roblox-js - npm Package Compare versions
Comparing version 2.2.3 to 2.2.4
| // Dependencies | ||
| var parser = require('cheerio'); | ||
| var dns = require('dns'); | ||
@@ -8,2 +9,4 @@ // Includes | ||
| var getGeneralToken = require('./util/getGeneralToken.js').func; | ||
| var getSession = require('./util/getSession.js').func; | ||
| var options = require('./options.js'); | ||
@@ -17,15 +20,34 @@ // Args | ||
| var $ = parser.load(body); | ||
| return $('#JoinRequestsList').find('td:contains(\'' + username + '\')').parent().find('[data-rbx-join-request]').attr('data-rbx-join-request'); // Yes this is technically vulnerable to injection, but the module will assume that whoever is entering information is correctly sanitizing it. | ||
| var found = $('#JoinRequestsList').find('td'); | ||
| var len = found.length; | ||
| if (len === 0) { | ||
| return false; | ||
| } | ||
| for (var i = 0; i < len; i++) { | ||
| var element = found.eq(i); | ||
| if (element.text() === username) { | ||
| return element.parent().find('[data-rbx-join-request]').attr('data-rbx-join-request'); | ||
| } | ||
| } | ||
| } | ||
| function search (jar, searchUrl, group, username, resolve, reject) { | ||
| function getIp (resolve, reject) { | ||
| dns.lookup('www.roblox.com', function (err, address) { | ||
| if (err) { | ||
| reject(new Error('DNS lookup error: ' + err)); | ||
| return; | ||
| } | ||
| resolve(address); | ||
| }); | ||
| } | ||
| function search (jar, ip, searchUrl, group, username, resolve, reject) { | ||
| var httpOpt = { | ||
| url: '//www.roblox.com' + searchUrl + '?groupId=' + group + '&username=' + username, | ||
| url: '//' + ip + searchUrl + '?groupId=' + group + '&username=' + username, | ||
| options: { | ||
| jar: jar, | ||
| headers: { | ||
| 'Cache-Control': 'max-age=0' | ||
| 'Cookie': '.ROBLOSECURITY=' + getSession({jar: jar}) + ';' | ||
| }, | ||
| followRedirect: false, | ||
| resolveWithFullResponse: true | ||
| resolveWithFullResponse: true, | ||
| rejectUnauthorized: false | ||
| } | ||
@@ -49,13 +71,13 @@ }; | ||
| function joinRequestId (jar, group, username) { | ||
| function joinRequestId (jar, ip, group, username) { | ||
| return function (resolve, reject) { | ||
| var httpOpt = { | ||
| url: '//www.roblox.com/my/groupadmin.aspx?gid=' + group, | ||
| url: '//' + ip + '/My/GroupAdmin.aspx?gid=' + group, | ||
| options: { | ||
| jar: jar, | ||
| headers: { | ||
| 'Cache-Control': 'max-age=0' | ||
| 'Cookie': '.ROBLOSECURITY=' + getSession({jar: jar}) + ';' | ||
| }, | ||
| followRedirect: false, | ||
| resolveWithFullResponse: true | ||
| resolveWithFullResponse: true, | ||
| rejectUnauthorized: false | ||
| } | ||
@@ -70,4 +92,6 @@ }; | ||
| resolve(id); | ||
| } else if (id === false) { | ||
| reject(new Error('No join request was found with that username')); | ||
| } else { | ||
| setTimeout(search, 2000, jar, body.match(/Roblox\.GroupAdmin\.InitializeGlobalVars\(.*".*", "(.*)", .*\)/)[1], group, username, resolve, reject); | ||
| search(jar, ip, body.match(/Roblox\.GroupAdmin\.InitializeGlobalVars\(.*".*", "(.*)", .*\)/)[1], group, username, resolve, reject); | ||
| } | ||
@@ -109,10 +133,14 @@ } else { | ||
| exports.func = function (args) { | ||
| var jar = args.jar; | ||
| return promise(joinRequestId(jar, args.group, args.username)) | ||
| .then(function (requestId) { | ||
| return getGeneralToken({jar: jar}) | ||
| .then(function (xcsrf) { | ||
| return promise(handleJoinRequest(jar, xcsrf, args.accept, requestId)); | ||
| // Because this has to access IPs directly and the IP is treated differently than the hostname to jar files the session is extracted manually. | ||
| var jar = args.jar || options.jar; | ||
| return promise(getIp) | ||
| .then(function (ip) { | ||
| return promise(joinRequestId(jar, ip, args.group, args.username)) | ||
| .then(function (requestId) { | ||
| return getGeneralToken({jar: jar}) | ||
| .then(function (xcsrf) { | ||
| return promise(handleJoinRequest(jar, xcsrf, args.accept, requestId)); | ||
| }); | ||
| }); | ||
| }); | ||
| }; |
| { | ||
| "name": "roblox-js", | ||
| "version": "2.2.3", | ||
| "version": "2.2.4", | ||
| "description": "A node module that provides an interface for performing actions on ROBLOX, mostly for use with their HttpService feature.", | ||
@@ -5,0 +5,0 @@ "main": "lib/index.js", |
@@ -286,3 +286,3 @@ # roblox-js | ||
| ##### group, username, accept[, jar] | ||
| `Accept`s user with `username` into `group`. | ||
| `Accept`s user with `username` into `group`. Note that `username` is case-sensitive. | ||
@@ -289,0 +289,0 @@ **Arguments** |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by1.09%
73965
- Lines of code
- increased by1.56%
1689
Worsened metrics
- Number of medium supply chain risk alerts
- increased byInfinity%
1
No dependency changes