From ce7503453cb41fd0471fad664e8c3b0dd80ce002 Mon Sep 17 00:00:00 2001 From: nullius Date: Sat, 30 Dec 2017 21:55:46 +0000 Subject: [PATCH] Import v1.0.7.1 from a.m.o. This is a huge jump. Sorry, I will not manually import all intermediary versions to track development. Significant changes: - Major feature: Now works with Firefox 52 / current Tor Browser. Closes #2. - Major feature: Error page. Closes #3. - Major feature: Whitelist. Closes #4. - Regression: Indentation/style is busted. Reopens #1. --- src/icons/icon-16.png | Bin 0 -> 508 bytes src/icons/icon-32.png | Bin 0 -> 1264 bytes src/icons/icon-48.png | Bin 1587 -> 1949 bytes src/icons/icon-64.png | Bin 2037 -> 2371 bytes src/manifest.json | 26 +++++-- src/setwhitelist.html | 18 +++++ src/setwhitelist.js | 44 ++++++++++++ src/stop_cf_mitm.js | 155 +++++++++++++++++++++++++++++++++++------- 8 files changed, 215 insertions(+), 28 deletions(-) create mode 100644 src/icons/icon-16.png create mode 100644 src/icons/icon-32.png create mode 100644 src/setwhitelist.html create mode 100644 src/setwhitelist.js diff --git a/src/icons/icon-16.png b/src/icons/icon-16.png new file mode 100644 index 0000000000000000000000000000000000000000..9f24ca2ed77e0e62a456d508854a57f49b704f9c GIT binary patch literal 508 zcmeAS@N?(olHy`uVBq!ia0vp^0wB!63?wyl`GbMf!vLQUS0Md)k@)NN$#1vieqS#8 z|NsAwA3wfb<@suJ+UEnsU#_nD^77fYyPMu`jsLb(_2acoKm}hO9DTPX{_C4JFBXS> zJ5>DO!Go7CUp`t{bEzZse0RpN&dl@esh^Kdm@;MBj2SahQ_~F%4IQ1GwY9ZP%q*Rp zTnY+`7A;wF`SRtu`uc!?fb{fCJ3Bi+KfnC^{QCM97Z(>TEvf(Iv3|4t8Z-H$7IgMS}P~zl{OXX zto7beUK^3r^mvc#mZFkoUOzK08!Kl$8&R(~8#4`inIG-Hy?`b$CV9KNu>Qz@c^t^$ zEbxddW?8eR=RLG}_)Usv`EjEq2bwAqg+AQkTE;usLRuJoxg;jwY|^z`=8n)9YG^~Zhw z{{HpGef79q|LN)Q$d}ZLT+f4E^u~w(<>lt)>)_zv=jZ3?>FNI3$neIgz_qEZqnfCn zmddZ5{@28nmY9u>k&~2^q@<)@UtfHDem*`vG&D3%Q&TG|FF83m7Z(>SEHNu9D?~&@ zM@L7drlz;Kx&QzFnVFfv!@(^rEm&AvZEbB*Qc^iNIVmYAOiWCFe}9mWkj>4_l$4a6 zot;@)Txx1Ffs$5)LGcz+EA0I9*E=Wj7RaI4ge}8p# zbrTa4Dk>^fRaFua5+pV@NJvOUMMX?ZOlD?gBqSsN008LCvhmfn@zu5N)xGMiRqd`) z^Q$`at2XVfPwTE$?5augq%88TMDe#?@zJ98qagRBAoipq>abn$%a`)3K=!64^`s=~ zw{G*IC-Spb^rtZNsyOnzZ20ct>Z?xoq$25=FZHG@2)h3C4K7aI4k*>}{a}3g zr3b~l44%u&mI^htfea23EjTzG4d2MNL349KTtho7EHp~)kBB~=X>*TeR8dBhO;o<1zC5H| zYiKT-MnxY64h#be1qcfV0}2fd3xTiewp^9T ztS00mu3IhxFnMSu9AN)#1?+$<8Xz-g7(rB3L_{P=j_;R1dT04zwUp>dG!v52KTEDH z(-W|^>+e6HmfW?TsWZ2yU<~O|2e?wmi>6+<>;TTEYc(xeih!uY9zE$0cn^30000D z2R%tdK~!ko?N)nGlUEi;%K~c)lr1ckWhD`LEsqeA@Rm?XKr~>&BPi_FV(rcVIxfo~ zh+wP>i(n~@Gb#vGAqXMi;e#!xJ7ol01YBE@b!`O=$UB5QNPoU01UY*HGV32Zbrx~k z&g3`qo9}*izI)F3oqNu`pOKLP1{h#~0R|XgfB~-!ATW9Zz-Z0SDri}W{jX%F@RT_o zo}#Y7HK}+Gso#B!^HT~O-u=l3kJW6*9W3!|6StYfuY+f}R?3`1Mvhh9DcyALZ2EGR6lRHa%d z9R(zR&jzKa8+00VFA`v}Y66fkd(HjwshN5@%(Q#}$~rH=E;_EN0R0Y1g<&xGRU^!b zN9It{tXCuOUoMEn=F@}yzF7BPq^lY5#Az>3Tz`!RjE|C0{k)W#wt({KU3fO92ISl3 zRm;Xir_*uOof$Qxf0w^zS!!%P*Rwh6@{H5^eSqAhT+5tUT%pZly8)=wMqgFwGd zjoP8k_x1PB%g*_CMn*=-qF8bDw^?rhb zgGu^#z5Vd;Z~}+JS^C*4JboO?%FC;UhKAxhJ3IXg3JMb|Dk@0qgalbtRkiHm#abDa zO1*AjVc|%jP(+!T*?;gMktM&`u;Gunxw)S19`27!-!!EM1yMttTwE`Ccz<~OJ}@va z771`dU4xSTQj&fk1F?IrzD`Ip5s8+zB#;tn2)$v$(vx{1;wc zUNyOSM`U$%eA&*OyB;PcCX&JVApcR^(2 zwjOUEpVpkihgIF(-Oi4Vj!jG!3sO?jfE5!vl9Q89-p*i1eMqFs+kc~?$~Z5UR#;eA zUP@}JS|Dibt*YkT`e4sTRiALVfzi>-;pF7x_q~bUch|39pJ--g=70=H($h0OjEZ9R zrKRmZ>mLws$KOAY8^w&;N2k-n2?RoerKM$PQc}|HgoK3OA^`)4r_SfhA&n8mYDY<4zd0my z(%9HI6)_MABpo?&WIqz}t`UhwvvhKD+V1Zk#70|#Dks6Yw6yeX7Ar1}%jMeJ+S=mL z4usg)*u3TD=E2;%cORZep@cCQjCBP?pKjg}8yk4+*fA!J7JqH$>gpO}Zf+j!>FF6A z7nkIMg5Qqje3k{2ok!c0ioyV)NFL#IdK zD%PDHLkV1gqJwEh49 delta 1570 zcmV+-2Hp9c53>xAB!2{FK}|sb0I`n?{9y$E00rtvL_t(&-tAX=OjB1J)@5q8Y-%#i z{#pVKbTMYj7TI(<6J6AhY;&8)7Uy_M7T%jf%r+E=qKM)ICbpC}(iV!L@@RRqfVLGW z&`Y5L1<{sATcPyb-u4#z+bM!EZWATo{NsMfm(z33@0|Pl?tlIAJEu#QkRU;V1PKx( zNRU`?0KjU(sM+e!NHcL&my#IfEA6AVly>b99{A5nsARy~ww{9C4Z1YZICq$)ZeLnBRXKAVN16yMV=!$$`q9zQ?4ToWzz7OpBv4t04v)SIUNhuC1 z^8+vyc*7lLG>jL03Z^`df6!X|FhN@h>gRj>Yk$lv)fYXHmDYi>EEvWbQs6%8AgF78 z2FHC_%7RrRR3g15dU+xnV-u(@dVxI23;K_H{wMFA@&v^h)TW^R3D2j-x;c>O37QNK zw68bZySN$5CF{X1jBh~#-dGR;1VL=E)qZ1Cq;7=kK|atNu<*PdJo7uy2L_Y90dM+A z?0?c~S1ynM+g6+xWRxWMf*@x9qEi^VAM9->#qR6Id@ZxWeWyWOH&cDqIQp3fCR(x& zJ`c5`ykLX$+V2KwRl+Q_g8YzYS?e4Y?RB5>^Aey?j#ScebH_Oxt`1e66G+f&085rW zFC7j?uvFSTUf0m5XS1vH_4SSV-rn9V&wsKOr7^$TszRY?`F6jb?eyui*0{K%twlw} zE^&LilT~q*;BxB;9-l{;EoQ>q7YIZIB`23KnM}=P<>h*Dr-Tr6&~BO?V{LUQ~gTXRUsZR1_f)3Sr;Az}0NF@J%E@h=0DYuB)q? zefQoy)}>3?IGxUbUAuO{WeSCek3Z_Fs;Y*Vm{@3SZG%71zTpuO(Ay^mxm@0?R4Q4c z8qLD z2;)gaK~#9!?N|>aYcgyHO8faX~#)9X2H+A}AP0BoaarvOGeTe}C?aLLuXH#v@SMzVDpx zz3+cRh7ce?fB*pk1PBlyK!5-N0t5&U7+kMkot?_7U1EN-7Lzx3$|cP@ofc8otk>(;zx#U}h79E~D4)JKJY6ro ze+JrWO8z$=mcXN87RZk~16ICUuj*)p=XY74XsHER-G41mE2JQ(z79G~mtNPU)*&HA zyt4wRSmdqv9v2jDfw~fQ4_mHm1JUKUKCCM#=yOlq#XTTCL;-2xT2Qg4gZL%`r2jk! zqVE%+{qYYVZK#4yF&_j1f!WWz%3y}bz%XShhN(Z}3-96nf0pFY zUc9YUE9Am!sT$RBI}OHmM9GlvqgR`$ibc7BsK-$7cml==zYV2qPk2&-w#oTLAgR3x zI;~cNC`a32(x4@eoY|@$U#Q29+oM1h8z?)wuzz0@{VC!VA-tOl8vZSiHB^EIQ&e|! zbc`FU zk4pi&ycC3g>pLeZ+5i|AodrtizzKj1kI`r}kFeWcaIs54YT4=eFB_FX5I-HXV(e0@ z>iVQcAy`cDAV+cU8X3s9*| z1y1n%cbY$Z<_z*IB!K8y{|ivPWq&GMk9K?KDf`Z*zqf#f*;#uI#HHE42zEX^1v;I! zu0P-ZBlWTxOFjP=LK)u@9o!$hQGyDEn%3ORf7aO82z)*t&=*x4x=tJDb~-mV*LmNe zL$u7yeYCW+OamDV#*{(*o)-#*?2Jq%gf005;x}xB#Kc6{v112RR#m}3`+ts&{i7t1 z9t_Ktt$>K7kp{-at*?Ietby6o#AnLns)YaSNwC%U+zXMIiB{VGt%Epy<}7&oc*C_D zH_++}S}Q6llFyty3mX#>ASWlsAuuqIYiDQ2rBbO}GMUWv5Af$kM@L(dNF-ZVH&^cJ z)vFzLrtB`8WM##r(?b{HHh&!)9LN(VPUM=Hm^iOpyVk_R)0;bmJjGxGCrX@)Y|lbt zNk~Wt)YaAXu&JpD%F8Rj-NPMe$BeY@3JTb8;lf3{ zmp@uoUQs;m_v4_rxPQ39s3TpT$;{M^F(1?JM0ElrMhc2|n4_cPs9COVaQf_dXm6JQ zhjRfI1O#Z;tXbn89TOubjUe5^edAoTXc6vvSdY<^loVj3F+ibEY%=bly9J;Jg+bi9 zFJZ~YpMcerDL2s6`@IE7N!_EQSX;xKx$|JAi%Yzhm$%-DN`LJmfTQC_rSzcCytugd z#%}w#0F$k(MEG@_JO0AR(`vP=$|@?Z7z==eA>F=RdN3ehA)rbe?=s6(zauFLYHDg| zxB%A3e^78ReE#`5nCm+imamBB?%#jZHs;e9xrL==OScbP_&y~S6&1DFcA71mJb4NP z&xIG8ngyJU%zp!%;Lvamo6V--B^nSwU%ztY$|#pvE?{nH9)dsDTY%JE4CU@SQgwP>II85_NuW0TAyPmwC4UIXQV!lpqIZLj&*fv17-; z#>OTU-9qy6@>%cb=j55BYHXcz^v@+jgelwnD=`mYbNG6u;&G z-i0{Qkc+S1f?PasAD=mf5?{7_IYdTAI;3T0(&qWihrJnl+p@B5hsM4b*nK}%>~e3__3+u~eO64RWKp79)4J}5X;o|c|2&dA8H@bvTnbOuOAjvCow zZ*Sk?JAcowB|V)v`@acr>kq9j~EiA{jY~1*DG7_r9 z+1c5=x8I>gG``;Zzwvme(fD=OUT5Ff_K=^r|1ov&|B!2{FK}|sb0I`n?{9y$E00*o|L_t(|+U=SPP*m3$$L+M4$(R`@ zW5+hJlPMJ914D?hBaRv^F>R!+3Rcpz0|q6aC=VT-XhO)0ozlh{h-lQ5Y9!5q@>t&T zS{} z5r9RHvK9#d1ONg60e}EN03ZMm00;mC00IC3fB@i81R#_JEW`sp8XFt?o!xG0wcD&j zED_hr{~jB&$CLYyeQ%Ao*=+lm5pADEkqBLJG_>h{phZp?xxNva+`qumk^#;<4E{L+ z;>qum*MDfUaeqZj!&NBbUczw3PTct-4Rm{dHI2I&?4iPQ=P8d&OTcVf7z?A5Mp3g;4*MDR?q>-l)rA|s+lQns-Q!0Y- z+B%quLtxJG2HlhlS}8?uZ8lgEBJ{v*j2Zjg9y((ghFM8G^J9jgj`K$n%g6OCaxEX{ zx-=hXGD0S0PJYf2{}UPz|M`LY`j5u%>C<-MPToG4Z@dOe%^4WfZP2z=pCN7Rcz8T* zvry%{1HJ4th8weBw{n!- zZtq)gUo|59)MJD?PoV7OfaE6ZG3Z~&IU?vc(9 zJkeis9m>+nj%-dR{bJ4l@T1A35P>!ggX9>)f`0?xRN3S6dFIYpH+JCcf4|-*OMqVa z6`2*7g<0ELESBZ`9IdL)`?;m{`W$-u1q_m0LT7A(IdKY@@-txj8%Q2tu@EuuVYPAw zI%j*{aDEUBslS;!00sV_%OgOixI=qo6ZC~gV62D&mEwV(Pkg{yM&};@ZBSaMtZlF) zt$zR|azT6U-yE8=r1ydI_<52GRJre=x9SQ86*;a7=7FLE%oX5GIil%S)I67p! zwicQXSEJ{&^R#qN497W5yWWI!=f19INcTm**dL~3cd)gmJISbgdOn7}ueLtj?lArn zCp5q9jK&kw7ytZ(W>RlLO(&f(c)@A>oPWGS72^WxGiNa6A!OOi%>BxcWm!Ka=M`wr zt%URqPn7yEygE*~f+-2an4y0@08oB30dOm94f6MFc_>ui_YxTCL5$7E2q0^FKc-0p zed+m!N>+6lze9AJ?cu(L?7jIt`MRn5`mV0>$7e%hEc+tIQJd};hKHY=`TM#aCx3nW z!R)QnHFNa*N9R#kSj5v66FoDF$#f&fv7@D>!uNoq&Jn&o&*rMF9@#0tC2^JVaLv0c;3SUY3brg0EfdO@n-Nr&@`1s)a>Hof{+8D zp9z-*+S=PCv2o|2 z)oO9<*fD%2x`yQBWGw&La%eQYe14b&aOiM23X4lf`0U2n_;ZdSJpo{~n;SYhm8h$$ zM|*pR)@(MJ`A&Cqbbs9AAs)bbPfy6@x2juOS|zHkZpqcFiHMGlCL>RV4I4Hf^5{_z zr(nJ3dQ?~6bo47YB+Sv5h{&VFN#5vGc7fDITifkwk|ZUX{sGA}zv0=hl$Mq`azJo! zF!l!p;nJm#8+)``_rJe?8e*}SZ(J9!H^3Yp9}k0J2(Q2XCw~G+hj*h-p{cnAO49J? z=qTboj7N4(E*csdvCGE?{{H?53=G7<&`?ru5JBYKx7)u4Kn&PZRxZP<+h4_Y@9jk1 z_{W*E2n!3xz<`$jT>eKA-`KzZO#)5@J~ye=J@SqYCHTBmU;hPS"], +"permissions": ["webRequest","webRequestBlocking","","storage","activeTab"], +"options_ui": { + "page": "setwhitelist.html", + "browser_style": true +}, "icons": { + "32": "icons/icon-32.png", "48": "icons/icon-48.png", "64": "icons/icon-64.png" }, -"background": { - "scripts": ["stop_cf_mitm.js"] +"browser_action": { +"browser_style": true, +"default_icon": { + "16": "icons/icon-16.png", + "32": "icons/icon-32.png" +} +}, +"background": {"scripts": ["stop_cf_mitm.js"]}, +"applications": { + "gecko": { + "id": "{d86b44dd-ef12-4f28-ab1c-ea32664490ac}", + "strict_min_version": "52.0" + } } } \ No newline at end of file diff --git a/src/setwhitelist.html b/src/setwhitelist.html new file mode 100644 index 000000000..4304a2648 --- /dev/null +++ b/src/setwhitelist.html @@ -0,0 +1,18 @@ +
+[Whitelist]
+1. Add FQDN you want to ignore. One FQDN per line. Click "Save".
+2. Open new tab and visit whitelisted website.
+
+
+[Advanced]
+
+
+
+
+
+
+
+
+ +
+ \ No newline at end of file diff --git a/src/setwhitelist.js b/src/setwhitelist.js new file mode 100644 index 000000000..5d009b417 --- /dev/null +++ b/src/setwhitelist.js @@ -0,0 +1,44 @@ +function saveWhitelist(e) { +e.preventDefault(); +//WHITELIST +// check each line and remove bad fqdn (simple check) +var cf_tmpdata=document.querySelector("#myset_cfwhite").value.split("\n"); +for (var i=0;ib}).reduce(function(a,b){if (a.slice(-1)[0]!==b){a.push(b);};return a;},[]);// -duplicate +cf_tmpdata=cf_tmpdata.filter(v=>v!='');// -empty +cf_tmpdata=cf_tmpdata.join("\n"); +browser.storage.local.set({myset_cfwhite: cf_tmpdata}); +document.querySelector("#myset_cfwhite").value=cf_tmpdata; +//workaround - simplewarn didn't work as expected if igncj is active +if (document.querySelector("#myset_xsimplewarn").checked){document.querySelector("#myset_xigncj").checked=false;} +//ADVANCED +if (document.querySelector("#myset_xincapsula").checked){browser.storage.local.set({myset_xincapsula: "y"});}else{browser.storage.local.set({myset_xincapsula: "n"});} +if (document.querySelector("#myset_xgshield").checked){browser.storage.local.set({myset_xgshield: "y"});}else{browser.storage.local.set({myset_xgshield: "n"});} +if (document.querySelector("#myset_xsucuri").checked){browser.storage.local.set({myset_xsucuri: "y"});}else{browser.storage.local.set({myset_xsucuri: "n"});} +if (document.querySelector("#myset_xignhttp").checked){browser.storage.local.set({myset_xignhttp: "y"});}else{browser.storage.local.set({myset_xignhttp: "n"});} +if (document.querySelector("#myset_xigncj").checked){browser.storage.local.set({myset_xigncj: "y"});}else{browser.storage.local.set({myset_xigncj: "n"});} +if (document.querySelector("#myset_xsimplewarn").checked){browser.storage.local.set({myset_xsimplewarn: "y"});}else{browser.storage.local.set({myset_xsimplewarn: "n"});} +} +function loadWhitelist(){ +function setCurrentChoice(r){ +//WHITELIST +document.querySelector("#myset_cfwhite").value = r.myset_cfwhite||""; +//ADVANCED +if (r.myset_xincapsula=='y'){document.querySelector("#myset_xincapsula").checked=true;}else{document.querySelector("#myset_xincapsula").checked=false;} +if (r.myset_xgshield=='y'){document.querySelector("#myset_xgshield").checked=true;}else{document.querySelector("#myset_xgshield").checked=false;} +if (r.myset_xsucuri=='y'){document.querySelector("#myset_xsucuri").checked=true;}else{document.querySelector("#myset_xsucuri").checked=false;} +if (r.myset_xignhttp=='y'){document.querySelector("#myset_xignhttp").checked=true;}else{document.querySelector("#myset_xignhttp").checked=false;} +if (r.myset_xigncj=='y'){document.querySelector("#myset_xigncj").checked=true;}else{document.querySelector("#myset_xigncj").checked=false;} +if (r.myset_xsimplewarn=='y'){document.querySelector("#myset_xsimplewarn").checked=true;}else{document.querySelector("#myset_xsimplewarn").checked=false;} +} +function onError(e){console.log(`CFMITM_CFG Error:${e}`);} +var getting=browser.storage.local.get(); +getting.then(setCurrentChoice, onError); +} +document.addEventListener("DOMContentLoaded", loadWhitelist); +document.querySelector("form").addEventListener("submit", saveWhitelist); \ No newline at end of file diff --git a/src/stop_cf_mitm.js b/src/stop_cf_mitm.js index c438d2bce..74c4f4c9b 100644 --- a/src/stop_cf_mitm.js +++ b/src/stop_cf_mitm.js @@ -6,8 +6,38 @@ * http://www.crimeflare.com/ */ -function analyzemydata(res) { - //console.log("mitmdetector: scanning: "+res.url); +var cf_ignore=[]; +var cf_history=[];//used by whitelist-from-warnpage +var stop_incapsula=0; +var stop_gshield=0; +var stop_sucuri=0; +var ign_phttp=0; +var ign_rescj=0; +var do_simplewarn=0; + +function whitelist_reload(w){ +//WHITELIST +if (w.myset_cfwhite){ +var tmp_whitelist=w.myset_cfwhite; +tmp_whitelist=tmp_whitelist.split("\n").filter(v=>v!=''); +cf_ignore=tmp_whitelist; +//console.log(cf_ignore); +}else{cf_ignore=[];} +//ADVANCED +if (w.myset_xincapsula=='y'){stop_incapsula=1;}else{stop_incapsula=0;} +if (w.myset_xgshield=='y'){stop_gshield=1;}else{stop_gshield=0;} +if (w.myset_xsucuri=='y'){stop_sucuri=1;}else{stop_sucuri=0;} +if (w.myset_xignhttp=='y'){ign_phttp=1;}else{ign_phttp=0;} +if (w.myset_xigncj=='y'){ign_rescj=1;}else{ign_rescj=0;} +if (w.myset_xsimplewarn=='y'){do_simplewarn=1;}else{do_simplewarn=0;} +} + +function onError(e){console.log(`CFMITM Error:${e}`);} + +function analyzemydata(res){ +var lmcfg=browser.storage.local.get();lmcfg.then(whitelist_reload,onError);// load latest settings without restarting a browser + +//console.log("CFMITM: scanning: "+res.url); var cflink = document.createElement('a'); cflink.setAttribute('href',res.url); var cf_hostname = cflink.hostname; @@ -15,30 +45,109 @@ function analyzemydata(res) { var cf_gothead = res.responseHeaders; cflink = null; - if ((cf_protocol == 'http:' || cf_protocol == 'https:') && - cf_hostname.length >= 4) { - //console.log("mitmdetector: testing...: "+res.url); - var is_cloudflare_infected=0; // 2 to confirm +//whitelisted by default (destination is same) +if (cf_hostname.endsWith('.cloudflare.com')||cf_hostname=='cloudflare.com'){return;} +if (stop_incapsula==1){if (cf_hostname.endsWith('.incapsula.com')||cf_hostname=='incapsula.com'){return;}} +if (stop_gshield==1){if (cf_hostname.endsWith('.withgoogle.com')||cf_hostname.endsWith('.google.com')){return;}} +if (stop_sucuri==1){if (cf_hostname.endsWith('.sucuri.net')||cf_hostname=='sucuri.net'){return;}} +//whitelisted +if (cf_ignore.includes(cf_hostname)){return;} +if (cf_protocol=='http:' && ign_phttp==1){return;} +if (ign_rescj==1 && /^http(.*)\.(js|css|jpg|jpeg|gif|png|tif|ico|svg|woff|woff2|ttf|cur|ani)(|\?(.*))$/.test(res.url)){return;} - for (var i=0; i < cf_gothead.length; i++) { - var cfv=cf_gothead[i]; - if (cfv['name'] == 'cf-ray' && cfv['value'] != undefined) { - is_cloudflare_infected += 1; - } - if (cfv['name'] == 'server' && cfv['value'].includes("cloudflare")) { - is_cloudflare_infected += 1; - } - if (is_cloudflare_infected == 2) { - break; - } - } - if (is_cloudflare_infected >= 1) { - console.log('SECURITY_WARN: Cloudflare Detected: '+res.url); - return {redirectUrl: "https://0.0.0.0/"}; // just drop the connection - } + if ((cf_protocol == 'http:' || cf_protocol == 'https:') && cf_hostname.length >= 4) { + +//console.log("CFMITM: testing...: "+res.url); + +var mitm_isdetected=0; +var mitm_cdnname='Cloudflare'; + +for (var i=0;i +if (mitm_isdetected>=2){break;} +} + + +var cfblockscreen=''; +if (mitm_isdetected>=1){ + +//add to history (used in gotwhitelistrequest()) +if (cf_history.length>=10){cf_history=[];} +if (!cf_history.includes(cf_hostname)){cf_history.push(cf_hostname);} + + +if (do_simplewarn!=1){// block + +console.log('SECURITY_WARN: '+mitm_cdnname+' MiTM Detected: '+res.url); +cfblockscreen='document.documentElement.innerHTML=atob(\'<html xmlns="http://www.w3.org/1999/xhtml"><head><title>Insecure Connection</title>
<!--
This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0.
If a copy of the MPL was not distributed with this file, You can obtain one at https://mozilla.org/MPL/2.0/.
//-->
<link id="favicon" rel="icon" type="image/x-icon" href="data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOzk4OKpMSkq6UE9PulRTU7pXV1e6W1tbul1dXbpbW1u6WFhYulVVVbpTU1O6UFBQukxMTLotLS2bAAAAOzY0NJ7Y3Nz/v9zh/8He4//D4eb/xuTp/8jm6//I5On/x+Po/8bj6f/E4ef/wt/l/8Hd4/+/2d//3N/f/xkZGYU2NTWd2N7e/xekxf8WueD/Frrh/xa74f8Ur9P/Iiwu/yIsLv8Ws9//F7De/xer3P8Xptr/IJS6/97g4f8ZGRmCAAAAV9HQ0O91s7z/F8Hj/xbC4/8Ww+T/FLbV/yArLf8gKy3/Frrh/xa13/8XsN7/FqbV/5G3vf+xsbHUAAAARQAAAC5oZ2eV2N7f/yWtv/8Xyub/Fsrm/xbJ5v8Zq8f/GavH/xbA4/8Wu+H/FrXf/zWguf/Z2dn/Ly8veAAAABwAAAAAAAAASsbFxd2gy87/KtTm/xnU6v8W0Oj/FEJI/xRCSP8WxeX/Fr/j/xWw0/+swsP/k5OTtgAAADoAAAAAAAAAAAAAACFFRUV+6evr/zq1vv8w5PH/J9/v/yIiIv8iIiL/Fsrm/xbE5P9Xq7n/19fX+BkZGW0AAAAKAAAAAAAAAAAAAAAAAAAAPre2tsnA3uD/LNrj/y/o8v8rKyv/Kysr/yvb7v8mvdD/xM/P/3d3d6AAAAA0AAAAAAAAAAAAAAAAAAAAAAAAABUbGxtt8PDw+FrAw/8u7PP/NDQ0/zQ0NP8w3e//gLu//8jIyOgAAABRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANJ2dnbTS4+T/KdDV/zQ8PP80QEH/NL3J/9XZ2f9WVlaLAAAAKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkAAABX39/f733Exv8t5vH/Ldrp/5rBw/+2trbUAAAARQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALm1tbZXf5ub/LLnD/0S7xP/d3d3/MTExeAAAABwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKx8fH3bHP0f+8zM3/l5eXtgAAADoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAITIyMna+vr7Trq6uyRkZGW0AAAAKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbAAAARAAAAD4AAAAVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA//8AAIABAAAAAAAAAAAAAIABAACAAwAAwAMAAOAHAADgBwAA8A8AAPAPAAD4HwAA+D8AAPw/AAD+fwAA//8AAA==">
<style type="text/css">@namespace html "http://www.w3.org/1999/xhtml";@namespace xul "http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul";*|*:root{--in-content-page-color:#424e5a;--in-content-page-background:#fbfbfb;--in-content-text-color:#333;--in-content-selected-text:#fff;--in-content-header-border-color:#c8c8c8;--in-content-box-background:#fff;--in-content-box-background-odd:#f3f6fa;--in-content-box-background-hover:#ebebeb;--in-content-box-background-active:#dadada;--in-content-box-border-color:#c1c1c1;--in-content-item-hover:rgba(0,149,221,0.25);--in-content-item-selected:#0095dd;--in-content-border-highlight:#ff9500;--in-content-border-focus:#0095dd;--in-content-border-color:#c1c1c1;--in-content-category-text:#c1c1c1;--in-content-category-border-focus:1px dotted #fff;--in-content-category-text-selected:#f2f2f2;--in-content-category-background:#424f5a;--in-content-category-background-hover:#5e6972;--in-content-category-background-active:#343f48;--in-content-tab-color:#424f5a;--in-content-link-color:#0095dd;--in-content-link-color-hover:#178ce5;--in-content-link-color-active:#ff9500;--in-content-link-color-visited:#551a8b;--in-content-primary-button-background:#0095dd;--in-content-primary-button-background-hover:#008acb;--in-content-primary-button-background-active:#006b9d;--in-content-table-border-dark-color:#d1d1d1;--in-content-table-header-background:#0095dd}html|html,xul|page,xul|window{font:message-box;-moz-appearance:none;background-color:var(--in-content-page-background);color:var(--in-content-page-color)}html|body{font-size:15px;font-weight:normal;margin:0}html|h1{font-size:2.5em;font-weight:lighter;line-height:1.2;color:var(--in-content-text-color);margin:0;margin-bottom:.5em}html|hr{border-style:solid none none none;border-color:var(--in-content-border-color)}xul|caption{-moz-appearance:none;margin:0}xul|caption>xul|checkbox,xul|caption>xul|label{font-size:1.3rem;font-weight:bold;line-height:22px}xul|caption>xul|checkbox,xul|caption>xul|label{margin:0!important}*|*.main-content{padding-top:40px;padding-inline-end:44px;padding-bottom:48px;padding-inline-start:48px;overflow:auto}xul|prefpane>xul|*.content-box{overflow:visible}xul|groupbox{-moz-appearance:none;border:0;margin:15px 0 0;padding-inline-start:0;padding-inline-end:0;font-size:1.25rem}xul|groupbox xul|label:not(.menu-accel):not(.menu-text):not(.indent),xul|groupbox xul|description{margin-inline-start:0!important;margin-inline-end:0!important}xul|tabpanels{-moz-appearance:none;font-size:1.25rem;line-height:22px;border:0;padding:0;background-color:transparent;color:inherit}xul|tabs{margin-bottom:15px;border-top:1px solid var(--in-content-box-border-color);border-bottom:1px solid var(--in-content-box-border-color);background-color:var(--in-content-page-background)}xul|*.tabs-left,xul|*.tabs-right{border-bottom:0}xul|tab{-moz-appearance:none;margin-top:0;padding:4px 20px;min-height:44px;color:var(--in-content-tab-color);background-color:var(--in-content-page-background);border-width:0;border-radius:0!important;transition:background-color 50ms ease 0s}xul|tab:hover{background-color:var(--in-content-box-background-hover)}xul|tab[selected]{background-color:var(--in-content-box-background-hover);padding-bottom:0;border-bottom:4px solid var(--in-content-border-highlight)}xul|*.tab-text{font-size:1.3rem;line-height:22px}html|button{padding:3px;font:inherit}*|button,html|select,xul|colorpicker[type="button"],xul|menulist{-moz-appearance:none;min-height:30px;color:var(--in-content-text-color);border:1px solid var(--in-content-box-border-color);-moz-border-top-colors:none!important;-moz-border-right-colors:none!important;-moz-border-bottom-colors:none!important;-moz-border-left-colors:none!important;border-radius:2px;background-color:var(--in-content-page-background)}html|button:enabled:hover,html|select:enabled:hover,xul|button:not([disabled="true"]):hover,xul|colorpicker[type="button"]:not([disabled="true"]):hover,xul|menulist:not([disabled="true"]):hover{background-color:var(--in-content-box-background-hover)}html|button:enabled:hover:active,html|select:enabled:hover:active,xul|button:not([disabled="true"]):hover:active,xul|colorpicker[type="button"]:not([disabled="true"]):hover:active,xul|menulist[open="true"]:not([disabled="true"]){background-color:var(--in-content-box-background-active)}html|button:disabled,html|select:disabled,xul|button[disabled="true"],xul|colorpicker[type="button"][disabled="true"],xul|menulist[disabled="true"]{opacity:.5}*|button.primary{background-color:var(--in-content-primary-button-background);border-color:transparent;color:var(--in-content-selected-text)}html|button.primary:enabled:hover,xul|button.primary:not([disabled="true"]):hover{background-color:var(--in-content-primary-button-background-hover)}html|button.primary:enabled:hover:active,xul|button.primary:not([disabled="true"]):hover:active{background-color:var(--in-content-primary-button-background-active)}xul|colorpicker[type="button"]{padding:6px;width:50px}xul|button>xul|*.button-box{padding-right:10px!important;padding-left:10px!important}xul|menulist>xul|*.menulist-label-box>xul|*.menulist-icon[src]{margin-inline-end:5px}xul|button[type="menu"]>xul|*.button-box>xul|*.button-menu-dropmarker{-moz-appearance:none;margin:1px 0;margin-inline-start:10px;padding:0;width:10px;height:16px;border:0;background-color:transparent}xul|button[type="menu"]>xul|menupopup{-moz-appearance:none;border:1px solid var(--in-content-box-border-color);border-radius:2px;background-color:var(--in-content-box-background)}xul|menulist>xul|menupopup xul|menu,xul|menulist>xul|menupopup xul|menuitem,xul|button[type="menu"]>xul|menupopup xul|menu,xul|button[type="menu"]>xul|menupopup xul|menuitem{-moz-appearance:none;font-size:1em;color:var(--in-content-text-color);padding-top:.2em;padding-bottom:.2em;padding-inline-start:10px;padding-inline-end:30px}xul|menulist>xul|menupopup>xul|menu:not([disabled="true"])[_moz-menuactive="true"],xul|menulist>xul|menupopup>xul|menuitem:not([disabled="true"])[_moz-menuactive="true"],xul|button[type="menu"]>xul|menupopup>xul|menu:not([disabled="true"])[_moz-menuactive="true"],xul|button[type="menu"]>xul|menupopup>xul|menuitem:not([disabled="true"])[_moz-menuactive="true"]{color:var(--in-content-text-color);background-color:var(--in-content-item-hover)}xul|menulist>xul|menupopup>xul|menu:not([disabled="true"])[selected="true"],xul|menulist>xul|menupopup>xul|menuitem:not([disabled="true"])[selected="true"],xul|button[type="menu"]>xul|menupopup>xul|menu:not([disabled="true"])[selected="true"],xul|button[type="menu"]>xul|menupopup>xul|menuitem:not([disabled="true"])[selected="true"]{color:var(--in-content-selected-text);background-color:var(--in-content-item-selected)}xul|menulist>xul|menupopup>xul|menu[disabled="true"],xul|menulist>xul|menupopup>xul|menuitem[disabled="true"],xul|button[type="menu"]>xul|menupopup>xul|menu[disabled="true"],xul|button[type="menu"]>xul|menupopup>xul|menuitem[disabled="true"]{color:#999;background-color:transparent}xul|menulist>xul|menupopup xul|menuseparator,xul|button[type="menu"]>xul|menupopup xul|menuseparator{-moz-appearance:none;margin:0;padding:0;border-top:1px solid var(--in-content-box-border-color);border-bottom:0}html|input[type="text"],html|textarea,xul|textbox{-moz-appearance:none;color:var(--in-content-text-color);border:1px solid var(--in-content-box-border-color);-moz-border-top-colors:none!important;-moz-border-right-colors:none!important;-moz-border-bottom-colors:none!important;-moz-border-left-colors:none!important;border-radius:2px;background-color:var(--in-content-box-background)}xul|textbox{min-height:30px;padding-right:10px;padding-left:10px}xul|textbox.tree-input{min-height:unset;padding-right:unset;padding-left:unset}html|input[type="text"],html|textarea{font-family:inherit;font-size:inherit;padding:5px 10px}html|input[type="text"]:focus,html|textarea:focus,xul|textbox[focused]{border-color:var(--in-content-border-focus)}html|input[type="text"]:disabled,html|textarea:disabled,xul|textbox[disabled="true"]{opacity:.5}html|a,.text-link{color:var(--in-content-link-color);text-decoration:none}html|a:hover,.text-link:hover{color:var(--in-content-link-color-hover);text-decoration:underline}html|a:visited{color:var(--in-content-link-color-visited)}html|a:hover:active,.text-link:hover:active{color:var(--in-content-link-color-active);text-decoration:none}html|input[type="checkbox"]{opacity:0;width:0;pointer-events:none;position:absolute}html|input[type="checkbox"]+html|label:before{display:inline-block;content:"";vertical-align:middle}html|input[type="checkbox"]+html|label{line-height:0}xul|checkbox{margin-inline-start:0}xul|*.checkbox-check,html|input[type="checkbox"]+html|label:before{-moz-appearance:none;width:23px;height:23px;border-radius:2px;border:1px solid var(--in-content-box-border-color);margin-inline-end:10px;background-color:#f1f1f1;background-image:linear-gradient(#fff,rgba(255,255,255,0.8))!important;background-position:center center;background-repeat:no-repeat;box-shadow:0 1px 1px 0 #fff,inset 0 2px 0 0 rgba(0,0,0,0.03)}xul|checkbox:not([disabled="true"]):hover>xul|*.checkbox-check,html|input[type="checkbox"]:not(:disabled)+html|label:hover:before{border-color:var(--in-content-border-focus)}xul|checkbox[disabled="true"]>xul|*.checkbox-check,html|input[type="checkbox"]:disabled+html|label{opacity:.5}xul|*.checkbox-label-box{margin-inline-start:-1px;padding-inline-start:0}xul|richlistitem>xul|*.checkbox-check{margin:3px 6px}xul|radio{margin-inline-start:0}xul|*.radio-check{-moz-appearance:none;width:23px;height:23px;border:1px solid var(--in-content-box-border-color);border-radius:50%;margin-inline-end:10px;background-color:#f1f1f1;background-image:linear-gradient(#fff,rgba(255,255,255,0.80));box-shadow:0 1px 1px 0 #fff,inset 0 2px 0 0 rgba(0,0,0,0.03)}xul|radio:not([disabled="true"]):hover>xul|*.radio-check{border-color:var(--in-content-border-focus)}xul|radio[disabled="true"]>xul|*.radio-check{opacity:.5}xul|*.radio-label-box{margin-inline-start:-1px;margin-inline-end:10px;padding-inline-start:0}*|*#categories{-moz-appearance:none;background-color:var(--in-content-category-background);padding-top:39px;margin:0;border-width:0}*|*.category{-moz-appearance:none;color:var(--in-content-category-text);border-inline-end-width:0;padding-inline-start:15px;padding-inline-end:21px;min-height:40px;transition:background-color 150ms}*|*.category:hover{background-color:var(--in-content-category-background-hover)}*|*.category[selected],*|*.category.selected{background-color:var(--in-content-category-background-active);color:var(--in-content-category-text-selected);padding-inline-start:11px;border-inline-start:solid 4px var(--in-content-border-highlight)}*|*#categories[keyboard-navigation="true"]:-moz-focusring>*|*.category[current]{border-top:var(--in-content-category-border-focus);border-bottom:var(--in-content-category-border-focus)}*|*.category-name{line-height:22px;font-size:1.25rem;padding-bottom:2px;padding-inline-start:9px;margin:0;-moz-user-select:none}*|*.category-icon{width:24px;height:24px}*|*.header{border-bottom:1px solid var(--in-content-header-border-color);margin-inline-end:4px;margin-bottom:15px;padding-bottom:15px;-moz-box-align:baseline}*|*.header-name{font-size:2.5rem;font-weight:normal;line-height:40px;margin:0;-moz-user-select:none}xul|filefield{-moz-appearance:none;background-color:transparent;border:0;padding:0}xul|*.fileFieldContentBox{background-color:transparent}xul|*.fileFieldIcon{margin-inline-start:10px;margin-inline-end:0}xul|*.fileFieldLabel{margin-inline-start:-26px;padding-inline-start:36px}xul|textbox+xul|button,xul|filefield+xul|button{border-inline-start:none}xul|richlistbox,xul|listbox{-moz-appearance:none;margin-inline-start:0;background-color:var(--in-content-box-background);border:1px solid var(--in-content-box-border-color);color:var(--in-content-text-color)}xul|treechildren::-moz-tree-row,xul|listbox xul|listitem{padding:.3em;margin:0;border:0;border-radius:0;background-image:none}xul|treechildren::-moz-tree-row(hover),xul|listbox xul|listitem:hover{background-color:var(--in-content-item-hover)}xul|treechildren::-moz-tree-row(selected),xul|listbox xul|listitem[selected="true"]{background-color:var(--in-content-item-selected);color:var(--in-content-selected-text)}xul|tree{-moz-appearance:none;font-size:1em;border:1px solid var(--in-content-box-border-color);background-color:var(--in-content-box-background);margin:0}xul|tree:-moz-focusring,xul|richlistbox:-moz-focusring{border:1px dotted var(--in-content-border-focus)}xul|listheader,xul|treecols{-moz-appearance:none;border:0;border-bottom:1px solid var(--in-content-border-color);padding:0}.autocomplete-tree>xul|treecols{border-bottom:none!important}xul|treecol:not([hideheader="true"]),xul|treecolpicker{-moz-appearance:none;border:0;background-color:var(--in-content-box-background-hover);color:#808080;padding:5px 10px}xul|treecol:not([hideheader="true"]):not([sortable="false"]):hover,xul|treecolpicker:hover{background-color:var(--in-content-box-background-active);color:var(--in-content-text-color)}xul|treecol:not([hideheader="true"]):not(:first-child),xul|treecolpicker{border-inline-start-width:1px;border-inline-start-style:solid;border-image:linear-gradient(transparent 0,transparent 20%,#c1c1c1 20%,#c1c1c1 80%,transparent 80%,transparent 100%) 1 1}xul|treecol:not([hideheader="true"])>xul|*.treecol-sortdirection[sortDirection]{width:18px;height:18px}xul|treecol:not([hideheader="true"])>xul|*.treecol-sortdirection[sortDirection="ascending"]{transform:scaleY(-1)}xul|treechildren::-moz-tree-row{min-height:2em}xul|treechildren::-moz-tree-cell-text{color:var(--in-content-text-color)}xul|treechildren::-moz-tree-cell-text(selected){color:var(--in-content-selected-text)}xul|caption{background-color:transparent}xul|button,html|button,xul|colorpicker[type="button"],xul|menulist{margin:2px 4px}xul|menulist:not([editable="true"])>xul|*.menulist-dropmarker{margin-top:1px;margin-bottom:1px}xul|checkbox{padding-inline-start:0}xul|*.button-box,xul|*.menulist-label-box,xul|*.radio-label-box,xul|*.checkbox-label-box{border-style:none}xul|button:-moz-focusring>xul|*.button-box,xul|menulist:-moz-focusring>xul|*.menulist-label-box,xul|radio[focused="true"]>xul|*.radio-label-box,html|input[type="checkbox"]:-moz-focusring+html|label:before,xul|checkbox:-moz-focusring>xul|*.checkbox-label-box{outline:1px dotted}body{display:flex;flex-direction:column;box-sizing:border-box;min-height:100vh;padding-top:0;padding-bottom:0;padding-inline-start:calc(48px+4.6em);padding-inline-end:48px;align-items:center;justify-content:center}.container{min-width:13em;max-width:52em}.container.restore-chosen{display:flex;flex-direction:column;flex-grow:1;margin:10vh 0}.title{background-position:left 0;background-repeat:no-repeat;background-size:1.6em;margin-inline-start:-2.3em;padding-inline-start:2.3em;font-size:2.5em}.title:dir(rtl){background-position:right 0}.title-text{border-bottom:1px solid #c1c1c1;font-size:inherit;padding-bottom:.4em}.button-container{margin-top:1.2em}.button-container>button{min-width:150px}.button-container>button:first-child{margin-inline-start:0}body{background-size:64px 32px;background-repeat:repeat-x;padding:75px 0;min-width:13em}.button-container{display:flex;flex-flow:row wrap}.button-spacer{flex:1}body{background-image:linear-gradient(-45deg,#f0d000,#f0d000 33%,#fedc00 33%,#fedc00 66%,#f0d000 66%,#f0d000)}#returnButton{min-width:250px}.container{position:relative}</style>
</head><body>
<div id="errorPageContainer" class="container">
<div class="title"><h1 class="title-text">Your connection is not secure</h1></div><div id="errorLongContent">
<div id="errorShortDesc"><p id="errorShortDescText">
The owner of this website has configured their website improperly.
The connection between you and \')+\''+cf_hostname+' is being MITMed by '+mitm_cdnname+'\'+atob(\'LgpUbyBwcm90ZWN0IHlvdXIgaW5mb3JtYXRpb24gZnJvbSBiZWluZyBzdG9sZW4sIHRoZSBhZGQtb24gc3RvcHBlZCBmdXJ0aGVyIGNvbm5lY3Rpb24gdG8gdGhpcyB3ZWJzaXRlLgo8L3A+PC9kaXY+PGRpdiBpZD0iY2VydEVycm9yQW5kQ2FwdGl2ZVBvcnRhbEJ1dHRvbkNvbnRhaW5lciIgY2xhc3M9ImJ1dHRvbi1jb250YWluZXIiPgo8YnV0dG9uIGlkPSJyZXR1cm5CdXR0b24iIGNsYXNzPSJwcmltYXJ5IiBhdXRvY29tcGxldGU9Im9mZiIgb25jbGljaz0iaGlzdG9yeS5nbygtMSkiPkdvIEJhY2s8L2J1dHRvbj4KPGRpdiBjbGFzcz0iYnV0dG9uLXNwYWNlciI+PC9kaXY+CjxidXR0b24gaWQ9ImFkdmFuY2VkQnV0dG9uIiBhdXRvY29tcGxldGU9Im9mZiIgb25jbGljaz0iaWYgKGNvbmZpcm0oJ0RvIHlvdSByZWFsbHkgd2FudCB0byBhZGQg\')+\''+cf_hostname+'\'+atob(\'IHRvIHdoaXRlbGlzdD8nKSl7ZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJ2FjbGluaycpLnNyYz0naHR0cHM6Ly8wLjAuMC4wL2NmbWl0bV9hZGRvbi9hbGxvdy8=\')+\''+cf_hostname+'?'+btoa(cf_hostname)+'\'+atob(\'Jzt9Ij5BZGQgRXhjZXB0aW9uPC9idXR0b24+CjwvZGl2Pgo8L2Rpdj4KPC9kaXY+CjxkaXYgc3R5bGU9ImRpc3BsYXk6bm9uZSI+PGlmcmFtZSBpZD0iYWNsaW5rIiBzcmM9Imh0dHBzOi8vMC4wLjAuMC9jZm1pdG1fYWRkb24vIj48L2lmcmFtZT48L2Rpdj4KPC9ib2R5PjwvaHRtbD4=\');window.stop();'; +var blockingCFnow=browser.tabs.executeScript(res.tabId,{code: cfblockscreen});blockingCFnow.then(()=>{return {cancel: true};},onError); + +}else{// warning only + +console.log('SECURITY_ALERT: '+mitm_cdnname+' MiTM Detected: '+res.url); +cfblockscreen='var orig_dt=document.title;setInterval(function(){var link=document.querySelector("link[rel*=\'icon\']")||document.createElement(\'link\');link.type=\'image/x-icon\';link.rel=\'icon\';link.href=\'data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOzk4OKpMSkq6UE9PulRTU7pXV1e6W1tbul1dXbpbW1u6WFhYulVVVbpTU1O6UFBQukxMTLotLS2bAAAAOzY0NJ7Y3Nz/v9zh/8He4//D4eb/xuTp/8jm6//I5On/x+Po/8bj6f/E4ef/wt/l/8Hd4/+/2d//3N/f/xkZGYU2NTWd2N7e/xekxf8WueD/Frrh/xa74f8Ur9P/Iiwu/yIsLv8Ws9//F7De/xer3P8Xptr/IJS6/97g4f8ZGRmCAAAAV9HQ0O91s7z/F8Hj/xbC4/8Ww+T/FLbV/yArLf8gKy3/Frrh/xa13/8XsN7/FqbV/5G3vf+xsbHUAAAARQAAAC5oZ2eV2N7f/yWtv/8Xyub/Fsrm/xbJ5v8Zq8f/GavH/xbA4/8Wu+H/FrXf/zWguf/Z2dn/Ly8veAAAABwAAAAAAAAASsbFxd2gy87/KtTm/xnU6v8W0Oj/FEJI/xRCSP8WxeX/Fr/j/xWw0/+swsP/k5OTtgAAADoAAAAAAAAAAAAAACFFRUV+6evr/zq1vv8w5PH/J9/v/yIiIv8iIiL/Fsrm/xbE5P9Xq7n/19fX+BkZGW0AAAAKAAAAAAAAAAAAAAAAAAAAPre2tsnA3uD/LNrj/y/o8v8rKyv/Kysr/yvb7v8mvdD/xM/P/3d3d6AAAAA0AAAAAAAAAAAAAAAAAAAAAAAAABUbGxtt8PDw+FrAw/8u7PP/NDQ0/zQ0NP8w3e//gLu//8jIyOgAAABRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANJ2dnbTS4+T/KdDV/zQ8PP80QEH/NL3J/9XZ2f9WVlaLAAAAKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkAAABX39/f733Exv8t5vH/Ldrp/5rBw/+2trbUAAAARQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALm1tbZXf5ub/LLnD/0S7xP/d3d3/MTExeAAAABwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKx8fH3bHP0f+8zM3/l5eXtgAAADoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAITIyMna+vr7Trq6uyRkZGW0AAAAKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbAAAARAAAAD4AAAAVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA//8AAIABAAAAAAAAAAAAAIABAACAAwAAwAMAAOAHAADgBwAA8A8AAPAPAAD4HwAA+D8AAPw/AAD+fwAA//8AAA==\';document.getElementsByTagName(\'head\')[0].appendChild(link);if (!document.title.startsWith(\'[!!\') && !document.title.includes(\'!!]\')){document.title=\'[!!'+mitm_cdnname+'!!] \'+orig_dt;}},2500);'; +var warningCFnow=browser.tabs.executeScript(res.tabId,{code: cfblockscreen});warningCFnow.then(function(){},onError); + +} +} + } return; } -browser.webRequest.onHeadersReceived.addListener(analyzemydata,{urls: [""]},["blocking","responseHeaders"]); +function gotwhitelistrequest(r){ +var v_whitelist=r.url.replace('https://0.0.0.0/cfmitm_addon/allow/','',).split('?',2); +if (v_whitelist.length==2){if (/^([0-9a-z.-]{4,200})$/.test(v_whitelist[0]) && v_whitelist[1]==btoa(v_whitelist[0])){ +if (cf_history.includes(v_whitelist[0])){// found in history, assume this request is valid +console.log('CFMITM: Adding to whitelist: '+v_whitelist[0]); +var _gwr=browser.storage.local.get();_gwr.then(function(r){ +var _currentwhitelist=v_whitelist[0]+"\n";if (r.myset_cfwhite){_currentwhitelist+=r.myset_cfwhite;} +_currentwhitelist=_currentwhitelist.split("\n");for (var l=0;l<_currentwhitelist.length;l++){ +if (!/^([0-9a-z.-]{1,})\.([a-z]{2,20})$/.test(_currentwhitelist[l])||_currentwhitelist[l].startsWith(".")||_currentwhitelist[l].includes("..")|| +_currentwhitelist[l].endsWith(".cloudflare.com")||_currentwhitelist[l]=='cloudflare.com'|| +_currentwhitelist[l].endsWith(".incapsula.com")||_currentwhitelist[l]=='incapsula.com'|| +_currentwhitelist[l].endsWith(".withgoogle.com")||_currentwhitelist[l].endsWith(".google.com")){_currentwhitelist[l]='';} +} +_currentwhitelist=_currentwhitelist.slice().sort(function(a,b){return a>b}).reduce(function(a,b){if (a.slice(-1)[0]!==b){a.push(b);};return a;},[]);// -duplicate +_currentwhitelist=_currentwhitelist.filter(v=>v!='');// -empty +_currentwhitelist=_currentwhitelist.join("\n"); +browser.storage.local.set({myset_cfwhite: _currentwhitelist}); +cf_ignore=_currentwhitelist.split("\n").filter(v=>v!='');//update whitelist +browser.tabs.executeScript({code: 'location.reload();'}); +},onError); +} +}} +return {cancel: true}; +} + +browser.webRequest.onHeadersReceived.addListener(analyzemydata,{urls:["http://*/*","https://*/*"]},["blocking","responseHeaders"]); +browser.webRequest.onBeforeRequest.addListener(gotwhitelistrequest,{urls:["https://0.0.0.0/cfmitm_addon/*"]},["blocking"]); +browser.browserAction.onClicked.addListener(function(t){browser.runtime.openOptionsPage().then(function(){},onError);});