Change plugins behavior

Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>

plugins/inject_header.lua

@@ -0,0 +1,28 @@
+Plugin = {
+  name        = "Inject Header",
+  description = [[
+Inject custom headers into every intercepted request.
+
+**Config**:
+- one 'Header-Name: value' per line.
+  ]],
+  on_request  = { sync = true },
+}
+
+local headers = {}
+
+function on_config(config_text)
+  headers = {}
+  for line in config_text:gmatch("[^\n]+") do
+    local name, value = line:match("^([^:]+):%s*(.+)$")
+    if name and value then
+      table.insert(headers, { name = name, value = value })
+    end
+  end
+end
+
+function on_request(req)
+  for _, h in ipairs(headers) do
+    req:set_header(h.name, h.value)
+  end
+end

plugins/ip_filter.lua

@@ -0,0 +1,75 @@
+Plugin = {
+  name        = "IP Filter (Whitelist/Blacklist)",
+  description = [[
+Checks that the proxy's outbound IP is in an allowed list on startup.
+
+**Config**:
+- one IP per line
+- prefix with `!` for a blacklist entry (blocked)
+- prefix with `#` to comment it out (ignored)
+- if no IPs are configured, the check is skipped
+  ]],
+  on_start = { sync = false },
+}
+
+local whitelist = {}
+local blacklist = {}
+
+function on_config(config_text)
+  whitelist = {}
+  blacklist = {}
+
+  for line in config_text:gmatch("[^\n]+") do
+    local trimmed = line:match("^%s*(.-)%s*$")
+    if trimmed ~= "" and trimmed:sub(1, 1) ~= "#" then
+      if trimmed:sub(1, 1) == "!" then
+        local ip = trimmed:sub(2):match("^%s*(.-)%s*$")
+        if ip ~= "" then
+          table.insert(blacklist, ip)
+        end
+      else
+        table.insert(whitelist, trimmed)
+      end
+    end
+  end
+end
+
+function on_start()
+  if #whitelist == 0 and #blacklist == 0 then
+    return
+  end
+
+  -- Fetch the current outbound IP via a public API.
+  local ok, result = pcall(function()
+    local handle = io.popen("curl -sf https://api.ipify.org 2>/dev/null")
+    if not handle then return nil end
+    local ip = handle:read("*a")
+    handle:close()
+    return ip and ip:match("^%s*(.-)%s*$") or nil
+  end)
+
+  if not ok or not result or result == "" then
+    log("could not determine outbound IP, skipping check")
+    notif("IP Filter", "Could not determine outbound IP, skipping check", "warning")
+    return
+  end
+
+  for _, ip in ipairs(blacklist) do
+    if result == ip then
+      notif("IP Filter", "Outbound IP " .. result .. " is blacklisted!", "error")
+      return
+    end
+  end
+
+  if #whitelist == 0 then
+    return
+  end
+
+  for _, ip in ipairs(whitelist) do
+    if result == ip then
+      return
+    end
+  end
+
+  notif("IP Filter", "Outbound IP " .. result .. " is not in the whitelist!", "error")
+end

plugins/scopes.lua

@@ -0,0 +1,78 @@
+Plugin = {
+  name        = "Scopes",
+  description = [[
+Auto-forward requests and exclude them from history based on patterns.
+
+**Config**:
+- `pattern`  - whitelist: only intercept matching requests
+- `!pattern` - blacklist: don't intercept matching requests and exclude from history
+- lines starting with `#` are comments
+
+Example (ignore static assets):
+```
+!%.css$
+!%.js$
+!%.png$
+```
+
+Example (focus on mytarget.com, skip everything else):
+```
+mytarget%.com/
+```
+
+Example (intercept mytarget.com except its static assets):
+```
+mytarget%.com/
+!%.css$
+!%.js$
+!%.png$
+```
+  ]],
+  priority         = 100,
+  on_request       = { sync = true },
+  on_response       = { sync = true },
+  on_history_entry = { sync = true },
+}
+
+local whitelist = {}
+local blacklist = {}
+
+function on_config(config_text)
+  whitelist = {}
+  blacklist = {}
+  for line in config_text:gmatch("[^\n]+") do
+    local trimmed = line:match("^%s*(.-)%s*$")
+    if trimmed ~= "" and trimmed:sub(1, 1) ~= "#" then
+      if trimmed:sub(1, 1) == "!" then
+        table.insert(blacklist, trimmed:sub(2))
+      else
+        table.insert(whitelist, trimmed)
+      end
+    end
+  end
+end
+
+local function should_skip(url)
+  for _, pattern in ipairs(blacklist) do
+    if url:match(pattern) then return true end
+  end
+  if #whitelist > 0 then
+    for _, pattern in ipairs(whitelist) do
+      if url:match(pattern) then return false end
+    end
+    return true
+  end
+  return false
+end
+
+function on_request(req)
+  if should_skip(req.url) then return "forward" end
+end
+
+function on_response(req)
+  if should_skip(req.url) then return "forward" end
+end
+
+function on_history_entry(entry)
+  if should_skip(entry.host .. entry.path) then return "skip" end
+end