docs: Updates contributors list

Merge pull request #243 from Lissy93/sec/fix-com-inj-vul
security: Replace exec with execFile
2025-04-27 03:20:38 +01:00 · 2025-04-12 12:13:01 +01:00 · 2025-04-12 12:12:51 +01:00 · 2025-04-12 12:11:11 +01:00 · 2025-04-03 13:05:33 +01:00 · 2025-03-29 10:51:22 +00:00
4 changed files with 119 additions and 65 deletions
--- a/.github/README.md
+++ b/.github/README.md
@@ -1014,6 +1014,13 @@ Credit to the following users for contributing to Web-Check
                    <sub><b>Ulises Gascón</b></sub>
                </a>
            </td>
            <td align="center">
                <a href="https://github.com/CrazyWolf13">
                    <img src="https://avatars.githubusercontent.com/u/96661824?v=4" width="80;" alt="CrazyWolf13"/>
                    <br />
                    <sub><b>Tobias</b></sub>
                </a>
            </td>
            <td align="center">
                <a href="https://github.com/PhiRequiem">
                    <img src="https://avatars.githubusercontent.com/u/1323576?v=4" width="80;" alt="PhiRequiem"/>
@@ -1028,6 +1035,8 @@ Credit to the following users for contributing to Web-Check
                    <sub><b>Nikolaos G. Ntaiko</b></sub>
                </a>
            </td>
 		</tr>
 		<tr>
            <td align="center">
                <a href="https://github.com/Myzel394">
                    <img src="https://avatars.githubusercontent.com/u/50424412?v=4" width="80;" alt="Myzel394"/>
@@ -1035,8 +1044,6 @@ Credit to the following users for contributing to Web-Check
                    <sub><b>Myzel394</b></sub>
                </a>
            </td>
 		</tr>
 		<tr>
            <td align="center">
                <a href="https://github.com/murrple-1">
                    <img src="https://avatars.githubusercontent.com/u/5559656?v=4" width="80;" alt="murrple-1"/>
@@ -1058,13 +1065,6 @@ Credit to the following users for contributing to Web-Check
                    <sub><b>John Hupperts</b></sub>
                </a>
            </td>
            <td align="center">
                <a href="https://github.com/eltociear">
                    <img src="https://avatars.githubusercontent.com/u/22633385?v=4" width="80;" alt="eltociear"/>
                    <br />
                    <sub><b>Ikko Eltociear Ashimine</b></sub>
                </a>
            </td>
            <td align="center">
                <a href="https://github.com/Gertje823">
                    <img src="https://avatars.githubusercontent.com/u/36937387?v=4" width="80;" alt="Gertje823"/>
@@ -1110,11 +1110,18 @@ Huge thanks to these wonderful people, who sponsor me on GitHub, their support h
 		<tr>
            <td align="center">
                <a href="https://github.com/vincentkoc">
-                    <img src="https://avatars.githubusercontent.com/u/25068?v=4" width="80;" alt="vincentkoc"/>
+                    <img src="https://avatars.githubusercontent.com/u/25068?u=fbd5b2d51142daa4bdbc21e21953a3b8b8188a4a&v=4" width="80;" alt="vincentkoc"/>
                    <br />
                    <sub><b>Vincent Koc</b></sub>
                </a>
            </td>
            <td align="center">
                <a href="https://github.com/BrianCurliss">
                    <img src="https://avatars.githubusercontent.com/u/1222949?v=4" width="80;" alt="BrianCurliss"/>
                    <br />
                    <sub><b>Brian Curliss</b></sub>
                </a>
            </td>
            <td align="center">
                <a href="https://github.com/AnandChowdhary">
                    <img src="https://avatars.githubusercontent.com/u/2841780?u=747e554b3a7f12eb20b7910e1c87d817844f714f&v=4" width="80;" alt="AnandChowdhary"/>
@@ -1122,13 +1129,6 @@ Huge thanks to these wonderful people, who sponsor me on GitHub, their support h
                    <sub><b>Anand Chowdhary</b></sub>
                </a>
            </td>
            <td align="center">
                <a href="https://github.com/shrippen">
                    <img src="https://avatars.githubusercontent.com/u/2873570?v=4" width="80;" alt="shrippen"/>
                    <br />
                    <sub><b>Shrippen</b></sub>
                </a>
            </td>
            <td align="center">
                <a href="https://github.com/bile0026">
                    <img src="https://avatars.githubusercontent.com/u/5022496?u=aec96ad173c0ea9baaba93807efa8a848af6595c&v=4" width="80;" alt="bile0026"/>
@@ -1173,13 +1173,6 @@ Huge thanks to these wonderful people, who sponsor me on GitHub, their support h
                    <sub><b>Brian McGonagill</b></sub>
                </a>
            </td>
            <td align="center">
                <a href="https://github.com/arcestia">
                    <img src="https://avatars.githubusercontent.com/u/7936962?v=4" width="80;" alt="arcestia"/>
                    <br />
                    <sub><b>Laurensius Jeffrey</b></sub>
                </a>
            </td>
            <td align="center">
                <a href="https://github.com/vlad-tim">
                    <img src="https://avatars.githubusercontent.com/u/11474041?u=eee43705b54d2ec9f51fc4fcce5ad18dd17c87e4&v=4" width="80;" alt="vlad-tim"/>
@@ -1193,15 +1186,6 @@ Huge thanks to these wonderful people, who sponsor me on GitHub, their support h
                    <br />
                    <sub><b>HeliXZz</b></sub>
                </a>
            </td>
 		</tr>
 		<tr>
            <td align="center">
                <a href="https://github.com/patvdv">
                    <img src="https://avatars.githubusercontent.com/u/12430107?u=e8911c2fb91af4d30432f76da8c40927b2830bd7&v=4" width="80;" alt="patvdv"/>
                    <br />
                    <sub><b>Patrick Van Der Veken</b></sub>
                </a>
            </td>
            <td align="center">
                <a href="https://github.com/mryesiller">
@@ -1210,6 +1194,8 @@ Huge thanks to these wonderful people, who sponsor me on GitHub, their support h
                    <sub><b>Göksel Yeşiller</b></sub>
                </a>
            </td>
 		</tr>
 		<tr>
            <td align="center">
                <a href="https://github.com/sushibait">
                    <img src="https://avatars.githubusercontent.com/u/26634535?v=4" width="80;" alt="sushibait"/>
@@ -1217,13 +1203,6 @@ Huge thanks to these wonderful people, who sponsor me on GitHub, their support h
                    <sub><b>Shiverme Timbers</b></sub>
                </a>
            </td>
            <td align="center">
                <a href="https://github.com/forwardemail">
                    <img src="https://avatars.githubusercontent.com/u/32481436?v=4" width="80;" alt="forwardemail"/>
                    <br />
                    <sub><b>Forward Email - Open-source & Privacy-focused Email Service (2023)</b></sub>
                </a>
            </td>
            <td align="center">
                <a href="https://github.com/getumbrel">
                    <img src="https://avatars.githubusercontent.com/u/59408891?v=4" width="80;" alt="getumbrel"/>
@@ -1238,8 +1217,6 @@ Huge thanks to these wonderful people, who sponsor me on GitHub, their support h
                    <sub><b>HamburgerJung</b></sub>
                </a>
            </td>
 		</tr>
 		<tr>
            <td align="center">
                <a href="https://github.com/frankdez93">
                    <img src="https://avatars.githubusercontent.com/u/87549420?v=4" width="80;" alt="frankdez93"/>
@@ -1261,19 +1238,14 @@ Huge thanks to these wonderful people, who sponsor me on GitHub, their support h
                    <sub><b>st617</b></sub>
                </a>
            </td>
 		</tr>
 		<tr>
            <td align="center">
                <a href="https://github.com/hudsonrock-partnerships">
                    <img src="https://avatars.githubusercontent.com/u/163282900?u=5f2667f7fe5d284ac7a2da6b0800ea8970b0fcbf&v=4" width="80;" alt="hudsonrock-partnerships"/>
                    <br />
                    <sub><b>hudsonrock-partnerships</b></sub>
                </a>
            </td>
            <td align="center">
                <a href="https://github.com/CarterPerez-dev">
                    <img src="https://avatars.githubusercontent.com/u/188120068?v=4" width="80;" alt="CarterPerez-dev"/>
                    <br />
                    <sub><b>Carter Perez</b></sub>
                </a>
            </td>
 		</tr>
 	<tbody>
--- a/api/screenshot.js
+++ b/api/screenshot.js
@@ -1,10 +1,67 @@
 import puppeteer from 'puppeteer-core';
 import chromium from 'chrome-aws-lambda';
 import middleware from './_common/middleware.js';
 import { execFile } from 'child_process';
 import { promises as fs } from 'fs';
 import path from 'path';
 import pkg from 'uuid';
 const { v4: uuidv4 } = pkg;
 // Helper function for direct chromium screenshot as fallback
 const directChromiumScreenshot = async (url) => {
  console.log(`[DIRECT-SCREENSHOT] Starting direct screenshot process for URL: ${url}`);
  // Create a tmp filename
  const tmpDir = '/tmp';
  const uuid = uuidv4();
  const screenshotPath = path.join(tmpDir, `screenshot-${uuid}.png`);
  console.log(`[DIRECT-SCREENSHOT] Will save screenshot to: ${screenshotPath}`);
  return new Promise((resolve, reject) => {
    const chromePath = process.env.CHROME_PATH || '/usr/bin/chromium';
    const args = [
      '--headless',
      '--disable-gpu',
      '--no-sandbox',
      `--screenshot=${screenshotPath}`,
      url
    ];
    console.log(`[DIRECT-SCREENSHOT] Executing: ${chromePath} ${args.join(' ')}`);
    execFile(chromePath, args, async (error, stdout, stderr) => {
      if (error) {
        console.error(`[DIRECT-SCREENSHOT] Chromium error: ${error.message}`);
        return reject(error);
      }
      try {
        // Read the screenshot file
        const screenshotData = await fs.readFile(screenshotPath);
        console.log(`[DIRECT-SCREENSHOT] Screenshot read successfully`);
        // Convert to base64
        const base64Data = screenshotData.toString('base64');
        await fs.unlink(screenshotPath).catch(err =>
          console.warn(`[DIRECT-SCREENSHOT] Failed to delete temp file: ${err.message}`)
        );
        resolve(base64Data);
      } catch (readError) {
        console.error(`[DIRECT-SCREENSHOT] Failed reading screenshot: ${readError.message}`);
        reject(readError);
      }
    });
  });
 };
 const screenshotHandler = async (targetUrl) => {
  console.log(`[SCREENSHOT] Request received for URL: ${targetUrl}`);
  if (!targetUrl) {
    console.error('[SCREENSHOT] URL is missing from queryStringParameters');
    throw new Error('URL is missing from queryStringParameters');
  }
@@ -15,26 +72,45 @@ const screenshotHandler = async (targetUrl) => {
  try {
    new URL(targetUrl);
  } catch (error) {
    console.error(`[SCREENSHOT] URL provided is invalid: ${targetUrl}`);
    throw new Error('URL provided is invalid');
  }
  // First try direct Chromium
  try {
    console.log(`[SCREENSHOT] Using direct Chromium method for URL: ${targetUrl}`);
    const base64Screenshot = await directChromiumScreenshot(targetUrl);
    console.log(`[SCREENSHOT] Direct screenshot successful`);
    return { image: base64Screenshot };
  } catch (directError) {
    console.error(`[SCREENSHOT] Direct screenshot method failed: ${directError.message}`);
    console.log(`[SCREENSHOT] Falling back to puppeteer method...`);
  }
  // fall back puppeteer 
  let browser = null;
  try {
    console.log(`[SCREENSHOT] Launching puppeteer browser`);
    browser = await puppeteer.launch({
      args: [...chromium.args, '--no-sandbox'], // Add --no-sandbox flag
      defaultViewport: { width: 800, height: 600 },
-      executablePath: process.env.CHROME_PATH || await chromium.executablePath,
+      executablePath: process.env.CHROME_PATH || '/usr/bin/chromium',
-      headless: chromium.headless,
+      headless: true,
      ignoreHTTPSErrors: true,
      ignoreDefaultArgs: ['--disable-extensions'],
    });
    console.log(`[SCREENSHOT] Creating new page`);
    let page = await browser.newPage();
    console.log(`[SCREENSHOT] Setting page preferences`);
    await page.emulateMediaFeatures([{ name: 'prefers-color-scheme', value: 'dark' }]);
    page.setDefaultNavigationTimeout(8000);
    console.log(`[SCREENSHOT] Navigating to URL: ${targetUrl}`);
    await page.goto(targetUrl, { waitUntil: 'domcontentloaded' });
    console.log(`[SCREENSHOT] Checking if body element exists`);
    await page.evaluate(() => {
      const selector = 'body';
      return new Promise((resolve, reject) => {
@@ -46,13 +122,20 @@ const screenshotHandler = async (targetUrl) => {
      });
    });
    console.log(`[SCREENSHOT] Taking screenshot`);
    const screenshotBuffer = await page.screenshot();
    console.log(`[SCREENSHOT] Converting screenshot to base64`);
    const base64Screenshot = screenshotBuffer.toString('base64');
    console.log(`[SCREENSHOT] Screenshot complete, returning image`);
    return { image: base64Screenshot };
-
+  } catch (error) {
    console.error(`[SCREENSHOT] Puppeteer screenshot failed: ${error.message}`);
    throw error;
  } finally {
    if (browser !== null) {
      console.log(`[SCREENSHOT] Closing browser`);
      await browser.close();
    }
  }
--- a/package.json
+++ b/package.json
@@ -1,7 +1,7 @@
 {
  "name": "web-check",
  "type": "module",
-  "version": "2.0.0",
+  "version": "2.0.1",
  "homepage": "https://web-check.xyz",
  "scripts": {
    "start": "node server",
--- a/src/layouts/MetaTags.astro
+++ b/src/layouts/MetaTags.astro
@@ -22,7 +22,7 @@ const siteInfo = {
  site: import.meta.env.SITE_URL || 'https://web-check.xyz',
  analytics: {
    enable: import.meta.env.ENABLE_ANALYTICS,
-    domain: 'web-check.xyz',
+    domain: 'web-check.as93.net',
    script: 'https://no-track.as93.net/js/script.js',
  },
 };
@@ -92,8 +92,7 @@ const makeBreadcrumbs = () => {
 <!-- Non-tracking hit counter -->
 {analytics.enable && (
-  <script defer is:inline type="text/partytown"
+  <script defer data-domain={analytics.domain} src={analytics.script}></script>
    data-domain={analytics.domain} src={analytics.script}></script>
 )}
 <!-- Schema.org markup for Google -->
Author	SHA1	Message	Date
liss-bot	0a13335fde	docs: Updates contributors list	2025-04-27 03:20:38 +01:00
Alicia Sykes	50a11a5f50	Merge pull request #243 from Lissy93/sec/fix-com-inj-vul security: Replace exec with execFile	2025-04-12 12:13:01 +01:00
Alicia Sykes	145711bdc7	ref: Bump version to 2.0.1	2025-04-12 12:12:51 +01:00
Alicia Sykes	0e4958aa10	security: Replace exec with execFile	2025-04-12 12:11:11 +01:00
Alicia Sykes	99653868c7	ref: Update data-domain	2025-04-03 13:05:33 +01:00
Alicia Sykes	20d08290af	Merge pull request #228 from CrazyWolf13/patch-1 Really fix the screenshot api endpoint	2025-03-29 10:51:22 +00:00
Alicia Sykes	90883843e6	Merge pull request #237 from Lissy93/contributors-readme-action-8zk_vySnji docs(contributor): contributors readme action update	2025-03-29 10:48:40 +00:00
liss-bot	eb63741e04	docs: Updates contributors list	2025-03-23 02:18:05 +00:00
Tobias	bbf519e110	fix screenshot.js	2025-02-26 13:55:48 +01:00