mirror of
https://codeberg.org/crimeflare/cloudflare-tor
synced 2025-01-22 11:22:07 +00:00
Import 1.0.8.6 from a.m.o. Closes #10.
This commit is contained in:
parent
d4b26a7686
commit
0524b2a7cd
@ -7,6 +7,6 @@ The purpose of this browser add-on is to block Cloudflare sites.
|
||||
The TLS protocol promises end-to-end encryption between the client and an authenticated, identified endpoint server. The browser’s lock icon is a UI widget which makes this promise to the user. Cloudflare is a mass-decryption chokepoint, which intercepts and decrypts the Web requests made by billions of people to millions of websites.
|
||||
|
||||
- Prior discussion: [Tor Browser Bug #24351: Block Global Active Adversary Cloudflare](https://trac.torproject.org/projects/tor/ticket/24351)
|
||||
- Imported from [block_cloudflare_mitm_attack-1.0.8-an+fx.xpi](https://addons.mozilla.org/en-US/firefox/addon/block-cloudflare-mitm-attack/), by an anonymous cypherpunk. “Cyperpunks write code.” Cheers!
|
||||
- Imported from [block_cloudflare_mitm_attack-1.0.8.6-an+fx.xpi](https://addons.mozilla.org/en-US/firefox/addon/block-cloudflare-mitm-attack/), by an anonymous cypherpunk. “Cyperpunks write code.” Cheers!
|
||||
- [Original announcement](https://trac.torproject.org/projects/tor/ticket/24351#comment:25)
|
||||
- Thanks to [Debian Bug #831835](https://bugs.debian.org/831835) for some inspiration.
|
||||
|
47
src/META-INF/manifest.mf
Normal file
47
src/META-INF/manifest.mf
Normal file
@ -0,0 +1,47 @@
|
||||
Manifest-Version: 1.0
|
||||
|
||||
Name: manifest.json
|
||||
Digest-Algorithms: MD5 SHA1
|
||||
MD5-Digest: zGY60qlrfec2aFsUpYrEqw==
|
||||
SHA1-Digest: v9XeO2ot0V/rLuSXYs4AUccSP4Y=
|
||||
|
||||
Name: setwhitelist.html
|
||||
Digest-Algorithms: MD5 SHA1
|
||||
MD5-Digest: 5IRX40t9xV3hOSzG5DQt8g==
|
||||
SHA1-Digest: bZ6eElvQE432Qn5zeoGXI46I4OU=
|
||||
|
||||
Name: setwhitelist.js
|
||||
Digest-Algorithms: MD5 SHA1
|
||||
MD5-Digest: zyiTPW8+zVdotk5uf71nuw==
|
||||
SHA1-Digest: Ttn6071lJN7uBVK2UaZOhroEm5I=
|
||||
|
||||
Name: stop_cf_mitm.js
|
||||
Digest-Algorithms: MD5 SHA1
|
||||
MD5-Digest: z8IOdHN5/VdbDGGQNMqMnw==
|
||||
SHA1-Digest: jzwn+6SLINasUf2De/FE8fpmNJc=
|
||||
|
||||
Name: style.css
|
||||
Digest-Algorithms: MD5 SHA1
|
||||
MD5-Digest: qVs2pHeT+noWZ7sQttO/2Q==
|
||||
SHA1-Digest: TgXktEJyUNImPTbaPF/viYfWcQo=
|
||||
|
||||
Name: icons/icon-16.png
|
||||
Digest-Algorithms: MD5 SHA1
|
||||
MD5-Digest: BMpS9q28ylgmlebPGO0HBw==
|
||||
SHA1-Digest: ejT7934OdR+CRbKWJFoXPSvAo7M=
|
||||
|
||||
Name: icons/icon-32.png
|
||||
Digest-Algorithms: MD5 SHA1
|
||||
MD5-Digest: DPnYcEZnUZa6voVAI6nm0w==
|
||||
SHA1-Digest: CqFkcPOpoKmq7Ly82vbmq/Ouhzs=
|
||||
|
||||
Name: icons/icon-48.png
|
||||
Digest-Algorithms: MD5 SHA1
|
||||
MD5-Digest: PVwvbCCjWU+2fJeaUrrwVA==
|
||||
SHA1-Digest: upats+fdmYeFmAtgvIVwaW8mszA=
|
||||
|
||||
Name: icons/icon-64.png
|
||||
Digest-Algorithms: MD5 SHA1
|
||||
MD5-Digest: YVzojmSoYwjhM0m20OOk5A==
|
||||
SHA1-Digest: sa4ES4gA5mSb0cu9UgGpp/2eh84=
|
||||
|
BIN
src/META-INF/mozilla.rsa
Normal file
BIN
src/META-INF/mozilla.rsa
Normal file
Binary file not shown.
4
src/META-INF/mozilla.sf
Normal file
4
src/META-INF/mozilla.sf
Normal file
@ -0,0 +1,4 @@
|
||||
Signature-Version: 1.0
|
||||
MD5-Digest-Manifest: /gjyjvUwMAfWGYwYw54bpw==
|
||||
SHA1-Digest-Manifest: 93RJzzo6Uc5BI3Yj2ffLSr6dWnI=
|
||||
|
@ -2,7 +2,7 @@
|
||||
"manifest_version": 2,
|
||||
"name": "Block Cloudflare MiTM Attack",
|
||||
"description": "If the destination website use Cloudflare, block further request.",
|
||||
"version": "1.0.8.1",
|
||||
"version": "1.0.8.6",
|
||||
"homepage_url": "https://trac.torproject.org/projects/tor/ticket/24351",
|
||||
"permissions": ["webRequest","webRequestBlocking","<all_urls>","storage","activeTab"],
|
||||
"options_ui": {
|
||||
@ -28,4 +28,4 @@
|
||||
"strict_min_version": "52.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
@ -1,18 +1,22 @@
|
||||
<html><head><meta charset="utf-8"><link rel="stylesheet" href="style.css"></head><body><form>
|
||||
[Whitelist]<br>
|
||||
1. Add FQDN you want to ignore. One FQDN per line. Click "Save".<br>
|
||||
1. Add FQDN or .FQDN you want to ignore. Click "Save".<br>
|
||||
2. Open new tab and visit whitelisted website.<br>
|
||||
<small>(<i><b>.</b>mozilla.org</i> will allow <i>mozilla.org</i> and <i>*.mozilla.org</i>)</small>
|
||||
<textarea cols="50" rows="12" id="myset_cfwhite" wrap="off"></textarea><br>
|
||||
<br>
|
||||
[Advanced]<br>
|
||||
<label><input type="checkbox" id="myset_xincapsula"> Also detect and block Incapsula MiTM</label><br>
|
||||
<label><input type="checkbox" id="myset_xgshield"> Also detect and block Google's Project Shield MiTM</label><br>
|
||||
<label><input type="checkbox" id="myset_xsucuri"> Also detect and block Sucuri MiTM</label><br>
|
||||
<label><input type="checkbox" id="myset_xignhttp"> Ignore http:// resource (not recommend)</label><br>
|
||||
<label><input type="checkbox" id="myset_xigncj"> Ignore CSS|JS|Image|Font|Cursor resource (not recommend)</label><br>
|
||||
<label><input type="checkbox" id="myset_xsimplewarn"> Don't show warning message; just change title and favicon(<img src="">)</label><br>
|
||||
<label><input type="checkbox" id="myset_xign3p"> Ignore 3rd party resource (not recommend)</label><br>
|
||||
<label><input type="checkbox" checked disabled> I don't like Man-in-the-middle attack.</label><br><!-- justajokedonttakethisseriouslyLOL //-->
|
||||
<br>
|
||||
<input type="submit" value=" Save ">
|
||||
When MiTM attempt is detected:<br>
|
||||
<label><input type="radio" name="acttype" id="myset_xsimplewarn_0" value="0"> Show security warning page</label><br>
|
||||
<label><input type="radio" name="acttype" id="myset_xsimplewarn_1" value="1"> Just change title and favicon</label><br>
|
||||
<label><input type="radio" name="acttype" id="myset_xsimplewarn_2" value="2"> Cancel request immediately</label><br>
|
||||
<br>
|
||||
<input type="submit" value=" Save ">
|
||||
</form><script src="setwhitelist.js"></script>
|
||||
</body></html>
|
||||
</body></html>
|
@ -5,7 +5,7 @@ e.preventDefault();
|
||||
// check each line and remove bad fqdn (simple check)
|
||||
var cf_tmpdata=document.querySelector("#myset_cfwhite").value.split("\n");
|
||||
for (var i=0;i<cf_tmpdata.length;i++){
|
||||
if (!/^([0-9a-z.-]{1,})\.([a-z]{2,20})$/.test(cf_tmpdata[i])||cf_tmpdata[i].startsWith(".")||cf_tmpdata[i].includes("..")||
|
||||
if (!/^([0-9a-z.-]{1,})\.([a-z]{2,20})$/.test(cf_tmpdata[i])||cf_tmpdata[i].includes("..")||
|
||||
cf_tmpdata[i].endsWith(".cloudflare.com")||cf_tmpdata[i]=='cloudflare.com'||
|
||||
cf_tmpdata[i].endsWith(".incapsula.com")||cf_tmpdata[i]=='incapsula.com'||
|
||||
cf_tmpdata[i].endsWith(".withgoogle.com")||cf_tmpdata[i].endsWith(".google.com")){cf_tmpdata[i]='';}
|
||||
@ -13,17 +13,18 @@ cf_tmpdata[i].endsWith(".withgoogle.com")||cf_tmpdata[i].endsWith(".google.com")
|
||||
cf_tmpdata=cf_tmpdata.slice().sort(function(a,b){return a>b}).reduce(function(a,b){if (a.slice(-1)[0]!==b){a.push(b);};return a;},[]);// -duplicate
|
||||
cf_tmpdata=cf_tmpdata.filter(v=>v!='');// -empty
|
||||
cf_tmpdata=cf_tmpdata.join("\n");
|
||||
browser.storage.local.set({myset_cfwhite: cf_tmpdata});
|
||||
document.querySelector("#myset_cfwhite").value=cf_tmpdata;
|
||||
//workaround - simplewarn didn't work as expected if igncj is active
|
||||
if (document.querySelector("#myset_xsimplewarn").checked){document.querySelector("#myset_xigncj").checked=false;}
|
||||
browser.storage.local.set({myset_cfwhite: cf_tmpdata});document.querySelector("#myset_cfwhite").value=cf_tmpdata;
|
||||
//workaround - simplewarn didn't work as expected if ign3p is active
|
||||
if (document.querySelector("#myset_xsimplewarn_1").checked){document.querySelector("#myset_xign3p").checked=false;}
|
||||
//ADVANCED
|
||||
if (document.querySelector("#myset_xincapsula").checked){browser.storage.local.set({myset_xincapsula: "y"});}else{browser.storage.local.set({myset_xincapsula: "n"});}
|
||||
if (document.querySelector("#myset_xgshield").checked){browser.storage.local.set({myset_xgshield: "y"});}else{browser.storage.local.set({myset_xgshield: "n"});}
|
||||
if (document.querySelector("#myset_xsucuri").checked){browser.storage.local.set({myset_xsucuri: "y"});}else{browser.storage.local.set({myset_xsucuri: "n"});}
|
||||
if (document.querySelector("#myset_xignhttp").checked){browser.storage.local.set({myset_xignhttp: "y"});}else{browser.storage.local.set({myset_xignhttp: "n"});}
|
||||
if (document.querySelector("#myset_xigncj").checked){browser.storage.local.set({myset_xigncj: "y"});}else{browser.storage.local.set({myset_xigncj: "n"});}
|
||||
if (document.querySelector("#myset_xsimplewarn").checked){browser.storage.local.set({myset_xsimplewarn: "y"});}else{browser.storage.local.set({myset_xsimplewarn: "n"});}
|
||||
if (document.querySelector("#myset_xign3p").checked){browser.storage.local.set({myset_xign3p: "y"});}else{browser.storage.local.set({myset_xign3p: "n"});}
|
||||
//ACTION
|
||||
if (document.querySelector("#myset_xsimplewarn_0").checked){browser.storage.local.set({myset_xsimplewarn:0});}
|
||||
if (document.querySelector("#myset_xsimplewarn_1").checked){browser.storage.local.set({myset_xsimplewarn:1});}
|
||||
if (document.querySelector("#myset_xsimplewarn_2").checked){browser.storage.local.set({myset_xsimplewarn:2});}
|
||||
browser.runtime.sendMessage({relnow:'go'}).then(function(r){},onError);
|
||||
}
|
||||
function loadWhitelist(){
|
||||
@ -34,9 +35,12 @@ document.querySelector("#myset_cfwhite").value = r.myset_cfwhite||"";
|
||||
if (r.myset_xincapsula=='y'){document.querySelector("#myset_xincapsula").checked=true;}else{document.querySelector("#myset_xincapsula").checked=false;}
|
||||
if (r.myset_xgshield=='y'){document.querySelector("#myset_xgshield").checked=true;}else{document.querySelector("#myset_xgshield").checked=false;}
|
||||
if (r.myset_xsucuri=='y'){document.querySelector("#myset_xsucuri").checked=true;}else{document.querySelector("#myset_xsucuri").checked=false;}
|
||||
if (r.myset_xignhttp=='y'){document.querySelector("#myset_xignhttp").checked=true;}else{document.querySelector("#myset_xignhttp").checked=false;}
|
||||
if (r.myset_xigncj=='y'){document.querySelector("#myset_xigncj").checked=true;}else{document.querySelector("#myset_xigncj").checked=false;}
|
||||
if (r.myset_xsimplewarn=='y'){document.querySelector("#myset_xsimplewarn").checked=true;}else{document.querySelector("#myset_xsimplewarn").checked=false;}
|
||||
if (r.myset_xign3p=='y'){document.querySelector("#myset_xign3p").checked=true;}else{document.querySelector("#myset_xign3p").checked=false;}
|
||||
if (r.myset_xsimplewarn){switch(r.myset_xsimplewarn){
|
||||
case 1:document.querySelector("#myset_xsimplewarn_1").checked=true;break;
|
||||
case 2:document.querySelector("#myset_xsimplewarn_2").checked=true;break;
|
||||
default:document.querySelector("#myset_xsimplewarn_0").checked=true;break;
|
||||
}}else{document.querySelector("#myset_xsimplewarn_0").checked=true;}
|
||||
}
|
||||
var getting=browser.storage.local.get();
|
||||
getting.then(setCurrentChoice, onError);
|
||||
|
File diff suppressed because one or more lines are too long
@ -1,3 +1,3 @@
|
||||
body{font:13px Verdana}
|
||||
label{-webkit-user-select:none;-moz-user-select:none}
|
||||
textarea{white-space:pre;overflow-wrap:normal;overflow-x:scroll}
|
||||
textarea{white-space:pre;overflow-wrap:normal;overflow-x:scroll}
|
Loading…
x
Reference in New Issue
Block a user