添加自定主机名
const allowedHosts = ['joomaen.com', 'joomaen.sol.build', 'joomaen.eth.sucks', 'joomaen.eth.limo', 'joomaen.bit.site', 'zyg,im', 'joomaen.top', 'localhost', '127.0.0.1']; // 替换为您的实际允许域名,例如 'yourwebsite.com'
async function handleRequest(request) {
// 获取 Referer 头部,如果没有则拒绝请求
const referer = request.headers.get('Referer');
if (!referer) {
return new Response('Forbidden', { status: 403 });
}
// 解析 Referer 作为 URL,检查是否来自允许的域名
try {
const refererUrl = new URL(referer);
const host = refererUrl.hostname;
if (!allowedHosts.some(allowed => host === allowed || host.endsWith('.' + allowed))) {
return new Response('Forbidden', { status: 403 });
}
} catch (error) {
return new Response('Forbidden', { status: 403 });
}
// 继续原有逻辑,构造 B2 URL
let url = new URL(request.url);
let bucketName = "joomaen";
let b2BaseUrl = `https://f003.backblazeb2.com/file/${bucketName}`;
let newUrl = b2BaseUrl + url.pathname + url.search; // 包含查询参数
// 从 B2 获取资源
let response = await fetch(newUrl);
// 复制响应头,设置缓存和跨域访问
let newHeaders = new Headers(response.headers);
newHeaders.set("Cache-Control", "public, max-age=31536000, immutable");
newHeaders.set("Access-Control-Allow-Origin", "*"); // 修正头部名称
return new Response(response.body, {
status: response.status,
headers: newHeaders
});
}
addEventListener("fetch", event => {
event.respondWith(handleRequest(event.request));
});
去除敏感信息
const allowedHosts = ['example.com', 'anothersite.net', 'localhost', '127.0.0.1']; // 替换为您的实际允许域名,例如 'yourwebsite.com'
async function handleRequest(request) {
// 获取 Referer 头部,如果没有则拒绝请求
const referer = request.headers.get('Referer');
if (!referer) {
return new Response('Forbidden', { status: 403 });
}
// 解析 Referer 作为 URL,检查是否来自允许的域名
try {
const refererUrl = new URL(referer);
const host = refererUrl.hostname;
if (!allowedHosts.some(allowed => host === allowed || host.endsWith('.' + allowed))) {
return new Response('Forbidden', { status: 403 });
}
} catch (error) {
return new Response('Forbidden', { status: 403 });
}
// 继续原有逻辑,构造 B2 URL
let url = new URL(request.url);
let bucketName = "你的桶名";
// 友好URl的域名
let b2BaseUrl = `https://f003.backblazeb2.com/file/${bucketName}`;
let newUrl = b2BaseUrl + url.pathname + url.search; // 包含查询参数
// 从 B2 获取资源
let response = await fetch(newUrl);
// 复制响应头,设置缓存和跨域访问
let newHeaders = new Headers(response.headers);
newHeaders.set("Cache-Control", "public, max-age=31536000, immutable");
newHeaders.set("Access-Control-Allow-Origin", "*"); // 修正头部名称
return new Response(response.body, {
status: response.status,
headers: newHeaders
});
}
addEventListener("fetch", event => {
event.respondWith(handleRequest(event.request));
});