通过 Cloudflare Worker 生成特定域名的全部 CNAME DNS 记录网页
通过 Cloudflare 的 Worker 和 API,得到域名 tianheg.org 全部 CNAME DNS 记录,并生成网页。
最终页面:tianheg.org,代码:tianheg/cloudflare-domain-cname
我前后进行了几次发布(publish),其中有一次我发现自己把通过 API 获得的全部信息都暴露到网页的 <script> 标签下,这样做不安全。错误代码:
1const end_point = `https://api.cloudflare.com/client/v4/zones/${ZONE_ID}/dns_records/?type=cname`;
2const response = await fetch(end_point, {
3 headers: {
4 'X-Auth-Email': AUTH_EMAIL,
5 'Authorization': `Bearer ${AUTH_KEY}`,
6 'Content-Type': 'application/json',
7 },
8});
9
10const results = await response.json();
11const records = results.result;
12
13const html = records => `
14 <script>
15 window.projects = ${JSON.stringify(records)}
16 </script>
17`修改后的代码:
1const end_point = `https://api.cloudflare.com/client/v4/zones/${ZONE_ID}/dns_records/?type=cname`;
2const response = await fetch(end_point, {
3 headers: {
4 'X-Auth-Email': AUTH_EMAIL,
5 'Authorization': `Bearer ${AUTH_KEY}`,
6 'Content-Type': 'application/json',
7 },
8});
9
10const results = await response.json();
11const records = results.result;
12
13const domainList = records
14 .map(
15 (project) =>
16 `<li><a href="https://${project.name}" target="_blank">${project.name}</a></li>`
17 )
18 .join('');