Import XPI and code from addons.mozilla.org

Initial commit. Version 0.0.0-prealpha. - Glance over code to make sure it looks sane - Create git repository - Add substantive files - Fix icons (PNG CRC errors) - Add archival copy of xpi from addons.mozilla.org, with metadata - Add README.md, LICENSE.md - NOT YET TESTED BY MAINTAINER (@nym-zone)
2025-07-08 18:56:57 +00:00 · 2017-12-11 20:45:10 +00:00
commit e2c115d0f2
12 changed files with 115 additions and 0 deletions
--- a/src/icons/icon-48.png
+++ b/src/icons/icon-48.png
--- a/src/icons/icon-64.png
+++ b/src/icons/icon-64.png
--- a/src/manifest.json
+++ b/src/manifest.json
@ -0,0 +1,15 @@
+{
+"manifest_version": 2,
+"name": "Block Cloudflare MiTM Attack",
+"description": "If the destination use Cloudflare, block future request.",
+"version": "1.0.0",
+"homepage_url": "https://trac.torproject.org/projects/tor/ticket/24351",
+"permissions": ["webRequest","webRequestBlocking","<all_urls>"],
+"icons": {
+ "48": "icons/icon-48.png",
+ "64": "icons/icon-64.png"
+},
+"background": {
+ "scripts": ["stop_cf_mitm.js"]
+}
+}
--- a/src/stop_cf_mitm.js
+++ b/src/stop_cf_mitm.js
@ -0,0 +1,33 @@
+/*
+		<<< Detect Cloudflare MiTM Attack >>>
+						by Sw
+	why? because...
+	https://trac.torproject.org/projects/tor/ticket/24351
+	http://www.crimeflare.com/
+*/
+//===============================================
+function analyzemydata(res){
+//console.log("mitmdetector: scanning: "+res.url);
+var cflink=document.createElement('a');cflink.setAttribute('href',res.url);
+var cf_hostname=cflink.hostname;
+var cf_protocol=cflink.protocol;
+var cf_gothead=res.responseHeaders;
+cflink=null;
+if ((cf_protocol=='http:'||cf_protocol=='https:') && cf_hostname.length>=4){
+//console.log("mitmdetector: testing...: "+res.url);
+var is_cloudflare_infected=0;// 2 to confirm
+for(var i=0;i<cf_gothead.length;i++){
+var cfv=cf_gothead[i];
+if (cfv['name']=='cf-ray' && cfv['value']!=undefined){is_cloudflare_infected+=1;}
+if (cfv['name']=='server' && cfv['value'].includes("cloudflare")){is_cloudflare_infected+=1;}
+if (is_cloudflare_infected==2){break;}
+}
+if (is_cloudflare_infected>=1){
+console.log('SECURITY_WARN: Cloudflare Detected: '+res.url);
+return {redirectUrl: "https://0.0.0.0/"};// just drop the connection
+}
+}
+return;
+}
+browser.webRequest.onHeadersReceived.addListener(analyzemydata,{urls: ["<all_urls>"]},["blocking","responseHeaders"]);
+//