpn47V14H4yaowtA== + requires-port@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/requires-port/-/requires-port-1.0.0.tgz#925d2601d39ac485e091cf0da5c6e694dc3dcaff"