I-ProHoster > Блог > izindaba ze-inthanethi > Ukukhishwa kwe-nginx 1.19.3 kanye ne-njs 0.4.4

Ukukhishwa kwe-nginx 1.19.3 kanye ne-njs 0.4.4

Kwakhiwe ukukhishwa komfula nginx 1.19.3, lapho ukuthuthukiswa kwamakhono amasha kuqhubeka khona (ngokuhambisanayo kusekelwe ukuzinza igatsha 1.18 Izinguquko ezihlobene kuphela nokuqedwa kwamaphutha amakhulu kanye nokuba sengozini okwenziwayo).

main shintsha:

  • Imojula ifakiwe ngx_stream_set_module, okukuvumela ukuthi unikeze inani kokuguquguqukayo

    iseva {
    lalela i-12345;
    setha i-$ 1 yeqiniso;
    }

  • Isiqondiso sengeziwe amafulegi_ekhukhi_lommeleli ukucacisa amafulegi Amakhukhi kuxhumo olunamaphroksi. Isibonelo, ukwengeza ifulegi elithi “httponly” ku-Cookie “one”, kanye namafulegi “e-nosecure” kanye “ne-samesite=strict” kuwo wonke amanye ama-Cookies, ungasebenzisa ukwakhiwa okulandelayo:

    i-proxy_cookie_flags eyodwa httpkuphela;
    proxy_cookie_flags ~ nosecure samesite=strict;

  • Isiqondiso esifanayo userid_flags yokwengeza amafulegi ku-Cookie iphinde isetshenziswe kumojula ye-ngx_http_userid.

Ngasikhathi sinye kwenzeka ukukhululwa ngi 0.4.4, umhumushi we-JavaScript weseva yewebhu ye-nginx. Umhumushi we-njs usebenzisa amazinga e-ECMAScript futhi ikuvumela ukuthi unwebe ikhono le-nginx lokucubungula izicelo usebenzisa imibhalo ekucushweni. Imibhalo ingasetshenziswa efayeleni lokumisa ukuchaza ingqondo ethuthukile yokucubungula izicelo, ukukhiqiza ukuhlela, ukukhiqiza impendulo enamandla, ukuguqula isicelo/impendulo, noma ukudala ngokushesha ama-stubs ukuxazulula izinkinga kuzinhlelo zokusebenza zewebhu. Enguqulweni entsha:

  • Ukwesekwa okwengeziwe kokuhlukaniswa okubonakalayo kwamadijithi ezinombolweni (isibonelo, “1_000”).
  • Kusetshenziswe izindlela ezingekho ze-%TypedArray%.prototype: every(), filter(), find(), findIndex(), forEach(), kuhlanganisa(), indexOf(), lastIndexOf(), map(), nciphisa(), reduceRight(), reverse(), some().
  • Kusetshenziswe izindlela ezingekho ze-%TypedArray%: kusuka ku(), kwe().
  • Kusetshenziswe into ye-DataView.

    : >> (i-DataView entsha(buf.buffer)).getUint16()
    : 32974

  • Into ye-Buffer esetshenzisiwe.

    : >> var buf = Buffer.from([0x80,206,177,206,178])
    : okungachazwanga
    : >> buf.slice(1).toString()
    : 'abe'
    : >> buf.toString('base64')
    : 'gM6xzrI='

  • Usekelo lwento ye-Buffer eyengeziwe ezindleleni ze-"crypto" kanye ne-"fs", futhi kwaqinisekisa ukuthi i-fs.readFile(), i-Hash.prototype.digest() kanye ne-Hmac.prototype.digest() ibuyise isenzakalo sento ye-Buffer.
  • Usekelo lwe-ArrayBuffer lwengezwe kundlela ye-TextDecoder.prototype.decode().

Source: opennet.ru

Engeza amazwana