Transparency is our priority. Below is the exact Cloudflare Worker code that powers our M3U Sanitizer. As you can see, the script runs entirely in memory, surgically replaces your credentials with generic placeholders, and immediately returns the file to you. No data is ever written to disk or transmitted to our servers.
const HTML_FORM = `
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>M3U Sanitizer | FBSoft</title>
<style>
body { font-family: Arial, sans-serif; background-color: #f4f4f9; display: flex; justify-content: center; align-items: center; height: 100vh; margin: 0; }
.container { background: white; padding: 30px; border-radius: 8px; box-shadow: 0 4px 10px rgba(0,0,0,0.1); text-align: center; max-width: 400px; }
h2 { color: #333; }
p { color: #666; font-size: 14px; margin-bottom: 20px; }
input[type="file"] { margin-bottom: 20px; }
button { background-color: #007BFF; color: white; border: none; padding: 10px 20px; border-radius: 5px; cursor: pointer; font-size: 16px; }
button:hover { background-color: #0056b3; }
</style>
</head>
<body>
<div class="container">
<h2>M3U Extractor & Sanitizer</h2>
<p>Upload your playlist. Your credentials will be scrubbed instantly, allowing you to safely inspect your channel IDs. We do not store your files or passwords.</p>
<form action="/sanitize" method="post" enctype="multipart/form-data">
<input type="file" name="file" accept=".m3u,.txt" required>
<br>
<button type="submit">Sanitize & Download</button>
</form>
</div>
</body>
</html>
`;
export default {
async fetch(request, env, ctx) {
const url = new URL(request.url);
// Route 1: Serve the web interface
if (request.method === 'GET' && url.pathname === '/') {
return new Response(HTML_FORM, {
headers: { 'Content-Type': 'text/html' }
});
}
// Route 2: Process the uploaded file
if (request.method === 'POST' && url.pathname === '/sanitize') {
try {
const formData = await request.formData();
const file = formData.get('file');
if (!file) {
return new Response("Error: No file uploaded.", { status: 400 });
}
const text = await file.text();
const lines = text.split('\n');
let username = null;
let password = null;
// Hunt for credentials
for (let line of lines) {
let trimmedLine = line.trim();
if (trimmedLine.startsWith("http")) {
const body = trimmedLine.split("://")[1];
if (body) {
const parts = body.split("/");
if (parts.length >= 4) {
if (parts[1] === "live") {
username = parts[2];
password = parts[3];
} else {
username = parts[1];
password = parts[2];
}
if (username && password) break;
}
}
}
}
if (!username || !password) {
return new Response("Error: Could not autonomously detect standard Xtream Codes credentials in this file.", { status: 400 });
}
// Execute redaction in memory
let safeText = "";
const targetPath = `/${username}/${password}/`;
const safePath = `/YOUR_USER/YOUR_PASS/`;
for (let line of lines) {
let safeLine = line.replace(targetPath, safePath);
safeLine = safeLine.replace(`username=${username}`, `username=YOUR_USER`);
safeLine = safeLine.replace(`password=${password}`, `password=YOUR_PASS`);
safeText += safeLine + "\n";
}
// Dispatch the secure file back to the user
return new Response(safeText, {
headers: {
'Content-Type': 'audio/x-mpegurl',
'Content-Disposition': 'attachment; filename="safe_playlist.m3u"'
}
});
} catch (err) {
return new Response("A fatal processing error occurred.", { status: 500 });
}
}
return new Response("Not found", { status: 404 });
}
};