From 92a336d183f54b3f674802bd11045e013c8749d5 Mon Sep 17 00:00:00 2001
From: albertchan <icycore@live.cn>
Date: Fri, 10 Feb 2023 10:27:40 +0800
Subject: [PATCH 1/3] fix: nodejs module import bug in 
 postmanLib.crossRequest.

---
 common/postmanLib.js       | 9 ++-------
 server/controllers/open.js | 2 +-
 2 files changed, 3 insertions(+), 8 deletions(-)

diff --git a/common/postmanLib.js b/common/postmanLib.js
index 00d94fca5..21055bbd9 100644
--- a/common/postmanLib.js
+++ b/common/postmanLib.js
@@ -244,8 +244,9 @@ function sandboxByBrowser(context = {}, script) {
  * @param {*} preScript 
  * @param {*} afterScript 
  * @param {*} commonContext  负责传递一些业务信息，crossRequest 不关注具体传什么，只负责当中间人
+ * @param {*} commonContext  传导 pre-script 的 Enable 标记，适用于Server
  */
-async function crossRequest(defaultOptions, preScript, afterScript, commonContext = {}) {
+async function crossRequest(defaultOptions, preScript, afterScript, commonContext = {}, scriptEnable = true) {
   let options = Object.assign({}, defaultOptions);
   const taskId = options.taskId || Math.random() + '';
   let urlObj = URL.parse(options.url, true),
@@ -300,12 +301,6 @@ async function crossRequest(defaultOptions, preScript, afterScript, commonContex
     axios: axios
   });
 
-  let scriptEnable = false;
-  try {
-    const yapi = require('../server/yapi');
-    scriptEnable = yapi.WEBCONFIG.scriptEnable === true;
-  } catch (err) {}
-
   if (preScript && scriptEnable) {
     context = await sandbox(context, preScript);
     defaultOptions.url = options.url = URL.format({
diff --git a/server/controllers/open.js b/server/controllers/open.js
index 0a711b676..e1902a998 100644
--- a/server/controllers/open.js
+++ b/server/controllers/open.js
@@ -329,7 +329,7 @@ class openController extends baseController {
         this.getUid(),
         interfaceData.project_id,
         interfaceData.interface_id
-      ));
+      ), yapi.WEBCONFIG.scriptEnable === true);
       let res = data.res;
 
       result = Object.assign(result, {

From 272193c61c52ee088a0988b1486f9cb60a3968e9 Mon Sep 17 00:00:00 2001
From: albertchan <icycore@live.cn>
Date: Wed, 22 Feb 2023 20:07:18 +0800
Subject: [PATCH 2/3] fix:  use single instance sandbox coz destroy() can't
 free up memory

---
 server/utils/sandbox.js | 44 +++++++++++++++++++++++++++++------------
 1 file changed, 31 insertions(+), 13 deletions(-)

diff --git a/server/utils/sandbox.js b/server/utils/sandbox.js
index 146dcc1d7..67c5e38f7 100644
--- a/server/utils/sandbox.js
+++ b/server/utils/sandbox.js
@@ -1,17 +1,35 @@
 const Safeify = require('safeify').default;
+const safeVm = new Safeify({
+  timeout: 3000,
+  asyncTimeout: 60000,
+  // true为不受CPU限制，以解决Docker启动问题
+  unrestricted: true,
+  unsafe: {
+    modules: {
+      // 引入assert断言库
+      assert: 'assert'
+    }
+  }
+});
+safeVm.preset('const assert = require("assert");');
 
 module.exports = async function sandboxFn(context, script) {
-    // 创建 safeify 实例
-    const safeVm = new Safeify({
-        timeout: 3000,
-        asyncTimeout: 60000
-    })
+  script += `; return {
+        Function: this.Function,
+        eval: this.eval,
+        header: this.header,
+        query: this.query,
+        body: this.body,
+        mockJson: this.mockJson,
+        params: this.params,
+        resHeader: this.resHeader,
+        httpCode: this.httpCode,
+        delay: this.delay,
+        Random: this.Random,
+        cookie: this.cookie
+    }`;
 
-    script += "; return this;";
-    // 执行动态代码
-    const result = await safeVm.run(script, context)
-
-    // 释放资源
-    safeVm.destroy()
-    return result
-}
+  // 执行动态代码
+  const result = await safeVm.run(script, context);
+  return result;
+};

From 9daad41fb41b87a9e685dd3d87b3f35376567719 Mon Sep 17 00:00:00 2001
From: albertchan <icycore@live.cn>
Date: Wed, 22 Feb 2023 20:16:08 +0800
Subject: [PATCH 3/3] Revert "fix:  use single instance sandbox coz destroy()
 can't free up memory"

This reverts commit 272193c61c52ee088a0988b1486f9cb60a3968e9.
---
 server/utils/sandbox.js | 44 ++++++++++++-----------------------------
 1 file changed, 13 insertions(+), 31 deletions(-)

diff --git a/server/utils/sandbox.js b/server/utils/sandbox.js
index 67c5e38f7..146dcc1d7 100644
--- a/server/utils/sandbox.js
+++ b/server/utils/sandbox.js
@@ -1,35 +1,17 @@
 const Safeify = require('safeify').default;
-const safeVm = new Safeify({
-  timeout: 3000,
-  asyncTimeout: 60000,
-  // true为不受CPU限制，以解决Docker启动问题
-  unrestricted: true,
-  unsafe: {
-    modules: {
-      // 引入assert断言库
-      assert: 'assert'
-    }
-  }
-});
-safeVm.preset('const assert = require("assert");');
 
 module.exports = async function sandboxFn(context, script) {
-  script += `; return {
-        Function: this.Function,
-        eval: this.eval,
-        header: this.header,
-        query: this.query,
-        body: this.body,
-        mockJson: this.mockJson,
-        params: this.params,
-        resHeader: this.resHeader,
-        httpCode: this.httpCode,
-        delay: this.delay,
-        Random: this.Random,
-        cookie: this.cookie
-    }`;
+    // 创建 safeify 实例
+    const safeVm = new Safeify({
+        timeout: 3000,
+        asyncTimeout: 60000
+    })
 
-  // 执行动态代码
-  const result = await safeVm.run(script, context);
-  return result;
-};
+    script += "; return this;";
+    // 执行动态代码
+    const result = await safeVm.run(script, context)
+
+    // 释放资源
+    safeVm.destroy()
+    return result
+}