kaffa/crowdsec-bunny-bouncer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

edge: 캡챠 verify 경로 항상 인터셉트 (bloom 업데이트 race로 origin 404 dead-end 수정)

Browse Source
This commit is contained in:
kaffa
2026-04-09 02:59:48 +00:00
parent 1dcf2f448e
commit 7da39b2acb
1 changed files with 16 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
edge/middleware.ts
View File

@@ -316,6 +316,22 @@ BunnySDK.net.http
.servePullZone()
.onOriginRequest(async (ctx) => {
const ip = ctx.request.headers.get("X-Real-Ip");
const url = new URL(ctx.request.url);
// Reserved path: always intercepted so it never reaches origin.
// Bloom filter may update between captcha serve and verify POST;
// if so, the POST would otherwise fall through to origin as 404,
// leaving the user stuck in a dead-end captcha flow.
if (url.pathname === "/__captcha/verify") {
if (!ip || ctx.request.method !== "POST") {
return new Response(null, {
status: 302,
headers: { Location: "/" },
});
}
return handleCaptchaVerify(ctx.request, ip);
}
if (!ip) return ctx.request;
if (isCleanCached(ip)) return ctx.request;
@@ -329,12 +345,6 @@ BunnySDK.net.http
return ctx.request;
}
const url = new URL(ctx.request.url);
if (url.pathname === "/__captcha/verify" && ctx.request.method === "POST") {
return handleCaptchaVerify(ctx.request, ip);
}
return captchaPage(url.pathname + url.search);
}