Linux lionsclub 4.15.0-213-generic #224-Ubuntu SMP Mon Jun 19 13:30:12 UTC 2023 x86_64
Apache/2.4.29 (Ubuntu)
: 161.35.52.75 | : 3.142.250.57
Cant Read [ /etc/named.conf ]
7.4.28
www-data
shells.trxsecurity.org
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
Backdoor Scanner
Backdoor Create
Alfa Webshell
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
var /
www /
dev /
core /
vendor /
asm89 /
stack-cors /
src /
[ HOME SHELL ]
Name
Size
Permission
Action
Cors.php
1.76
KB
-rw-r--r--
CorsService.php
7.13
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : CorsService.php
<?php /* * This file is part of asm89/stack-cors. * * (c) Alexander <iam.asm89@gmail.com> * * For the full copyright and license information, please view the LICENSE * file that was distributed with this source code. */ namespace Asm89\Stack; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; class CorsService { private $options; public function __construct(array $options = array()) { $this->options = $this->normalizeOptions($options); } private function normalizeOptions(array $options = array()): array { $options += array( 'allowedOrigins' => array(), 'allowedOriginsPatterns' => array(), 'supportsCredentials' => false, 'allowedHeaders' => array(), 'exposedHeaders' => array(), 'allowedMethods' => array(), 'maxAge' => 0, ); // normalize array('*') to true if (in_array('*', $options['allowedOrigins'])) { $options['allowedOrigins'] = true; } if (in_array('*', $options['allowedHeaders'])) { $options['allowedHeaders'] = true; } else { $options['allowedHeaders'] = array_map('strtolower', $options['allowedHeaders']); } if (in_array('*', $options['allowedMethods'])) { $options['allowedMethods'] = true; } else { $options['allowedMethods'] = array_map('strtoupper', $options['allowedMethods']); } return $options; } /** * @deprecated use isOriginAllowed */ public function isActualRequestAllowed(Request $request): bool { return $this->isOriginAllowed($request); } public function isCorsRequest(Request $request): bool { return $request->headers->has('Origin') && !$this->isSameHost($request); } public function isPreflightRequest(Request $request): bool { return $request->getMethod() === 'OPTIONS' && $request->headers->has('Access-Control-Request-Method'); } public function handlePreflightRequest(Request $request): Response { $response = new Response(); $response->setStatusCode(204); return $this->addPreflightRequestHeaders($response, $request); } public function addPreflightRequestHeaders(Response $response, Request $request): Response { $this->configureAllowedOrigin($response, $request); if ($response->headers->has('Access-Control-Allow-Origin')) { $this->configureAllowCredentials($response, $request); $this->configureAllowedMethods($response, $request); $this->configureAllowedHeaders($response, $request); $this->configureMaxAge($response, $request); } return $response; } public function isOriginAllowed(Request $request): bool { if ($this->options['allowedOrigins'] === true) { return true; } if (!$request->headers->has('Origin')) { return false; } $origin = $request->headers->get('Origin'); if (in_array($origin, $this->options['allowedOrigins'])) { return true; } foreach ($this->options['allowedOriginsPatterns'] as $pattern) { if (preg_match($pattern, $origin)) { return true; } } return false; } public function addActualRequestHeaders(Response $response, Request $request): Response { $this->configureAllowedOrigin($response, $request); if ($response->headers->has('Access-Control-Allow-Origin')) { $this->configureAllowCredentials($response, $request); $this->configureExposedHeaders($response, $request); } return $response; } private function configureAllowedOrigin(Response $response, Request $request) { if ($this->options['allowedOrigins'] === true && !$this->options['supportsCredentials']) { // Safe+cacheable, allow everything $response->headers->set('Access-Control-Allow-Origin', '*'); } elseif ($this->isSingleOriginAllowed()) { // Single origins can be safely set $response->headers->set('Access-Control-Allow-Origin', array_values($this->options['allowedOrigins'])[0]); } else { // For dynamic headers, check the origin first if ($this->isOriginAllowed($request)) { $response->headers->set('Access-Control-Allow-Origin', $request->headers->get('Origin')); } $this->varyHeader($response, 'Origin'); } } private function isSingleOriginAllowed(): bool { if ($this->options['allowedOrigins'] === true || !empty($this->options['allowedOriginsPatterns'])) { return false; } return count($this->options['allowedOrigins']) === 1; } private function configureAllowedMethods(Response $response, Request $request) { if ($this->options['allowedMethods'] === true) { $allowMethods = strtoupper($request->headers->get('Access-Control-Request-Method')); $this->varyHeader($response, 'Access-Control-Request-Method'); } else { $allowMethods = implode(', ', $this->options['allowedMethods']); } $response->headers->set('Access-Control-Allow-Methods', $allowMethods); } private function configureAllowedHeaders(Response $response, Request $request) { if ($this->options['allowedHeaders'] === true) { $allowHeaders = $request->headers->get('Access-Control-Request-Headers'); $this->varyHeader($response, 'Access-Control-Request-Headers'); } else { $allowHeaders = implode(', ', $this->options['allowedHeaders']); } $response->headers->set('Access-Control-Allow-Headers', $allowHeaders); } private function configureAllowCredentials(Response $response, Request $request) { if ($this->options['supportsCredentials']) { $response->headers->set('Access-Control-Allow-Credentials', 'true'); } } private function configureExposedHeaders(Response $response, Request $request) { if ($this->options['exposedHeaders']) { $response->headers->set('Access-Control-Expose-Headers', implode(', ', $this->options['exposedHeaders'])); } } private function configureMaxAge(Response $response, Request $request) { if ($this->options['maxAge'] !== null) { $response->headers->set('Access-Control-Max-Age', (int) $this->options['maxAge']); } } public function varyHeader(Response $response, $header): Response { if (!$response->headers->has('Vary')) { $response->headers->set('Vary', $header); } elseif (!in_array($header, explode(', ', $response->headers->get('Vary')))) { $response->headers->set('Vary', $response->headers->get('Vary') . ', ' . $header); } return $response; } private function isSameHost(Request $request): bool { return $request->headers->get('Origin') === $request->getSchemeAndHttpHost(); } }
Close
