From 0524b2a7cdc406dddc6adb456c9c6c69fde744a3 Mon Sep 17 00:00:00 2001 From: nullius Date: Tue, 2 Jan 2018 04:42:22 +0000 Subject: [PATCH] Import 1.0.8.6 from a.m.o. Closes #10. --- README.md | 2 +- src/META-INF/manifest.mf | 47 ++++++++++++++++++++ src/META-INF/mozilla.rsa | Bin 0 -> 4196 bytes src/META-INF/mozilla.sf | 4 ++ src/manifest.json | 4 +- src/setwhitelist.html | 16 ++++--- src/setwhitelist.js | 26 ++++++----- src/stop_cf_mitm.js | 90 ++++++++++++++++++--------------------- src/style.css | 2 +- 9 files changed, 121 insertions(+), 70 deletions(-) create mode 100644 src/META-INF/manifest.mf create mode 100644 src/META-INF/mozilla.rsa create mode 100644 src/META-INF/mozilla.sf diff --git a/README.md b/README.md index 7987dd2fb..70b62da8a 100644 --- a/README.md +++ b/README.md @@ -7,6 +7,6 @@ The purpose of this browser add-on is to block Cloudflare sites. The TLS protocol promises end-to-end encryption between the client and an authenticated, identified endpoint server. The browser’s lock icon is a UI widget which makes this promise to the user. Cloudflare is a mass-decryption chokepoint, which intercepts and decrypts the Web requests made by billions of people to millions of websites. - Prior discussion: [Tor Browser Bug #24351: Block Global Active Adversary Cloudflare](https://trac.torproject.org/projects/tor/ticket/24351) -- Imported from [block_cloudflare_mitm_attack-1.0.8-an+fx.xpi](https://addons.mozilla.org/en-US/firefox/addon/block-cloudflare-mitm-attack/), by an anonymous cypherpunk. “Cyperpunks write code.” Cheers! +- Imported from [block_cloudflare_mitm_attack-1.0.8.6-an+fx.xpi](https://addons.mozilla.org/en-US/firefox/addon/block-cloudflare-mitm-attack/), by an anonymous cypherpunk. “Cyperpunks write code.” Cheers! - [Original announcement](https://trac.torproject.org/projects/tor/ticket/24351#comment:25) - Thanks to [Debian Bug #831835](https://bugs.debian.org/831835) for some inspiration. diff --git a/src/META-INF/manifest.mf b/src/META-INF/manifest.mf new file mode 100644 index 000000000..a59452c70 --- /dev/null +++ b/src/META-INF/manifest.mf @@ -0,0 +1,47 @@ +Manifest-Version: 1.0 + +Name: manifest.json +Digest-Algorithms: MD5 SHA1 +MD5-Digest: zGY60qlrfec2aFsUpYrEqw== +SHA1-Digest: v9XeO2ot0V/rLuSXYs4AUccSP4Y= + +Name: setwhitelist.html +Digest-Algorithms: MD5 SHA1 +MD5-Digest: 5IRX40t9xV3hOSzG5DQt8g== +SHA1-Digest: bZ6eElvQE432Qn5zeoGXI46I4OU= + +Name: setwhitelist.js +Digest-Algorithms: MD5 SHA1 +MD5-Digest: zyiTPW8+zVdotk5uf71nuw== +SHA1-Digest: Ttn6071lJN7uBVK2UaZOhroEm5I= + +Name: stop_cf_mitm.js +Digest-Algorithms: MD5 SHA1 +MD5-Digest: z8IOdHN5/VdbDGGQNMqMnw== +SHA1-Digest: jzwn+6SLINasUf2De/FE8fpmNJc= + +Name: style.css +Digest-Algorithms: MD5 SHA1 +MD5-Digest: qVs2pHeT+noWZ7sQttO/2Q== +SHA1-Digest: TgXktEJyUNImPTbaPF/viYfWcQo= + +Name: icons/icon-16.png +Digest-Algorithms: MD5 SHA1 +MD5-Digest: BMpS9q28ylgmlebPGO0HBw== +SHA1-Digest: ejT7934OdR+CRbKWJFoXPSvAo7M= + +Name: icons/icon-32.png +Digest-Algorithms: MD5 SHA1 +MD5-Digest: DPnYcEZnUZa6voVAI6nm0w== +SHA1-Digest: CqFkcPOpoKmq7Ly82vbmq/Ouhzs= + +Name: icons/icon-48.png +Digest-Algorithms: MD5 SHA1 +MD5-Digest: PVwvbCCjWU+2fJeaUrrwVA== +SHA1-Digest: upats+fdmYeFmAtgvIVwaW8mszA= + +Name: icons/icon-64.png +Digest-Algorithms: MD5 SHA1 +MD5-Digest: YVzojmSoYwjhM0m20OOk5A== +SHA1-Digest: sa4ES4gA5mSb0cu9UgGpp/2eh84= + diff --git a/src/META-INF/mozilla.rsa b/src/META-INF/mozilla.rsa new file mode 100644 index 0000000000000000000000000000000000000000..65093fd1a3f6cef872e4c6b025cc749496fce9be GIT binary patch literal 4196 zcmds4XH-+&wk3stbO-`U6$C^GoP^$yCW`bTMS&Q43mpV$K@pG^3sq`FKq*p#C?Hit znt*g8V4;ZgUgUy4KYjQ8c)#9wW8886oO#w<`>eCiUUTmW;23OR$IeD-MQ+l9D8Sh` z1_J=cpaTYhkkr627`ZSV1bmX5450o)0%hZ9-T^rBZU6_V&W3=01F;X2qrCs$WAj~dp?1M7wMal*PI#Q?-nlo~GZ zJ9k4N7NYwL?SBJdbFIk-EyJMb9UdHFeE?2t%6>?i>OKjZNa3E};VgutLh(YCf& zcW+U*U+)sddO08^0MtJv9s{xPd;c2B8-exk7XHQmm9O$U3xjn7xL9eCG5``l0Z2(e zT*iWx7A1ZN53ipP2#-d>0mfg&Q~fFUzkfUnzg!<)6n zS{pqL&pY<%zSnL)uS)CJ=m#HQ-fhH0GosQ3JzKI$`d;J_ugiR9BrHZ-^S$|a(6pi6 z?bvACW8nL+I!TO!{!JqS)+ zzBQ^-v3X1UiVyn=qd%ID>*n`%VKNP!a(rsNvpmPC(MZ(4$p(#~V2 zh?Z^-l002o7ag`)(6B*eN-8Emb~wA|5tmi9V&f|>yq~l7Rf1&;zZpS6`p$T~P@pwO zm_kEvXNJ;e2bjB!XDD8Mk>+-wwBQm59}Y9-S1W(LPJFwhc&30&l9zx+sBT8 zCcB=M>Yf7&a)J12+3h-T?kwxKB(r@$r{ftnyhR}^+nJC2B*)bRK|g}I4@aPz3 zdj2DMNY}lQd7f)$F2KZscVCh_lwc}hMA|MXokoR4S@i_Q(g~ek?2s;KQ)k?2p|R?_ zNJ*7X7zEjDbQG4w)0m+~(=H5W(DyRzz=BSgK63k9W}~0c0oyRwQ^=|JZXAoJOeS9G zrOLe?TU}`L#lKrsUUHn$ee<)kBUh5{W(V%otWl*0n%#W^GH^Gu21!5ABK=OHoF
    os(VjoXjDX;!mYA|8yeTAVUA=a5z7H8Zj ze|(l(MutUD34edX7M=biTy~MH;N{A3wsyI&Qz{xBo{n$BFq{#sdX!E)sXE#X`%{Gv^%g0O5|>0tppI1d2ul1H{Eyjf{x=10>J%TT z=3ttn;;TzLfytXOx_#37zR+^ge6vG_)?P^GOP2P!MEgyNLe8O&&nt_Zb)MMh*7;AT z>y$PLcMbC1p&3iqP|cj)L#HVugQ+8>1uiy~lPT4mQUSH^fEuB^1322XBiLTEDm4t|t&KO;CxaW>B z4R)+hubXjzNM!jApzey*GA9RFX`OKWF^e_KTNU8BBPtZd`c&}U+Qui+t<9G43w9q~ z38~cm=+hcC2odpUUyvm06qdo;Yx10iC>79~Lhd>&KI03l1esIZ4BXc<^E=fW_9a|w z^j%Fys#%v^c&*du@IF^)6UQK%eiYn<`{s77V!zLH=G;qb=_Lf7IfznNGEj(O%?r+# zS1eVz5#=@fKGLJt?%u_8dux$z!FakL-X79S(fNfWni!JYPEYWI2zmRbrRL>T>vdX5 zVmsRUp4!s>&GI%kNSKqam122PM6qF>mevya3Ld8CuRLj_rqoOw9Hiw@jc(I{lwB0K zN6e1(n>A`3@#XiS@BiE$sxWyc#*j!HsVl5$X_xbbQ-O3N@cRT|KX0=-{=z=`Hjd7| z8!4ZxdCnFmNyQ94-oss8Y0$`F5D#4aejqUfRo~ zkz`^{c=)5x|7S_Sfk1#b?3hiY7ASH{6$FI}u$*@E@$rxo6Z@ZMKQRni4CCc0>S5>h zZ^HI-`zs!52p%5$j+6)pX-{}*Jdrf6ea7rV%PEtvXDsxI2hNzSUTzm@KEtU&h^8_+ zU6ErxFyX68!2QtmNa0G_ZYIhWfblHAi)k(S$iQnusOPlbRaP zv$W@eiWBS{(^GYeC%@-iZoS$WT}l0x?l}LwR4Gr@YnH5?hGk@q@j+sY1pze6jN224 zx!i&Wd6^ZrUHB;R5G5ppE`zu6vu?@ttpJk$<{ zk8HGO!|1?n}ofH{Z{T)005TSAxpsupx8C`w$Wiff)UKj73gZ|H~Jp0;idzu&UG=6)qQGsu4Zz*SHbICgB2X zSBlzlo>8D|svB!FLoJy7-H+2dvsSeg-TIJfKhknKNMNbveDd}s#h0Li*h+cugdDdZ za{Gi}con6Utb$tJOWzfZ1+cQay(xm|z+th+a}lBN6-7P4zW0NT7W;K(O>(boqz4#@?`SUS(*3BBSxLb; zyHPd6dR?wOhmEwa(hdC)g-xv-iz#CdI0L=Bu3=~OV?_(c->+R>Liu#;!=(6~R^%M3 zZlkA~bhKbd&43NZ8V^!i?@Bkmt2#@~$xB@&%(R)P1fiWCt2@mcD76p>B4Oc1^K3hEM=aww=ZXIKRiy( bN=ze=nQx)nMpLN52kdJ)Ywsm+ffD}(M+maj literal 0 HcmV?d00001 diff --git a/src/META-INF/mozilla.sf b/src/META-INF/mozilla.sf new file mode 100644 index 000000000..320319dd0 --- /dev/null +++ b/src/META-INF/mozilla.sf @@ -0,0 +1,4 @@ +Signature-Version: 1.0 +MD5-Digest-Manifest: /gjyjvUwMAfWGYwYw54bpw== +SHA1-Digest-Manifest: 93RJzzo6Uc5BI3Yj2ffLSr6dWnI= + diff --git a/src/manifest.json b/src/manifest.json index e168c3fa5..0a42b2156 100644 --- a/src/manifest.json +++ b/src/manifest.json @@ -2,7 +2,7 @@ "manifest_version": 2, "name": "Block Cloudflare MiTM Attack", "description": "If the destination website use Cloudflare, block further request.", -"version": "1.0.8.1", +"version": "1.0.8.6", "homepage_url": "https://trac.torproject.org/projects/tor/ticket/24351", "permissions": ["webRequest","webRequestBlocking","","storage","activeTab"], "options_ui": { @@ -28,4 +28,4 @@ "strict_min_version": "52.0" } } -} +} \ No newline at end of file diff --git a/src/setwhitelist.html b/src/setwhitelist.html index cf19c9d40..1214be2b7 100644 --- a/src/setwhitelist.html +++ b/src/setwhitelist.html @@ -1,18 +1,22 @@
    [Whitelist]
    -1. Add FQDN you want to ignore. One FQDN per line. Click "Save".
    +1. Add FQDN or .FQDN you want to ignore. Click "Save".
    2. Open new tab and visit whitelisted website.
    +(.mozilla.org will allow mozilla.org and *.mozilla.org)

    [Advanced]



    -
    -
    -
    +


    - +When MiTM attempt is detected:
    +
    +
    +
    +
    +
    - + \ No newline at end of file diff --git a/src/setwhitelist.js b/src/setwhitelist.js index 33148cc50..a0e7305da 100644 --- a/src/setwhitelist.js +++ b/src/setwhitelist.js @@ -5,7 +5,7 @@ e.preventDefault(); // check each line and remove bad fqdn (simple check) var cf_tmpdata=document.querySelector("#myset_cfwhite").value.split("\n"); for (var i=0;ib}).reduce(function(a,b){if (a.slice(-1)[0]!==b){a.push(b);};return a;},[]);// -duplicate cf_tmpdata=cf_tmpdata.filter(v=>v!='');// -empty cf_tmpdata=cf_tmpdata.join("\n"); -browser.storage.local.set({myset_cfwhite: cf_tmpdata}); -document.querySelector("#myset_cfwhite").value=cf_tmpdata; -//workaround - simplewarn didn't work as expected if igncj is active -if (document.querySelector("#myset_xsimplewarn").checked){document.querySelector("#myset_xigncj").checked=false;} +browser.storage.local.set({myset_cfwhite: cf_tmpdata});document.querySelector("#myset_cfwhite").value=cf_tmpdata; +//workaround - simplewarn didn't work as expected if ign3p is active +if (document.querySelector("#myset_xsimplewarn_1").checked){document.querySelector("#myset_xign3p").checked=false;} //ADVANCED if (document.querySelector("#myset_xincapsula").checked){browser.storage.local.set({myset_xincapsula: "y"});}else{browser.storage.local.set({myset_xincapsula: "n"});} if (document.querySelector("#myset_xgshield").checked){browser.storage.local.set({myset_xgshield: "y"});}else{browser.storage.local.set({myset_xgshield: "n"});} if (document.querySelector("#myset_xsucuri").checked){browser.storage.local.set({myset_xsucuri: "y"});}else{browser.storage.local.set({myset_xsucuri: "n"});} -if (document.querySelector("#myset_xignhttp").checked){browser.storage.local.set({myset_xignhttp: "y"});}else{browser.storage.local.set({myset_xignhttp: "n"});} -if (document.querySelector("#myset_xigncj").checked){browser.storage.local.set({myset_xigncj: "y"});}else{browser.storage.local.set({myset_xigncj: "n"});} -if (document.querySelector("#myset_xsimplewarn").checked){browser.storage.local.set({myset_xsimplewarn: "y"});}else{browser.storage.local.set({myset_xsimplewarn: "n"});} +if (document.querySelector("#myset_xign3p").checked){browser.storage.local.set({myset_xign3p: "y"});}else{browser.storage.local.set({myset_xign3p: "n"});} +//ACTION +if (document.querySelector("#myset_xsimplewarn_0").checked){browser.storage.local.set({myset_xsimplewarn:0});} +if (document.querySelector("#myset_xsimplewarn_1").checked){browser.storage.local.set({myset_xsimplewarn:1});} +if (document.querySelector("#myset_xsimplewarn_2").checked){browser.storage.local.set({myset_xsimplewarn:2});} browser.runtime.sendMessage({relnow:'go'}).then(function(r){},onError); } function loadWhitelist(){ @@ -34,9 +35,12 @@ document.querySelector("#myset_cfwhite").value = r.myset_cfwhite||""; if (r.myset_xincapsula=='y'){document.querySelector("#myset_xincapsula").checked=true;}else{document.querySelector("#myset_xincapsula").checked=false;} if (r.myset_xgshield=='y'){document.querySelector("#myset_xgshield").checked=true;}else{document.querySelector("#myset_xgshield").checked=false;} if (r.myset_xsucuri=='y'){document.querySelector("#myset_xsucuri").checked=true;}else{document.querySelector("#myset_xsucuri").checked=false;} -if (r.myset_xignhttp=='y'){document.querySelector("#myset_xignhttp").checked=true;}else{document.querySelector("#myset_xignhttp").checked=false;} -if (r.myset_xigncj=='y'){document.querySelector("#myset_xigncj").checked=true;}else{document.querySelector("#myset_xigncj").checked=false;} -if (r.myset_xsimplewarn=='y'){document.querySelector("#myset_xsimplewarn").checked=true;}else{document.querySelector("#myset_xsimplewarn").checked=false;} +if (r.myset_xign3p=='y'){document.querySelector("#myset_xign3p").checked=true;}else{document.querySelector("#myset_xign3p").checked=false;} +if (r.myset_xsimplewarn){switch(r.myset_xsimplewarn){ +case 1:document.querySelector("#myset_xsimplewarn_1").checked=true;break; +case 2:document.querySelector("#myset_xsimplewarn_2").checked=true;break; +default:document.querySelector("#myset_xsimplewarn_0").checked=true;break; +}}else{document.querySelector("#myset_xsimplewarn_0").checked=true;} } var getting=browser.storage.local.get(); getting.then(setCurrentChoice, onError); diff --git a/src/stop_cf_mitm.js b/src/stop_cf_mitm.js index d0fe5995e..6aff8ced4 100644 --- a/src/stop_cf_mitm.js +++ b/src/stop_cf_mitm.js @@ -12,10 +12,12 @@ var cf_history=[];//used by whitelist-from-warnpage var stop_incapsula=0; var stop_gshield=0; var stop_sucuri=0; -var ign_phttp=0; -var ign_rescj=0; -var do_simplewarn=0; +var ign_thirdparty=0; +var do_reaction=0; +var cfblockscreen=''; +var cf_blocked_img=''; +function onError(e){console.log(`CFMITM Error:${e}`);} function whitelist_reload(){browser.storage.local.get().then(function(w){ //WHITELIST if (w.myset_cfwhite){ @@ -26,16 +28,28 @@ cf_ignore=tmp_whitelist; if (w.myset_xincapsula=='y'){stop_incapsula=1;}else{stop_incapsula=0;} if (w.myset_xgshield=='y'){stop_gshield=1;}else{stop_gshield=0;} if (w.myset_xsucuri=='y'){stop_sucuri=1;}else{stop_sucuri=0;} -if (w.myset_xignhttp=='y'){ign_phttp=1;}else{ign_phttp=0;} -if (w.myset_xigncj=='y'){ign_rescj=1;}else{ign_rescj=0;} -if (w.myset_xsimplewarn=='y'){do_simplewarn=1;}else{do_simplewarn=0;} +if (w.myset_xign3p=='y'){ign_thirdparty=1;}else{ign_thirdparty=0;} +//ACTION +if (w.myset_xsimplewarn){switch(w.myset_xsimplewarn){ +case 1:do_reaction=1;break; +case 2:do_reaction=2;break; +default:do_reaction=0;break; +}}else{do_reaction=0;} },onError);} -function onError(e){console.log(`CFMITM Error:${e}`);} +function is_domain_ignored(w){ +if (cf_ignore.includes(w)){return true;} +var dotSTXfound=0;for(var f=0;f= 4) { //console.log("CFMITM: testing...: "+res.url); -var mitm_isdetected=0; -var mitm_cdnname='Cloudflare'; - -for (var i=0;i -if (mitm_isdetected>=2){break;} +if (mitm_isdetected>=1){break;} } - -var cfblockscreen=''; if (mitm_isdetected>=1){ - //add to history (used in gotwhitelistrequest()) if (cf_history.length>=10){cf_history=[];} if (!cf_history.includes(cf_hostname)){cf_history.push(cf_hostname);} - - -if (do_simplewarn!=1){// block - console.log('SECURITY_WARN: '+mitm_cdnname+' MiTM Detected: '+res.url); -cfblockscreen='document.documentElement.innerHTML=atob(\'\')+\''+cf_hostname+' is being MITMed by '+mitm_cdnname+'\'+atob(\'LgpUbyBwcm90ZWN0IHlvdXIgaW5mb3JtYXRpb24gZnJvbSBiZWluZyBzdG9sZW4sIHRoZSBhZGQtb24gc3RvcHBlZCBmdXJ0aGVyIGNvbm5lY3Rpb24gdG8gdGhpcyB3ZWJzaXRlLgo8L3A+PC9kaXY+PGRpdiBpZD0iY2VydEVycm9yQW5kQ2FwdGl2ZVBvcnRhbEJ1dHRvbkNvbnRhaW5lciIgY2xhc3M9ImJ1dHRvbi1jb250YWluZXIiPgo8YnV0dG9uIGlkPSJyZXR1cm5CdXR0b24iIGNsYXNzPSJwcmltYXJ5IiBhdXRvY29tcGxldGU9Im9mZiIgb25jbGljaz0iaGlzdG9yeS5nbygtMSkiPkdvIEJhY2s8L2J1dHRvbj4KPGRpdiBjbGFzcz0iYnV0dG9uLXNwYWNlciI+PC9kaXY+CjxidXR0b24gaWQ9ImFkdmFuY2VkQnV0dG9uIiBhdXRvY29tcGxldGU9Im9mZiIgb25jbGljaz0iaWYgKGNvbmZpcm0oJ0RvIHlvdSByZWFsbHkgd2FudCB0byBhZGQg\')+\''+cf_hostname+'\'+atob(\'IHRvIHdoaXRlbGlzdD8nKSl7ZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJ2FjbGluaycpLnNyYz0naHR0cHM6Ly8wLjAuMC4wL2NmbWl0bV9hZGRvbi9hbGxvdy8=\')+\''+cf_hostname+'?'+btoa(cf_hostname)+'\'+atob(\'Jzt9Ij5BZGQgRXhjZXB0aW9uPC9idXR0b24+CjwvZGl2Pgo8L2Rpdj4KPC9kaXY+CjxkaXYgc3R5bGU9ImRpc3BsYXk6bm9uZSI+PGlmcmFtZSBpZD0iYWNsaW5rIiBzcmM9Imh0dHBzOi8vMC4wLjAuMC9jZm1pdG1fYWRkb24vIj48L2lmcmFtZT48L2Rpdj4KPC9ib2R5PjwvaHRtbD4=\');window.stop();'; +if (do_reaction==0){ +cfblockscreen='document.documentElement.innerHTML=atob(\'\')+\''+cf_hostname+' is being MITMed by '+mitm_cdnname+'\'+atob(\'LgpUbyBwcm90ZWN0IHlvdXIgaW5mb3JtYXRpb24gZnJvbSBiZWluZyBzdG9sZW4sIHRoZSBhZGQtb24gc3RvcHBlZCBmdXJ0aGVyIGNvbm5lY3Rpb24gdG8gdGhpcyB3ZWJzaXRlLgo8L3A+PC9kaXY+PGRpdiBpZD0iY2VydEVycm9yQW5kQ2FwdGl2ZVBvcnRhbEJ1dHRvbkNvbnRhaW5lciIgY2xhc3M9ImJ1dHRvbi1jb250YWluZXIiPgo8YnV0dG9uIGlkPSJyZXR1cm5CdXR0b24iIGNsYXNzPSJwcmltYXJ5IiBhdXRvY29tcGxldGU9Im9mZiIgb25jbGljaz0iaGlzdG9yeS5nbygtMSkiPkdvIEJhY2s8L2J1dHRvbj4KPGRpdiBjbGFzcz0iYnV0dG9uLXNwYWNlciI+PC9kaXY+CjxidXR0b24gaWQ9ImFkdmFuY2VkQnV0dG9uIiBhdXRvY29tcGxldGU9Im9mZiIgb25jbGljaz0iaWYgKGNvbmZpcm0oJ0RvIHlvdSByZWFsbHkgd2FudCB0byBhZGQg\')+\''+cf_hostname+'\'+atob(\'IHRvIHdoaXRlbGlzdD8nKSl7ZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJ2FjbGluaycpLnNyYz0naHR0cHM6Ly8wLjAuMC4wL2NmbWl0bV9hZGRvbi9hbGxvdy8=\')+\''+cf_hostname+'?'+btoa(cf_hostname)+'\'+atob(\'Jzt9Ij5BZGQgRXhjZXB0aW9uPC9idXR0b24+DQo8YnV0dG9uIGlkPSJhZHZhbmNlZEJ1dHRvbiIgYXV0b2NvbXBsZXRlPSJvZmYiIG9uY2xpY2s9ImRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdhY2xpbmsnKS5zcmM9J2h0dHBzOi8vMC4wLjAuMC9jZm1pdG1fYWRkb24vYWxsb3cvdmlld2V4Y2VwdGlvbnM/bm93JzsiPlZpZXcgRXhjZXB0aW9uczwvYnV0dG9uPg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPGRpdiBzdHlsZT0iZGlzcGxheTpub25lIj48aWZyYW1lIGlkPSJhY2xpbmsiIHNyYz0iaHR0cHM6Ly8wLjAuMC4wL2NmbWl0bV9hZGRvbi8iPjwvaWZyYW1lPjwvZGl2Pg0KPC9ib2R5PjwvaHRtbD4=\');window.stop();'; var blockingCFnow=browser.tabs.executeScript(res.tabId,{code: cfblockscreen});blockingCFnow.then(()=>{return {cancel: true};},onError); - -}else{// warning only - -console.log('SECURITY_ALERT: '+mitm_cdnname+' MiTM Detected: '+res.url); +} +if (do_reaction==1){ cfblockscreen='var orig_dt=document.title;setInterval(function(){var link=document.querySelector("link[rel*=\'icon\']")||document.createElement(\'link\');link.type=\'image/x-icon\';link.rel=\'icon\';link.href=\'\';document.getElementsByTagName(\'head\')[0].appendChild(link);if (!document.title.startsWith(\'[!!\') && !document.title.includes(\'!!]\')){document.title=\'[!!'+mitm_cdnname+'!!] \'+orig_dt;}},2500);'; var warningCFnow=browser.tabs.executeScript(res.tabId,{code: cfblockscreen});warningCFnow.then(function(){},onError); - +} +if (do_reaction==2){ +if (res.type=='image'){return {redirectUrl: cf_blocked_img};}else{if (res.type=='main_frame'){return {redirectUrl: 'https://0.0.0.0/'};}else{return {cancel: true};}} } } @@ -122,27 +126,15 @@ var warningCFnow=browser.tabs.executeScript(res.tabId,{code: cfblockscreen});war } function gotwhitelistrequest(r){ -var v_whitelist=r.url.replace('https://0.0.0.0/cfmitm_addon/allow/','',).split('?',2); -if (v_whitelist.length==2){if (/^([0-9a-z.-]{4,200})$/.test(v_whitelist[0]) && v_whitelist[1]==btoa(v_whitelist[0])){ -if (cf_history.includes(v_whitelist[0])){// found in history, assume this request is valid +if (r.url=='https://0.0.0.0/cfmitm_addon/allow/viewexceptions?now'){browser.runtime.openOptionsPage().then(function(){},onError);}else{ +var v_whitelist=r.url.replace('https://0.0.0.0/cfmitm_addon/allow/','',).split('?',2);if (v_whitelist.length==2){if (/^([0-9a-z.-]{4,200})$/.test(v_whitelist[0]) && v_whitelist[1]==btoa(v_whitelist[0])){//cfinfection?originhash +if (cf_history.includes(v_whitelist[0])){if (!cf_ignore.includes(v_whitelist[0])){// found in history and rule not found console.log('CFMITM: Adding to whitelist: '+v_whitelist[0]); -var _gwr=browser.storage.local.get();_gwr.then(function(r){ -var _currentwhitelist=v_whitelist[0]+"\n";if (r.myset_cfwhite){_currentwhitelist+=r.myset_cfwhite;} -_currentwhitelist=_currentwhitelist.split("\n");for (var l=0;l<_currentwhitelist.length;l++){ -if (!/^([0-9a-z.-]{1,})\.([a-z]{2,20})$/.test(_currentwhitelist[l])||_currentwhitelist[l].startsWith(".")||_currentwhitelist[l].includes("..")|| -_currentwhitelist[l].endsWith(".cloudflare.com")||_currentwhitelist[l]=='cloudflare.com'|| -_currentwhitelist[l].endsWith(".incapsula.com")||_currentwhitelist[l]=='incapsula.com'|| -_currentwhitelist[l].endsWith(".withgoogle.com")||_currentwhitelist[l].endsWith(".google.com")){_currentwhitelist[l]='';} -} -_currentwhitelist=_currentwhitelist.slice().sort(function(a,b){return a>b}).reduce(function(a,b){if (a.slice(-1)[0]!==b){a.push(b);};return a;},[]);// -duplicate -_currentwhitelist=_currentwhitelist.filter(v=>v!='');// -empty -_currentwhitelist=_currentwhitelist.join("\n"); -browser.storage.local.set({myset_cfwhite: _currentwhitelist}); -cf_ignore=_currentwhitelist.split("\n").filter(v=>v!='');//update whitelist -browser.tabs.executeScript({code: 'location.reload();'}); -},onError); -} +cf_ignore.push(v_whitelist[0]); +browser.storage.local.set({myset_cfwhite: cf_ignore.join("\n")}).then(function(){browser.tabs.executeScript({code: 'location.reload();'});},onError); }} +}} +} return {cancel: true}; } diff --git a/src/style.css b/src/style.css index 594891ef7..207f5e518 100644 --- a/src/style.css +++ b/src/style.css @@ -1,3 +1,3 @@ body{font:13px Verdana} label{-webkit-user-select:none;-moz-user-select:none} -textarea{white-space:pre;overflow-wrap:normal;overflow-x:scroll} +textarea{white-space:pre;overflow-wrap:normal;overflow-x:scroll} \ No newline at end of file