Elgato_dark/bunkerweb
1
0
Fork 0
mirror of https://github.com/bunkerity/bunkerweb synced 2026-05-24 09:28:37 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix settings regex with web-ui

Browse source
This commit is contained in:
Théophile Diot 2023-09-05 11:50:05 +02:00
parent 059afec430
commit d9d6ed9bb0
No known key found for this signature in database
GPG key ID: 248FEA4BAE400D06
22 changed files with 66 additions and 81 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
src/common/core/antibot/plugin.json
View file

@ -29,7 +29,7 @@
"help": "Unused URI that clients will be redirected to to solve the challenge.",
"id": "antibot-uri",
"label": "Antibot URL",
"regex": "^/[\\w\\].~:/?#[@!$&'()*+,;=-]*$",
"regex": "^\\/[\\w\\].~:\\/?#\\[@!$\\&'\\(\\)*+,;=\\-]*$",
"type": "text"
},
"ANTIBOT_RECAPTCHA_SCORE": {
@ -47,7 +47,7 @@
"help": "Sitekey for reCAPTCHA challenge.",
"id": "antibot-recaptcha-sitekey",
"label": "reCAPTCHA sitekey",
"regex": "^[\\w-]*$",
"regex": "^[\\w\\-]*$",
"type": "text"
},
"ANTIBOT_RECAPTCHA_SECRET": {
@ -56,7 +56,7 @@
"help": "Secret for reCAPTCHA challenge.",
"id": "antibot-recaptcha-secret",
"label": "reCAPTCHA secret",
"regex": "^[\\w-]*$",
"regex": "^[\\w\\-]*$",
"type": "password"
},
"ANTIBOT_HCAPTCHA_SITEKEY": {
@ -65,7 +65,7 @@
"help": "Sitekey for hCaptcha challenge.",
"id": "antibot-hcaptcha-sitekey",
"label": "hCaptcha sitekey",
"regex": "^[a-zA-Z0-9-]*$",
"regex": "^[a-zA-Z0-9\\-]*$",
"type": "text"
},
"ANTIBOT_HCAPTCHA_SECRET": {
@ -83,7 +83,7 @@
"help": "Sitekey for Turnstile challenge.",
"id": "antibot-turnstile-sitekey",
"label": "Turnstile sitekey",
"regex": "^(0x[\\w-]+)?$",
"regex": "^(0x[\\w\\-]+)?$",
"type": "text"
},
"ANTIBOT_TURNSTILE_SECRET": {
@ -92,7 +92,7 @@
"help": "Secret for Turnstile challenge.",
"id": "antibot-turnstile-secret",
"label": "Turnstile secret",
"regex": "^(0x[\\w-]+)?$",
"regex": "^(0x[\\w\\-]+)?$",
"type": "password"
},
"ANTIBOT_TIME_RESOLVE": {

4
src/common/core/authbasic/plugin.json
View file

@ -20,7 +20,7 @@
"help": "URL of the protected resource or sitewide value.",
"id": "auth-basic-location",
"label": "Auth basic Location",
"regex": "^(sitewide|/[a-zA-Z0-9-./]*)$",
"regex": "^(sitewide|/[a-zA-Z0-9.\\/\\-]*)$",
"type": "text"
},
"AUTH_BASIC_USER": {
@ -29,7 +29,7 @@
"help": "Username",
"id": "auth-basic-user",
"label": "Auth basic Username",
"regex": "^[\\w-]+",
"regex": "^[\\w\\-]+",
"type": "text"
},
"AUTH_BASIC_PASSWORD": {

24
src/common/core/blacklist/plugin.json
View file

@ -29,7 +29,7 @@
"help": "List of URLs, separated with spaces, containing bad IP/network to block.",
"id": "blacklist-ip-urls",
"label": "Blacklist IP/network URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_RDNS_GLOBAL": {
@ -56,7 +56,7 @@
"help": "List of URLs, separated with spaces, containing reverse DNS suffixes to block.",
"id": "blacklist-rdns-urls",
"label": "Blacklist reverse DNS URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_ASN": {
@ -74,7 +74,7 @@
"help": "List of URLs, separated with spaces, containing ASN to block.",
"id": "blacklist-asn-urls",
"label": "Blacklist ASN URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_USER_AGENT": {
@ -92,7 +92,7 @@
"help": "List of URLs, separated with spaces, containing bad User-Agent to block.",
"id": "blacklist-user-agent-urls",
"label": "Blacklist User-Agent URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_URI": {
@ -101,7 +101,7 @@
"help": "List of URI (PCRE regex), separated with spaces, to block.",
"id": "blacklist-uri",
"label": "Blacklist URI",
"regex": "^( *(/[\\w\\].~:/?#[@!$&'()*+,;=-]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *(.*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_URI_URLS": {
@ -110,7 +110,7 @@
"help": "List of URLs, separated with spaces, containing bad URI to block.",
"id": "blacklist-uri-urls",
"label": "Blacklist URI URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_IGNORE_IP": {
@ -128,7 +128,7 @@
"help": "List of URLs, separated with spaces, containing IP/network to ignore in the blacklist.",
"id": "blacklist-ignore-ip-urls",
"label": "Blacklist ignore IP/network URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_IGNORE_RDNS": {
@ -146,7 +146,7 @@
"help": "List of URLs, separated with spaces, containing reverse DNS suffixes to ignore in the blacklist.",
"id": "blacklist-ignore-rdns-urls",
"label": "Blacklist ignore reverse DNS URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_IGNORE_ASN": {
@ -164,7 +164,7 @@
"help": "List of URLs, separated with spaces, containing ASN to ignore in the blacklist.",
"id": "blacklist-ignore-asn-urls",
"label": "Blacklist ignore ASN URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_IGNORE_USER_AGENT": {
@ -182,7 +182,7 @@
"help": "List of URLs, separated with spaces, containing User-Agent to ignore in the blacklist.",
"id": "blacklist-ignore-user-agent-urls",
"label": "Blacklist ignore User-Agent URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_IGNORE_URI": {
@ -191,7 +191,7 @@
"help": "List of URI (PCRE regex), separated with spaces, to ignore in the blacklist.",
"id": "blacklist-ignore-uri",
"label": "Blacklist ignore URI",
"regex": "^( *(/[\\w\\].~:/?#[@!$&'()*+,;=-]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *(.*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_IGNORE_URI_URLS": {
@ -200,7 +200,7 @@
"help": "List of URLs, separated with spaces, containing URI to ignore in the blacklist.",
"id": "blacklist-ignore-uri-urls",
"label": "Blacklist ignore URI URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
}
},

2
src/common/core/brotli/plugin.json
View file

@ -20,7 +20,7 @@
"help": "List of MIME types that will be compressed with brotli.",
"id": "brotli-types",
"label": "MIME types",
"regex": "^(?! )( ?([-\\w.]+/[-\\w.+]+)(?!.*\\2(?!.)))+$",
"regex": "^(?! )( ?([\\-\\w.]+/[\\-\\w.+]+)(?!.*\\2(?!.)))+$",
"type": "text"
},
"BROTLI_MIN_LENGTH": {

2
src/common/core/bunkernet/plugin.json
View file

@ -20,7 +20,7 @@
"help": "Address of the BunkerNet API.",
"id": "bunkernet-server",
"label": "BunkerNet server",
"regex": "^https?:\\/\\/[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*$",
"regex": "^https?:\\/\\/[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*$",
"type": "text"
}
},

25
src/common/core/cors/plugin.json
View file

@ -29,7 +29,7 @@
"help": "Value of the Access-Control-Expose-Headers header.",
"id": "cors-expose-headers",
"label": "Access-Control-Expose-Headers value",
"regex": "^(\\*|(?![, ]+)(,? ?([\\w-]+)(?!.*\\3(?!.)))*)?$",
"regex": "^(\\*|(?![, ]+)(,? ?([\\w\\-]+)(?!.*\\3(?!.)))*)?$",
"type": "text"
},
"CROSS_ORIGIN_OPENER_POLICY": {
@ -40,12 +40,7 @@
"label": "Cross-Origin-Opener-Policy",
"regex": "^(unsafe-none|same-origin-allow-popups|same-origin)?$",
"type": "select",
"select": [
"",
"unsafe-none",
"same-origin-allow-popups",
"same-origin"
]
"select": ["", "unsafe-none", "same-origin-allow-popups", "same-origin"]
},
"CROSS_ORIGIN_EMBEDDER_POLICY": {
"context": "multisite",
@ -55,12 +50,7 @@
"label": "Cross-Origin-Embedder-Policy",
"regex": "^(unsafe-none|require-corp|credentialless)?$",
"type": "select",
"select": [
"",
"unsafe-none",
"require-corp",
"credentialless"
]
"select": ["", "unsafe-none", "require-corp", "credentialless"]
},
"CROSS_ORIGIN_RESOURCE_POLICY": {
"context": "multisite",
@ -70,12 +60,7 @@
"label": "Cross-Origin-Resource-Policy",
"regex": "^(same-site|same-origin|cross-origin)?$",
"type": "select",
"select": [
"",
"same-site",
"same-origin",
"cross-origin"
]
"select": ["", "same-site", "same-origin", "cross-origin"]
},
"CORS_MAX_AGE": {
"context": "multisite",
@ -110,7 +95,7 @@
"help": "Value of the Access-Control-Allow-Headers header.",
"id": "cors-allow-headers",
"label": "Access-Control-Allow-Headers value",
"regex": "^(\\*|(?![, ])(,? ?([\\w-]+)(?!.*\\3(?!.)))*)?$",
"regex": "^(\\*|(?![, ])(,? ?([\\w\\-]+)(?!.*\\3(?!.)))*)?$",
"type": "text"
},
"CORS_DENY_REQUEST": {

4
src/common/core/customcert/plugin.json
View file

@ -20,7 +20,7 @@
"help": "Full path of the certificate or bundle file (must be readable by the scheduler).",
"id": "custom-https-cert",
"label": "Certificate path",
"regex": "^(/[\\w. -]+)*/?$",
"regex": "^(/[\\w. \\-]+)*/?$",
"type": "text"
},
"CUSTOM_SSL_KEY": {
@ -29,7 +29,7 @@
"help": "Full path of the key file (must be readable by the scheduler).",
"id": "custom-https-key",
"label": "Key path",
"regex": "^(/[\\w. -]+)*/?$",
"regex": "^(/[\\w. \\-]+)*/?$",
"type": "text"
}
},

2
src/common/core/db/plugin.json
View file

@ -11,7 +11,7 @@
"help": "The database URI, following the sqlalchemy format.",
"id": "database-uri",
"label": "The database URI",
"regex": "^(postgresql|mysql|mariadb|sqlite|oracle)(\\+[\\w-]+)?:.+$",
"regex": "^(postgresql|mysql|mariadb|sqlite|oracle)(\\+[\\w\\-]+)?:.+$",
"type": "text"
}
}

2
src/common/core/errors/plugin.json
View file

@ -11,7 +11,7 @@
"help": "List of HTTP error code and corresponding error pages, separated with spaces (404=/my404.html 403=/errors/403.html ...).",
"id": "errors",
"label": "Errors",
"regex": "^(?! )( ?([1-5]\\d{2})(?!.*\\2(?![^=]))=(/[\\w\\].~:/?#[@!$&'()*+,;=-]*)(?!.*\\3(?!.)))*$",
"regex": "^(?! )( ?([1-5]\\d{2})(?!.*\\2(?![^=]))=(\\/[\\w\\].~:\\/?#\\[@!$\\&'\\(\\)*+,;=\\-]*)(?!.*\\3(?!.)))*$",
"type": "text"
},
"INTERCEPTED_ERROR_CODES": {

10
src/common/core/greylist/plugin.json
View file

@ -29,7 +29,7 @@
"help": "List of URLs, separated with spaces, containing good IP/network to put into the greylist.",
"id": "greylist-ip-urls",
"label": "Greylist IP/network URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"GREYLIST_RDNS_GLOBAL": {
@ -56,7 +56,7 @@
"help": "List of URLs, separated with spaces, containing reverse DNS suffixes to put into the greylist.",
"id": "greylist-rdns-urls",
"label": "Greylist reverse DNS URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"GREYLIST_ASN": {
@ -74,7 +74,7 @@
"help": "List of URLs, separated with spaces, containing ASN to put into the greylist.",
"id": "greylist-asn-urls",
"label": "Greylist ASN URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"GREYLIST_USER_AGENT": {
@ -92,7 +92,7 @@
"help": "List of URLs, separated with spaces, containing good User-Agent to put into the greylist.",
"id": "greylist-user-agent-urls",
"label": "Greylist User-Agent URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"GREYLIST_URI": {
@ -110,7 +110,7 @@
"help": "List of URLs, separated with spaces, containing bad URI to put into the greylist.",
"id": "greylist-uri-urls",
"label": "Greylist URI URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
}
},

2
src/common/core/gzip/plugin.json
View file

@ -20,7 +20,7 @@
"help": "List of MIME types that will be compressed with gzip.",
"id": "gzip-types",
"label": "MIME types",
"regex": "^(?! )( ?([-\\w.]+/[-\\w.+]+)(?!.*\\2(?!.)))+$",
"regex": "^(?! )( ?([\\-\\w.]+/[\\-\\w.+]+)(?!.*\\2(?!.)))+$",
"type": "text"
},
"GZIP_MIN_LENGTH": {

12
src/common/core/headers/plugin.json
View file

@ -11,7 +11,7 @@
"help": "Custom header to add (HeaderName: HeaderValue).",
"id": "custom-header",
"label": "Custom header (HeaderName: HeaderValue)",
"regex": "^([\\w-]+: [^,]+)?$",
"regex": "^([\\w\\-]+: [^,]+)?$",
"type": "text",
"multiple": "custom-headers"
},
@ -21,7 +21,7 @@
"help": "Headers to remove (Header1 Header2 Header3 ...)",
"id": "remove-headers",
"label": "Remove headers",
"regex": "^(?! )( ?[\\w-]+)*$",
"regex": "^(?! )( ?[\\w\\-]+)*$",
"type": "text"
},
"KEEP_UPSTREAM_HEADERS": {
@ -30,7 +30,7 @@
"help": "Headers to keep from upstream (Header1 Header2 Header3 ... or * for all).",
"id": "keep-upstream-headers",
"label": "Keep upstream headers",
"regex": "^((?! )( ?[\\w-]+)+|\\*)?$",
"regex": "^((?! )( ?[\\w\\-]+)+|\\*)?$",
"type": "text"
},
"STRICT_TRANSPORT_SECURITY": {
@ -105,7 +105,7 @@
"help": "Value for the Permissions-Policy header.",
"id": "permissions-policy",
"label": "Permissions-Policy",
"regex": "^(?![, ])(,? ?([a-z-]+)(?!.*[^-]\\2=)=(\\*|\\(( ?(self|\\u0022https?:\\/\\/[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*\\u0022)(?=[ \\)]))*\\)))*$",
"regex": "^(?![, ])(,? ?([a-z\\-]+)(?!.*[^\\-]\\2=)=(\\*|\\(( ?(self|\\u0022https?:\\/\\/[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*\\u0022)(?=[ \\)]))*\\)))*$",
"type": "text"
},
"FEATURE_POLICY": {
@ -114,7 +114,7 @@
"help": "Value for the Feature-Policy header.",
"id": "feature-policy",
"label": "Feature-Policy",
"regex": "^(?![; ])( ?([\\w-]+)(?!.*[^-]\\2 )( ('(none|self|strict-dynamic|report-sample|unsafe-inline|unsafe-eval|unsafe-hashes|unsafe-allow-redirects)'|https?://[\\w@:%.+~#=-]+[\\w()!@:%+.~#?&/=$-]*))+;)*$",
"regex": "^(?![; ])( ?([\\w\\-]+)(?!.*[^\\-]\\2 )( ('(none|self|strict-dynamic|report-sample|unsafe-inline|unsafe-eval|unsafe-hashes|unsafe-allow-redirects)'|https?:\\/\\/[\\w@:%.+~#=\\-]+[\\w\\(\\)!@:%+.~#?&\\/=$\\-]*))+;)*$",
"type": "text"
},
"X_FRAME_OPTIONS": {
@ -143,7 +143,7 @@
"help": "Value for the X-XSS-Protection header.",
"id": "x-xss-protection",
"label": "X-XSS-Protection",
"regex": "^0|1(; (mode=block|report=https?:\\/\\/[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*))?$",
"regex": "^0|1(; (mode=block|report=https?:\\/\\/[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*))?$",
"type": "text"
}
}

2
src/common/core/letsencrypt/plugin.json
View file

@ -20,7 +20,7 @@
"help": "Email used for Let's Encrypt notification and in certificate.",
"id": "email-lets-encrypt",
"label": "Email Let's Encrypt",
"regex": "^([\\w.-]+@[a-zA-Z0-9.-]+\\.[a-z]{2,})?$",
"regex": "^([\\w.\\-]+@[a-zA-Z0-9.\\-]+\\.[a-z]{2,})?$",
"type": "text"
},
"USE_LETS_ENCRYPT_STAGING": {

2
src/common/core/limit/plugin.json
View file

@ -20,7 +20,7 @@
"help": "URL (PCRE regex) where the limit request will be applied or special value / for all requests.",
"id": "limit-req-url",
"label": "Limit request URL",
"regex": "^[\\w\\].~:/^%?#[@!$&'()*+,;=-]+$",
"regex": "^.+$",
"type": "text",
"multiple": "limit-req"
},

4
src/common/core/misc/plugin.json
View file

@ -65,7 +65,7 @@
"help": "Root folder containing files to serve (/var/www/html/{server_name} if unset).",
"id": "root-folder",
"label": "Root folder",
"regex": "^(/[\\w. -]+)*/?$",
"regex": "^(/[\\w. \\-]+)*/?$",
"type": "text"
},
"SSL_PROTOCOLS": {
@ -146,7 +146,7 @@
"help": "List of external plugins URLs (direct download to .zip or .tar file) to download and install (URLs are separated with space).",
"id": "external-plugin-urls",
"label": "External plugin URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"DENY_HTTP_STATUS": {

6
src/common/core/php/plugin.json
View file

@ -20,7 +20,7 @@
"help": "Root folder containing files in the remote PHP-FPM instance.",
"id": "remote-php-path",
"label": "Remote PHP path",
"regex": "^(/[\\w. -]+)*/?$",
"regex": "^(/[\\w. \\-]+)*/?$",
"type": "text"
},
"LOCAL_PHP": {
@ -29,7 +29,7 @@
"help": "Path to the PHP-FPM socket file.",
"id": "local",
"label": "Local PHP",
"regex": "^(/[\\w. -]+)*/?$",
"regex": "^(/[\\w. \\-]+)*/?$",
"type": "text"
},
"LOCAL_PHP_PATH": {
@ -38,7 +38,7 @@
"help": "Root folder containing files in the local PHP-FPM instance.",
"id": "local-php-path",
"label": "Local PHP path",
"regex": "^(/[\\w. -]+)*/?$",
"regex": "^(/[\\w. \\-]+)*/?$",
"type": "text"
}
}

4
src/common/core/realip/plugin.json
View file

@ -38,7 +38,7 @@
"help": "List of URLs containing trusted IPs / networks, separated with spaces, where proxied requests come from.",
"id": "real-ip-from-urls",
"label": "Real IP from URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"REAL_IP_HEADER": {
@ -47,7 +47,7 @@
"help": "HTTP header containing the real IP or special value proxy_protocol for PROXY protocol.",
"id": "real-ip-header",
"label": "Real IP header",
"regex": "^(?! )(( ?(?!proxy_protocol)[\\w-]+)*|proxy_protocol)$",
"regex": "^(?! )(( ?(?!proxy_protocol)[\\w\\-]+)*|proxy_protocol)$",
"type": "text"
},
"REAL_IP_RECURSIVE": {

2
src/common/core/redirect/plugin.json
View file

@ -11,7 +11,7 @@
"help": "Redirect a whole site to another one.",
"id": "redirect-to",
"label": "Redirect to",
"regex": "^(https?:\\/\\/[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)?$",
"regex": "^(https?:\\/\\/[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)?$",
"type": "text"
},
"REDIRECT_TO_REQUEST_URI": {

2
src/common/core/redis/plugin.json
View file

@ -20,7 +20,7 @@
"help": "Redis server IP or hostname.",
"id": "redis-host",
"label": "Redis server",
"regex": "^((?!-)[a-zA-Z0-9-]{1,63}(.[a-zA-Z]{2,})+|(\\b25[0-5]|\\b2[0-4]\\d|\\b[01]?\\d\\d?)(\\.(25[0-5]|2[0-4]\\d|[01]?\\d\\d?)){3}|(([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]Z{0,4}){0,4}%[0-9a-zA-Z]+|::(ffff(:0{1,4})?:)?((25[0-5]|(2[0-4]|1?\\d)?\\d)\\.){3}(25[0-5]|(2[0-4]|1?\\d)?\\d)|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1?\\d)?\\d)\\.){3}(25[0-5]|(2[0-4]|1?\\d)?\\d)))?$",
"regex": "^((?!-)[a-zA-Z0-9\\-]{1,63}(.[a-zA-Z]{2,})+|(\\b25[0-5]|\\b2[0-4]\\d|\\b[01]?\\d\\d?)(\\.(25[0-5]|2[0-4]\\d|[01]?\\d\\d?)){3}|(([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]Z{0,4}){0,4}%[0-9a-zA-Z]+|::(ffff(:0{1,4})?:)?((25[0-5]|(2[0-4]|1?\\d)?\\d)\\.){3}(25[0-5]|(2[0-4]|1?\\d)?\\d)|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1?\\d)?\\d)\\.){3}(25[0-5]|(2[0-4]|1?\\d)?\\d)))?$",
"type": "text"
},
"REDIS_PORT": {

10
src/common/core/reverseproxy/plugin.json
View file

@ -59,7 +59,7 @@
"help": "List of HTTP headers to send to proxied resource separated with semicolons (values for proxy_set_header directive).",
"id": "reverse-proxy-headers",
"label": "Reverse proxy headers",
"regex": "^(?![; ])(;? ?([\\w-]+)(?!.*\\2 ) [^;]+)*$",
"regex": "^(?![; ])(;? ?([\\w\\-]+)(?!.*\\2 ) [^;]+)*$",
"type": "text",
"multiple": "reverse-proxy"
},
@ -69,7 +69,7 @@
"help": "List of HTTP headers to send to client separated with semicolons (values for add_header directive).",
"id": "reverse-proxy-headers-client",
"label": "Reverse proxy headers-client",
"regex": "^(?![; ])(;? ?([\\w-]+)(?!.*\\2 ) [^;]+)*$",
"regex": "^(?![; ])(;? ?([\\w\\-]+)(?!.*\\2 ) [^;]+)*$",
"type": "text",
"multiple": "reverse-proxy"
},
@ -99,7 +99,7 @@
"help": "Enable authentication using an external provider (value of auth_request directive).",
"id": "reverse-proxy-auth-request",
"label": "Reverse proxy auth request",
"regex": "^(/[\\w\\].~:/?#[@!$&'()*+,;=-]*|off)?$",
"regex": "^(\\/[\\w\\].~:\\/?#\\[@!$\\&'\\(\\)*+,;=\\-]*|off)?$",
"type": "text",
"multiple": "reverse-proxy"
},
@ -109,7 +109,7 @@
"help": "Redirect clients to sign-in URL when using REVERSE_PROXY_AUTH_REQUEST (used when auth_request call returned 401).",
"id": "reverse-proxy-auth-request-signin-url",
"label": "Auth request signin URL",
"regex": "^(https?:\\/\\/[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)?$",
"regex": "^(https?:\\/\\/[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)?$",
"type": "text",
"multiple": "reverse-proxy"
},
@ -119,7 +119,7 @@
"help": "List of variables to set from the authentication provider, separated with semicolons (values of auth_request_set directives).",
"id": "reverse-proxy-auth-request-set",
"label": "Reverse proxy auth request set",
"regex": "^(?! ;)(;? ?(\\$[a-z_-]+)(?!.*\\2 ) [^;]+)*$",
"regex": "^(?! ;)(;? ?(\\$[a-z_\\-]+)(?!.*\\2 ) [^;]+)*$",
"type": "text",
"multiple": "reverse-proxy"
},

12
src/common/core/whitelist/plugin.json
View file

@ -29,7 +29,7 @@
"help": "List of URLs, separated with spaces, containing good IP/network to whitelist.",
"id": "whitelist-ip-urls",
"label": "Whitelist IP/network URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"WHITELIST_RDNS_GLOBAL": {
@ -56,7 +56,7 @@
"help": "List of URLs, separated with spaces, containing reverse DNS suffixes to whitelist.",
"id": "whitelist-rdns-urls",
"label": "Whitelist reverse DNS URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"WHITELIST_ASN": {
@ -74,7 +74,7 @@
"help": "List of URLs, separated with spaces, containing ASN to whitelist.",
"id": "whitelist-asn-urls",
"label": "Whitelist ASN URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"WHITELIST_USER_AGENT": {
@ -92,7 +92,7 @@
"help": "List of URLs, separated with spaces, containing good User-Agent to whitelist.",
"id": "whitelist-user-agent-urls",
"label": "Whitelist User-Agent URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"WHITELIST_URI": {
@ -101,7 +101,7 @@
"help": "List of URI (PCRE regex), separated with spaces, to whitelist.",
"id": "whitelist-uri",
"label": "Whitelist URI",
"regex": "^( *(/[\\w\\].~:/?#[@!$&'()*+,;=-]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *(.*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"WHITELIST_URI_URLS": {
@ -110,7 +110,7 @@
"help": "List of URLs, separated with spaces, containing bad URI to whitelist.",
"id": "whitelist-uri-urls",
"label": "Whitelist URI URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
}
},

2
src/common/settings.json
View file

@ -14,7 +14,7 @@
"help": "Where nginx will search for configurations.",
"id": "nginx-prefix",
"label": "nginx prefix",
"regex": "^(/[\\w. -]+)*/$",
"regex": "^(\\/[\\-\\w.\\s]+)*\\/$",
"type": "text"
},
"HTTP_PORT": {