sfan5/0readme.txt

## 0readme.txt
What you need:
* nginx
* dependencies to build CutyCapt (http://cutycapt.sourceforge.net/)

Steps:
* build CutyCapt with CutyCapt.patch applied and copy the executable somewhere
* install nginx and edit the config as outlined in nginx.conf
* change the paths to nginx, the nginx config and the patched cutycapt in renewcf.sh
* start nginx
* ensure that renewcf.sh runs every 55 minutes

* http://yourdomain.com/some_path/ now points to https://cf-ddos-protected-site.example.com/
* e.g. http://yourdomain.com/some_path/blog/2015/07/14/foobar -> https://cf-ddos-protected-site.example.com/blog/2015/07/14/foobar

## CutyCapt.patch
diff -u -r CutyCapt.orig/CutyCapt.cpp CutyCapt/CutyCapt.cpp
--- CutyCapt.orig/CutyCapt.cpp	2015-07-09 19:40:34.311891000 +0200
+++ CutyCapt/CutyCapt.cpp	2015-07-09 21:35:36.077458663 +0200
@@ -27,15 +27,12 @@
 #include <QtWebKit>
 #include <QtGui>
 #include <QSvgGenerator>
-
-#if QT_VERSION < 0x050000
 #include <QPrinter>
-#endif
-
 #include <QTimer>
 #include <QByteArray>
 #include <QNetworkRequest>
 #include <QNetworkProxy>
+#include <iostream>
 #include "CutyCapt.hpp"

 #if QT_VERSION >= 0x040600 && 0
@@ -76,6 +73,8 @@
   { CutyCapt::OtherFormat,       "",            ""      }
 };

+const char *argUrl = NULL;
+
 QString
 CutyPage::chooseFile(QWebFrame* /*frame*/, const QString& /*suggestedFile*/) {
   return QString::null;
@@ -270,6 +269,18 @@

   mPage->setViewportSize( mainFrame->contentsSize() );

+  QUrl url = QUrl::fromEncoded(argUrl);
+  QString ua = mPage->userAgentForUrl(url);
+  std::cout << "proxy_set_header User-Agent \"" << ua.toStdString() << "\";" << std::endl;
+  QList<QNetworkCookie> cl = mPage->networkAccessManager()->cookieJar()->cookiesForUrl(url);
+  std::cout << "proxy_set_header Cookie \"";
+  for(QList<QNetworkCookie>::const_iterator ci = cl.cbegin(); ci != cl.cend(); ci++) {
+    std::cout << ci->toRawForm(QNetworkCookie::NameAndValueOnly).constData();
+    if(*ci != cl.last())
+      std::cout << "; ";
+  }
+  std::cout << "\";" << std::endl;
+
   switch (mFormat) {
     case SvgFormat: {
       QSvgGenerator svg;
@@ -408,7 +419,7 @@
   int argVerbosity = 0;
   int argSmooth = 0;

-  const char* argUrl = NULL;
+  //const char* argUrl = NULL;
   const char* argUserStyle = NULL;
   const char* argUserStylePath = NULL;
   const char* argUserStyleString = NULL;
@@ -705,6 +716,9 @@
     SLOT(JavaScriptWindowObjectCleared()));
 #endif

+  QNetworkCookieJar *jar = new QNetworkCookieJar();
+  page.networkAccessManager()->setCookieJar(jar);
+
   app.connect(page.networkAccessManager(),
     SIGNAL(sslErrors(QNetworkReply*, QList<QSslError>)),
     &main,
diff -u -r CutyCapt.orig/CutyCapt.hpp CutyCapt/CutyCapt.hpp
--- CutyCapt.orig/CutyCapt.hpp	2015-07-09 19:40:34.311891000 +0200
+++ CutyCapt/CutyCapt.hpp	2015-07-09 21:18:40.880361201 +0200
@@ -15,6 +15,7 @@
   void setPrintAlerts(bool printAlerts);
   void setCutyCapt(CutyCapt* cutyCapt);
   QString getAlertString();
+  QString userAgentForUrl(const QUrl& url) const;

 protected:
   QString chooseFile(QWebFrame *frame, const QString& suggestedFile);
@@ -22,7 +23,6 @@
   bool javaScriptPrompt(QWebFrame* frame, const QString& msg, const QString& defaultValue, QString* result);
   void javaScriptAlert(QWebFrame* frame, const QString& msg);
   bool javaScriptConfirm(QWebFrame* frame, const QString& msg);
-  QString userAgentForUrl(const QUrl& url) const;
   QString mUserAgent;
   QString mAlertString;
   bool mPrintAlerts;
diff -u -r CutyCapt.orig/CutyCapt.pro CutyCapt/CutyCapt.pro
--- CutyCapt.orig/CutyCapt.pro	2015-07-09 19:40:34.311891000 +0200
+++ CutyCapt/CutyCapt.pro	2015-07-09 20:53:49.227671076 +0200
@@ -4,7 +4,7 @@
 CONFIG   +=  qt console

 greaterThan(QT_MAJOR_VERSION, 4): {
-  QT       +=  webkitwidgets
+  QT       +=  webkitwidgets printsupport
 }

 contains(CONFIG, static): {

## nginx.conf
[...]

http {
	[...]
	server {
		[...]
		location /some_path/ {
			proxy_pass https://cf-ddos-protected-site.example.com/;
			proxy_ssl_server_name on;
			proxy_http_version 1.1;
			include cloudflare.conf;
		}
	}
}

## renewcf.sh
#!/bin/bash

# renews cloudflare anti-ddos cookies (they expire every hour)

function renew {
	echo "Renewing CF cookies for $1"
	/path/to/patched/cutycapt \
		"--url=$1" --out=/dev/null \
		--out-format=png --delay=5000 > "/path/to/nginx/conf/$2"
}

renew "https://cf-ddos-protected-site.example.com/" "cloudflare.conf"

/path/to/nginx -s reload

echo "done."
	What you need:
	* nginx
	* dependencies to build CutyCapt (http://cutycapt.sourceforge.net/)

	Steps:
	* build CutyCapt with CutyCapt.patch applied and copy the executable somewhere
	* install nginx and edit the config as outlined in nginx.conf
	* change the paths to nginx, the nginx config and the patched cutycapt in renewcf.sh
	* start nginx
	* ensure that renewcf.sh runs every 55 minutes

	* http://yourdomain.com/some_path/ now points to https://cf-ddos-protected-site.example.com/
	* e.g. http://yourdomain.com/some_path/blog/2015/07/14/foobar -> https://cf-ddos-protected-site.example.com/blog/2015/07/14/foobar
	diff -u -r CutyCapt.orig/CutyCapt.cpp CutyCapt/CutyCapt.cpp
	--- CutyCapt.orig/CutyCapt.cpp 2015-07-09 19:40:34.311891000 +0200
	+++ CutyCapt/CutyCapt.cpp 2015-07-09 21:35:36.077458663 +0200
	@@ -27,15 +27,12 @@
	#include <QtWebKit>
	#include <QtGui>
	#include <QSvgGenerator>
	-
	-#if QT_VERSION < 0x050000
	#include <QPrinter>
	-#endif
	-
	#include <QTimer>
	#include <QByteArray>
	#include <QNetworkRequest>
	#include <QNetworkProxy>
	+#include <iostream>
	#include "CutyCapt.hpp"

	#if QT_VERSION >= 0x040600 && 0
	@@ -76,6 +73,8 @@
	{ CutyCapt::OtherFormat, "", "" }
	};

	+const char *argUrl = NULL;
	+
	QString
	CutyPage::chooseFile(QWebFrame* /frame/, const QString& /suggestedFile/) {
	return QString::null;
	@@ -270,6 +269,18 @@

	mPage->setViewportSize( mainFrame->contentsSize() );

	+ QUrl url = QUrl::fromEncoded(argUrl);
	+ QString ua = mPage->userAgentForUrl(url);
	+ std::cout << "proxy_set_header User-Agent \"" << ua.toStdString() << "\";" << std::endl;
	+ QList<QNetworkCookie> cl = mPage->networkAccessManager()->cookieJar()->cookiesForUrl(url);
	+ std::cout << "proxy_set_header Cookie \"";
	+ for(QList<QNetworkCookie>::const_iterator ci = cl.cbegin(); ci != cl.cend(); ci++) {
	+ std::cout << ci->toRawForm(QNetworkCookie::NameAndValueOnly).constData();
	+ if(*ci != cl.last())
	+ std::cout << "; ";
	+ }
	+ std::cout << "\";" << std::endl;
	+
	switch (mFormat) {
	case SvgFormat: {
	QSvgGenerator svg;
	@@ -408,7 +419,7 @@
	int argVerbosity = 0;
	int argSmooth = 0;

	- const char* argUrl = NULL;
	+ //const char* argUrl = NULL;
	const char* argUserStyle = NULL;
	const char* argUserStylePath = NULL;
	const char* argUserStyleString = NULL;
	@@ -705,6 +716,9 @@
	SLOT(JavaScriptWindowObjectCleared()));
	#endif

	+ QNetworkCookieJar *jar = new QNetworkCookieJar();
	+ page.networkAccessManager()->setCookieJar(jar);
	+
	app.connect(page.networkAccessManager(),
	SIGNAL(sslErrors(QNetworkReply*, QList<QSslError>)),
	&main,
	diff -u -r CutyCapt.orig/CutyCapt.hpp CutyCapt/CutyCapt.hpp
	--- CutyCapt.orig/CutyCapt.hpp 2015-07-09 19:40:34.311891000 +0200
	+++ CutyCapt/CutyCapt.hpp 2015-07-09 21:18:40.880361201 +0200
	@@ -15,6 +15,7 @@
	void setPrintAlerts(bool printAlerts);
	void setCutyCapt(CutyCapt* cutyCapt);
	QString getAlertString();
	+ QString userAgentForUrl(const QUrl& url) const;

	protected:
	QString chooseFile(QWebFrame *frame, const QString& suggestedFile);
	@@ -22,7 +23,6 @@
	bool javaScriptPrompt(QWebFrame* frame, const QString& msg, const QString& defaultValue, QString* result);
	void javaScriptAlert(QWebFrame* frame, const QString& msg);
	bool javaScriptConfirm(QWebFrame* frame, const QString& msg);
	- QString userAgentForUrl(const QUrl& url) const;
	QString mUserAgent;
	QString mAlertString;
	bool mPrintAlerts;
	diff -u -r CutyCapt.orig/CutyCapt.pro CutyCapt/CutyCapt.pro
	--- CutyCapt.orig/CutyCapt.pro 2015-07-09 19:40:34.311891000 +0200
	+++ CutyCapt/CutyCapt.pro 2015-07-09 20:53:49.227671076 +0200
	@@ -4,7 +4,7 @@
	CONFIG += qt console

	greaterThan(QT_MAJOR_VERSION, 4): {
	- QT += webkitwidgets
	+ QT += webkitwidgets printsupport
	}

	contains(CONFIG, static): {
	[...]

	http {
	[...]
	server {
	[...]
	location /some_path/ {
	proxy_pass https://cf-ddos-protected-site.example.com/;
	proxy_ssl_server_name on;
	proxy_http_version 1.1;
	include cloudflare.conf;
	}
	}
	}
	#!/bin/bash

	# renews cloudflare anti-ddos cookies (they expire every hour)

	function renew {
	echo "Renewing CF cookies for $1"
	/path/to/patched/cutycapt \
	"--url=$1" --out=/dev/null \
	--out-format=png --delay=5000 > "/path/to/nginx/conf/$2"
	}

	renew "https://cf-ddos-protected-site.example.com/" "cloudflare.conf"

	/path/to/nginx -s reload

	echo "done."