├── README.md
├── LICENCE
└── index.js


/README.md:
--------------------------------------------------------------------------------
 1 | # cfdohpw
 2 | 
 3 | Cloudflare DoH proxy worker。
 4 | 
 5 | 借助 Cloudflare CDN 平台中转加速任意 DoH (RFC8484) 流量。无需服务器和域名。
 6 | 
 7 | ## 如何使用
 8 | 
 9 | Worker 的代码在项目根目录的 [index.js](https://github.com/IrineSistiana/cfdohpw/blob/main/index.js)。
10 | 
11 | ### 不用软件只需浏览器点鼠标
12 | 
13 | 可以用 Cloudflare 网页控制台部署 worker。Cloudflare 经常更新它的网页，此处省略一万字，请 Google，教程很多。
14 | 
15 | ### 命令行
16 | 
17 | 需要 Cloudflare 官方工具 [wrangler](https://github.com/cloudflare/wrangler)。详见官方说明。此处省略一万字。
18 | 
19 | ## 如何避免所有人都能使用该 worker
20 | 
21 | 虽然平常见到的 DoH 服务器的地址都是 `https://<server_addr>/dns-query`。但这个路径 `/dns-query` 其实是可以随意改的。
22 | 
23 | 可以修改 index.js 中的 `endpointPath` 参数来改变该路径。
24 | 
25 | 比如设定
26 | 
27 | ```js
28 | const endpointPath = '/dns-query-with-my-passwd-123456';
29 | ```
30 | 
31 | 则服务器地址变成 `https://<server_addr>/dns-query-with-my-passwd-123456`。只有知道路径的用户才能使用该 worker。
32 | 
33 | ## Credit
34 | 
35 | - [Cloudflare Workers](https://workers.cloudflare.com/)
36 | 


--------------------------------------------------------------------------------
/LICENCE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2022 IrineSistiana
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.


--------------------------------------------------------------------------------
/index.js:
--------------------------------------------------------------------------------
 1 | // 请求路径。请修改此路径，避免该 worker 所有人都能使用。
 2 | const endpointPath = '/dns-query';
 3 | // 上游 DoH 地址。必需是域名，不能是 IP。Cloudflare 有限制。
 4 | const upstream = 'https://dns.google/dns-query';
 5 | 
 6 | /**
 7 |  * @param {Request} request
 8 |  * @param {URL} clientUrl
 9 |  */
10 | async function handleRequestGet(request, clientUrl) {
11 |   const dnsValue = clientUrl.searchParams.get('dns')
12 | 
13 |   if (dnsValue == null) {
14 |     return new Response('missing parameters', { status: 400 });
15 |   }
16 | 
17 |   if (request.headers.get('accept') != 'application/dns-message') {
18 |     return new Response('bad request header', { status: 400 });
19 |   }
20 | 
21 |   const upstreamUrl = new URL(upstream);
22 |   upstreamUrl.searchParams.set('dns', dnsValue);
23 |   const upstreamRequest = new Request(upstreamUrl.toString(), {
24 |     headers: request.headers,
25 |     method: 'GET',
26 |   });
27 |   upstreamRequest.headers.set('host', upstreamUrl.hostname)
28 |   return await fetch(upstreamRequest);
29 | }
30 | 
31 | /**
32 |  * @param {Request} request
33 |  * @param {URL} clientUrl
34 |  */
35 | async function handleRequestPost(request, clientUrl) {
36 |   if (request.headers.get('content-type') != 'application/dns-message') {
37 |     return new Response('bad request header', { status: 400 });
38 |   }
39 |   const upstreamRequest = new Request(upstream, {
40 |     method: 'POST',
41 |     headers: {
42 |       'accept': 'application/dns-message',
43 |       'content-type': 'application/dns-message',
44 |     },
45 |     body: await request.arrayBuffer()
46 |   });
47 |   return await fetch(upstreamRequest);
48 | }
49 | 
50 | /**
51 |  * @param {Request} request
52 |  */
53 | async function handleRequest(request) {
54 |   const clientUrl = new URL(request.url);
55 |   if (clientUrl.pathname != endpointPath) {
56 |     return new Response('Hello World!', { status: 404 });
57 |   }
58 | 
59 |   switch (request.method) {
60 |     case 'GET':
61 |       return handleRequestGet(request, clientUrl)
62 |     case 'POST':
63 |       return handleRequestPost(request, clientUrl)
64 |     default:
65 |       return new Response('method not allowed', { status: 405 });
66 |   }
67 | }
68 | 
69 | addEventListener('fetch', event => {
70 |   event.respondWith(handleRequest(event.request));
71 | });


--------------------------------------------------------------------------------