Skip to content

Commit cca2b78

Browse files
setubesetube
committed
feat: 扩展响应头和 API 匹配规则
1 parent 4b882f2 commit cca2b78

10 files changed

Lines changed: 531 additions & 5 deletions

File tree

public/rules/headers/header-patterns.json

Lines changed: 262 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -94,7 +94,9 @@
9494
},
9595
{
9696
"name": "Go",
97-
"patterns": ["gorilla\\.csrf|go-http-client|golang"],
97+
"patterns": [
98+
"gorilla\\.csrf|go-http-client|golang|(?:^|\\n)(?:server|x-powered-by):.*(?:gin|fiber|echo|beego|hertz|cloudwego|goframe|go\\s*frame|go-kratos|kratos|\\biris\\b|gobuffalo|\\bbuffalo\\b)"
99+
],
98100
"evidence": "响应头、Cookie 名称或 URL 包含后端框架线索"
99101
},
100102
{
@@ -164,6 +166,31 @@
164166
"patterns": ["(?:^|\\n)x-nf-request-id:"],
165167
"evidence": "存在 x-nf-request-id 响应头"
166168
},
169+
{
170+
"name": "Render",
171+
"patterns": ["(?:^|\\n)rndr-id:", "(?:^|\\n)x-render-origin-server:"],
172+
"evidence": "存在 Render 响应头"
173+
},
174+
{
175+
"name": "Fly.io",
176+
"patterns": ["(?:^|\\n)fly-(?:request-id|cache-status|region):"],
177+
"evidence": "存在 Fly.io 响应头"
178+
},
179+
{
180+
"name": "Railway",
181+
"patterns": ["(?:^|\\n)x-railway-(?:request-id|edge):", "server:.*railway-edge"],
182+
"evidence": "存在 Railway 响应头"
183+
},
184+
{
185+
"name": "Heroku",
186+
"patterns": ["via:.*\\bvegur\\b"],
187+
"evidence": "Via 包含 Heroku router 线索"
188+
},
189+
{
190+
"name": "Deno Deploy",
191+
"patterns": ["(?:^|\\n)x-deno-ray:"],
192+
"evidence": "存在 Deno Deploy 响应头"
193+
},
167194
{
168195
"name": "AWS CloudFront",
169196
"patterns": ["(?:^|\\n)x-amz-cf-(?:id|pop):", "x-cache:.*cloudfront", "via:.*cloudfront"],
@@ -361,6 +388,240 @@
361388
}
362389
]
363390
},
391+
{
392+
"defaults": {
393+
"category": "支付系统",
394+
"confidence": ""
395+
},
396+
"rules": [
397+
{
398+
"name": "Stripe",
399+
"patterns": ["url: https?://(?:[a-z0-9-]+\\.)*stripe\\.(?:com|network)/"],
400+
"evidence": "响应 URL 指向 Stripe 服务"
401+
},
402+
{
403+
"name": "PayPal",
404+
"patterns": ["url: https?://(?:[a-z0-9-]+\\.)*(?:paypal|paypalobjects)\\.com/"],
405+
"evidence": "响应 URL 指向 PayPal 服务"
406+
},
407+
{
408+
"name": "Paddle",
409+
"patterns": ["url: https?://(?:[a-z0-9-]+\\.)*(?:paddle|paddlecdn)\\.com/"],
410+
"evidence": "响应 URL 指向 Paddle 服务"
411+
}
412+
]
413+
},
414+
{
415+
"defaults": {
416+
"category": "SaaS / 第三方服务",
417+
"confidence": ""
418+
},
419+
"rules": [
420+
{
421+
"name": "Supabase",
422+
"patterns": ["(?:^|\\n)x-supabase-api-version:", "url: https?://[^\\s/]+\\.supabase\\.co/"],
423+
"evidence": "响应头或响应 URL 指向 Supabase 服务"
424+
},
425+
{
426+
"name": "Auth0",
427+
"patterns": ["url: https?://[^\\s/]+\\.auth0\\.com/"],
428+
"evidence": "响应 URL 指向 Auth0 服务"
429+
},
430+
{
431+
"name": "Clerk",
432+
"patterns": ["url: https?://(?:api\\.)?clerk\\.(?:com|dev)/", "url: https?://[^\\s/]+\\.clerk\\.accounts\\.dev/"],
433+
"evidence": "响应 URL 指向 Clerk 服务"
434+
},
435+
{
436+
"name": "Sentry",
437+
"patterns": ["url: https?://[^\\s/]+\\.sentry\\.io/"],
438+
"evidence": "响应 URL 指向 Sentry 服务"
439+
},
440+
{
441+
"name": "PostHog",
442+
"patterns": ["url: https?://[^\\s/]+\\.posthog\\.com/"],
443+
"evidence": "响应 URL 指向 PostHog 服务"
444+
},
445+
{
446+
"name": "Plausible",
447+
"patterns": ["url: https?://(?:[a-z0-9-]+\\.)*plausible\\.io/"],
448+
"evidence": "响应 URL 指向 Plausible 服务"
449+
}
450+
]
451+
},
452+
{
453+
"defaults": {
454+
"category": "AI / 大模型",
455+
"confidence": ""
456+
},
457+
"rules": [
458+
{
459+
"name": "OpenAI API",
460+
"patterns": ["url: https?://api\\.openai\\.com/", "url: https?://chatgpt\\.com/backend-api/"],
461+
"evidence": "响应 URL 指向 OpenAI API"
462+
},
463+
{
464+
"name": "Azure OpenAI Service",
465+
"patterns": ["url: https?://[a-z0-9-]+\\.openai\\.azure\\.com/openai/"],
466+
"evidence": "响应 URL 指向 Azure OpenAI 服务"
467+
},
468+
{
469+
"name": "Anthropic API",
470+
"patterns": ["url: https?://api\\.anthropic\\.com/", "url: https?://claude\\.ai/api/"],
471+
"evidence": "响应 URL 指向 Anthropic API"
472+
},
473+
{
474+
"name": "Google Gemini API",
475+
"patterns": ["url: https?://generativelanguage\\.googleapis\\.com/", "url: https?://aiplatform\\.googleapis\\.com/"],
476+
"evidence": "响应 URL 指向 Google Gemini / Vertex AI API"
477+
},
478+
{
479+
"name": "Perplexity API",
480+
"patterns": ["url: https?://api\\.perplexity\\.ai/"],
481+
"evidence": "响应 URL 指向 Perplexity API"
482+
},
483+
{
484+
"name": "Hugging Face Inference API",
485+
"patterns": ["url: https?://api-inference\\.huggingface\\.co/", "url: https?://[^\\s/]+\\.hf\\.space/"],
486+
"evidence": "响应 URL 指向 Hugging Face 推理服务"
487+
},
488+
{
489+
"name": "Replicate API",
490+
"patterns": ["url: https?://api\\.replicate\\.com/", "url: https?://replicate\\.delivery/"],
491+
"evidence": "响应 URL 指向 Replicate API"
492+
},
493+
{
494+
"name": "AWS Bedrock",
495+
"patterns": [
496+
"url: https?://bedrock-runtime\\.[a-z0-9-]+\\.amazonaws\\.com/",
497+
"url: https?://bedrock\\.[a-z0-9-]+\\.amazonaws\\.com/"
498+
],
499+
"evidence": "响应 URL 指向 AWS Bedrock"
500+
},
501+
{
502+
"name": "Cloudflare AI Gateway",
503+
"patterns": [
504+
"url: https?://gateway\\.ai\\.cloudflare\\.com/",
505+
"url: https?://api\\.cloudflare\\.com/client/v4/accounts/[^\\s/]+/ai-gateway/"
506+
],
507+
"evidence": "响应 URL 指向 Cloudflare AI Gateway"
508+
},
509+
{
510+
"name": "Cloudflare Workers AI",
511+
"patterns": ["url: https?://api\\.cloudflare\\.com/client/v4/accounts/[^\\s/]+/ai/run/"],
512+
"evidence": "响应 URL 指向 Cloudflare Workers AI"
513+
},
514+
{
515+
"name": "Cohere API",
516+
"patterns": ["url: https?://api\\.cohere\\.ai/"],
517+
"evidence": "响应 URL 指向 Cohere API"
518+
},
519+
{
520+
"name": "Mistral AI API",
521+
"patterns": ["url: https?://api\\.mistral\\.ai/"],
522+
"evidence": "响应 URL 指向 Mistral AI API"
523+
},
524+
{
525+
"name": "Together AI",
526+
"patterns": ["url: https?://api\\.together\\.xyz/"],
527+
"evidence": "响应 URL 指向 Together AI"
528+
},
529+
{
530+
"name": "Groq API",
531+
"patterns": ["url: https?://api\\.groq\\.com/"],
532+
"evidence": "响应 URL 指向 Groq API"
533+
},
534+
{
535+
"name": "xAI API",
536+
"patterns": ["url: https?://api\\.x\\.ai/"],
537+
"evidence": "响应 URL 指向 xAI API"
538+
},
539+
{
540+
"name": "DeepSeek API",
541+
"patterns": ["url: https?://api\\.deepseek\\.com/"],
542+
"evidence": "响应 URL 指向 DeepSeek API"
543+
},
544+
{
545+
"name": "Moonshot AI / Kimi",
546+
"patterns": ["url: https?://api\\.moonshot\\.cn/", "url: https?://kimi\\.moonshot\\.cn/"],
547+
"evidence": "响应 URL 指向 Moonshot / Kimi API"
548+
},
549+
{
550+
"name": "MiniMax API",
551+
"patterns": ["url: https?://api\\.minimax\\.chat/"],
552+
"evidence": "响应 URL 指向 MiniMax API"
553+
},
554+
{
555+
"name": "SiliconFlow",
556+
"patterns": ["url: https?://api\\.siliconflow\\.cn/"],
557+
"evidence": "响应 URL 指向 SiliconFlow API"
558+
},
559+
{
560+
"name": "Fireworks AI",
561+
"patterns": ["url: https?://api\\.fireworks\\.ai/"],
562+
"evidence": "响应 URL 指向 Fireworks AI API"
563+
},
564+
{
565+
"name": "Cerebras Inference",
566+
"patterns": ["url: https?://api\\.cerebras\\.ai/"],
567+
"evidence": "响应 URL 指向 Cerebras Inference API"
568+
},
569+
{
570+
"name": "NVIDIA NIM",
571+
"patterns": [
572+
"url: https?://integrate\\.api\\.nvidia\\.com/",
573+
"url: https?://ai\\.api\\.nvidia\\.com/v1/",
574+
"url: https?://api\\.nvcf\\.nvidia\\.com/"
575+
],
576+
"evidence": "响应 URL 指向 NVIDIA NIM / NVCF API"
577+
},
578+
{
579+
"name": "SambaNova Cloud",
580+
"patterns": ["url: https?://api\\.sambanova\\.ai/"],
581+
"evidence": "响应 URL 指向 SambaNova Cloud API"
582+
},
583+
{
584+
"name": "Novita AI",
585+
"patterns": ["url: https?://api\\.novita\\.ai/"],
586+
"evidence": "响应 URL 指向 Novita AI API"
587+
},
588+
{
589+
"name": "ModelScope / 魔搭",
590+
"patterns": ["url: https?://api-inference\\.modelscope\\.cn/"],
591+
"evidence": "响应 URL 指向 ModelScope 推理 API"
592+
},
593+
{
594+
"name": "OpenRouter",
595+
"patterns": ["url: https?://openrouter\\.ai/api/"],
596+
"evidence": "响应 URL 指向 OpenRouter API"
597+
},
598+
{
599+
"name": "Alibaba DashScope / 通义千问",
600+
"patterns": ["url: https?://dashscope\\.aliyuncs\\.com/", "url: https?://dashscope\\.aliyun\\.com/"],
601+
"evidence": "响应 URL 指向 Alibaba DashScope API"
602+
},
603+
{
604+
"name": "Volcengine Ark / 火山方舟",
605+
"patterns": ["url: https?://ark\\.cn-beijing\\.volces\\.com/", "url: https?://ark\\.volces\\.com/"],
606+
"evidence": "响应 URL 指向火山方舟 API"
607+
},
608+
{
609+
"name": "Baidu Qianfan / 文心千帆",
610+
"patterns": ["url: https?://qianfan\\.baidu\\.com/", "url: https?://aip\\.baidubce\\.com/rpc/2\\.0/ai_custom/"],
611+
"evidence": "响应 URL 指向百度千帆 API"
612+
},
613+
{
614+
"name": "Zhipu AI / 智谱 GLM",
615+
"patterns": ["url: https?://open\\.bigmodel\\.cn/"],
616+
"evidence": "响应 URL 指向智谱 GLM API"
617+
},
618+
{
619+
"name": "iFlytek Spark / 讯飞星火",
620+
"patterns": ["url: https?://spark-api\\.xf-yun\\.com/"],
621+
"evidence": "响应 URL 指向讯飞星火 API"
622+
}
623+
]
624+
},
364625
{
365626
"defaults": {
366627
"category": "后端 / 服务器框架"

public/rules/headers/interesting-headers.json

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,15 @@
1515
"x-vercel-id",
1616
"x-matched-path",
1717
"x-nf-request-id",
18+
"rndr-id",
1819
"x-render-origin-server",
20+
"fly-request-id",
21+
"fly-cache-status",
22+
"fly-region",
23+
"x-railway-request-id",
24+
"x-railway-edge",
25+
"x-deno-ray",
26+
"x-supabase-api-version",
1927
"cf-ray",
2028
"cf-cache-status",
2129
"cf-polished",

public/rules/headers/languages.json

Lines changed: 17 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,8 @@
66
"patterns": [
77
"x-powered-by:.*php",
88
"server:.*php",
9+
"x-powered-by:.*(?:frankenphp|roadrunner|swoole|openswoole)",
10+
"server:.*(?:frankenphp|roadrunner|swoole|openswoole)",
911
"set-cookie:.*phpsessid",
1012
"\\.php(?:\\?|#|$)",
1113
"x-generator:.*(?:wordpress|drupal|joomla|discuz|thinkphp)"
@@ -17,15 +19,23 @@
1719
},
1820
{
1921
"name": "Python",
20-
"patterns": ["x-powered-by:.*(?:django|flask|fastapi)", "server:.*(?:uvicorn|gunicorn|werkzeug)", "set-cookie:.*csrftoken"]
22+
"patterns": [
23+
"x-powered-by:.*(?:django|flask|fastapi|starlette|sanic)",
24+
"server:.*(?:uvicorn|gunicorn|uwsgi|werkzeug|hypercorn|daphne|waitress|granian)",
25+
"set-cookie:.*csrftoken"
26+
]
2127
},
2228
{
2329
"name": "Ruby",
24-
"patterns": ["x-powered-by:.*rails", "server:.*(?:puma|unicorn|passenger)", "x-runtime:"]
30+
"patterns": ["x-powered-by:.*(?:rails|phusion passenger|passenger)", "server:.*(?:puma|unicorn|passenger)", "x-runtime:"]
2531
},
2632
{
2733
"name": "Java / JVM",
28-
"patterns": ["set-cookie:.*jsessionid", "server:.*(?:tomcat|jetty|undertow|wildfly|weblogic|websphere)"]
34+
"patterns": [
35+
"set-cookie:.*jsessionid",
36+
"x-powered-by:.*(?:quarkus|micronaut|ktor|helidon|dropwizard|javalin|ratpack|vert\\.x|vertx|akka)",
37+
"server:.*(?:tomcat|jetty|undertow|wildfly|weblogic|websphere|quarkus|micronaut|ktor|helidon|dropwizard|javalin|ratpack|vert\\.x|vertx|akka)"
38+
]
2939
},
3040
{
3141
"name": "JSP / JavaServer Pages",
@@ -71,7 +81,10 @@
7181
},
7282
{
7383
"name": "Go",
74-
"patterns": ["x-powered-by:.*(?:gin|fiber|go)", "server:.*caddy"]
84+
"patterns": [
85+
"x-powered-by:.*(?:gin|fiber|echo|beego|hertz|cloudwego|goframe|go\\s*frame|go-kratos|kratos|\\biris\\b|gobuffalo|\\bbuffalo\\b|\\bgo\\b)",
86+
"server:.*(?:caddy|gin|fiber|echo|beego|hertz|cloudwego|goframe|go\\s*frame|go-kratos|kratos|\\biris\\b|gobuffalo|\\bbuffalo\\b)"
87+
]
7588
},
7689
{
7790
"name": "Rust",

0 commit comments

Comments
 (0)