deCloudflare/src/stop_cf_mitm.js

/**
 *		<<< Detect Cloudflare MiTM Attack >>>
 *						by Sw
 *	why? because...
 *	https://trac.torproject.org/projects/tor/ticket/24351
 *	http://www.crimeflare.com/
 */

var cf_ignore=[];
var cf_history=[];//used by whitelist-from-warnpage
var stop_incapsula=0;
var stop_gshield=0;
var stop_sucuri=0;
var ign_phttp=0;
var ign_rescj=0;
var do_simplewarn=0;

function whitelist_reload(w){
//WHITELIST
if (w.myset_cfwhite){
var tmp_whitelist=w.myset_cfwhite;
tmp_whitelist=tmp_whitelist.split("\n").filter(v=>v!='');
cf_ignore=tmp_whitelist;
//console.log(cf_ignore);
}else{cf_ignore=[];}
//ADVANCED
if (w.myset_xincapsula=='y'){stop_incapsula=1;}else{stop_incapsula=0;}
if (w.myset_xgshield=='y'){stop_gshield=1;}else{stop_gshield=0;}
if (w.myset_xsucuri=='y'){stop_sucuri=1;}else{stop_sucuri=0;}
if (w.myset_xignhttp=='y'){ign_phttp=1;}else{ign_phttp=0;}
if (w.myset_xigncj=='y'){ign_rescj=1;}else{ign_rescj=0;}
if (w.myset_xsimplewarn=='y'){do_simplewarn=1;}else{do_simplewarn=0;}
}

function onError(e){console.log(`CFMITM Error:${e}`);}

function analyzemydata(res){
var lmcfg=browser.storage.local.get();lmcfg.then(whitelist_reload,onError);// load latest settings without restarting a browser

//console.log("CFMITM: scanning: "+res.url);
  var cflink = document.createElement('a');
  cflink.setAttribute('href',res.url);
  var cf_hostname = cflink.hostname;
  var cf_protocol = cflink.protocol;
  var cf_gothead = res.responseHeaders;
  cflink = null;

//whitelisted by default (destination is same)
if (cf_hostname.endsWith('.cloudflare.com')||cf_hostname=='cloudflare.com'){return;}
if (stop_incapsula==1){if (cf_hostname.endsWith('.incapsula.com')||cf_hostname=='incapsula.com'){return;}}
if (stop_gshield==1){if (cf_hostname.endsWith('.withgoogle.com')||cf_hostname.endsWith('.google.com')){return;}}
if (stop_sucuri==1){if (cf_hostname.endsWith('.sucuri.net')||cf_hostname=='sucuri.net'){return;}}
//whitelisted
if (cf_ignore.includes(cf_hostname)){return;}
if (cf_protocol=='http:' && ign_phttp==1){return;}
if (ign_rescj==1 && /^http(.*)\.(js|css|jpg|jpeg|gif|png|tif|ico|svg|woff|woff2|ttf|cur|ani)(|\?(.*))$/.test(res.url)){return;}


  if ((cf_protocol == 'http:' || cf_protocol == 'https:') && cf_hostname.length >= 4) {

//console.log("CFMITM: testing...: "+res.url);

var mitm_isdetected=0;
var mitm_cdnname='Cloudflare';

for (var i=0;i<cf_gothead.length;i++){
var cfv=cf_gothead[i];
var cfv_vname=cfv['name'];if (cfv_vname!=undefined){cfv_vname=cfv_vname.toLowerCase();}
var cfv_vvalue=cfv['value'];if (cfv_vvalue!=undefined){cfv_vvalue=cfv_vvalue.toLowerCase();}
//<
//Cloudflare
if (cfv_vname=='cf-ray' && cfv_vvalue!=undefined){mitm_isdetected+=1;}
if (cfv_vname=='server' && cfv_vvalue.includes("cloudflare")){mitm_isdetected+=1;}
if (cfv_vname=='cf-cache-status' && cfv_vvalue!=undefined){mitm_isdetected+=1;}
if (cfv_vname=='set-cookie' && cfv_vvalue.includes("__cfduid")){mitm_isdetected+=1;}
//Incapsula
if (stop_incapsula==1){
if (cfv_vname.includes("incap_") && cfv_vvalue!=undefined){mitm_isdetected+=1;mitm_cdnname='Incapsula';}
if (cfv_vname=='x-iinfo' && cfv_vvalue!=undefined){mitm_isdetected+=1;mitm_cdnname='Incapsula';}
if (cfv_vname=='x-cdn' && cfv_vvalue=='incapsula'){mitm_isdetected+=1;mitm_cdnname='Incapsula';}
if (cfv_vname=='set-cookie' && cfv_vvalue.includes("visid_incap_")){mitm_isdetected+=1;mitm_cdnname='Incapsula';}
}
//GPShield
if (stop_gshield==1){
if (cfv_vname=='server' && cfv_vvalue=='shield'){mitm_isdetected+=1;mitm_cdnname='Google Project Shield';}
if (cfv_vname=='x-shield-request-id' && cfv_vvalue!=undefined){mitm_isdetected+=1;mitm_cdnname='Google Project Shield';}
}
//Sucuri
if (stop_sucuri==1){
if (cfv_vname=='x-sucuri-cache' && cfv_vvalue!=undefined){mitm_isdetected+=1;mitm_cdnname='Sucuri';}
if (cfv_vname=='x-sucuri-id' && cfv_vvalue!=undefined){mitm_isdetected+=1;mitm_cdnname='Sucuri';}
if (cfv_vname=='set-cookie' && cfv_vvalue.includes("sucuri-")){mitm_isdetected+=1;mitm_cdnname='Sucuri';}
}
//>
if (mitm_isdetected>=2){break;}
}


var cfblockscreen='';
if (mitm_isdetected>=1){

//add to history (used in gotwhitelistrequest())
if (cf_history.length>=10){cf_history=[];}
if (!cf_history.includes(cf_hostname)){cf_history.push(cf_hostname);}


if (do_simplewarn!=1){// block

console.log('SECURITY_WARN: '+mitm_cdnname+' MiTM Detected: '+res.url);
cfblockscreen='document.documentElement.innerHTML=atob(\'PGh0bWwgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGh0bWwiPjxoZWFkPjx0aXRsZT5JbnNlY3VyZSBDb25uZWN0aW9uPC90aXRsZT4KPCEtLQpUaGlzIFNvdXJjZSBDb2RlIEZvcm0gaXMgc3ViamVjdCB0byB0aGUgdGVybXMgb2YgdGhlIE1vemlsbGEgUHVibGljIExpY2Vuc2UsIHYuIDIuMC4KSWYgYSBjb3B5IG9mIHRoZSBNUEwgd2FzIG5vdCBkaXN0cmlidXRlZCB3aXRoIHRoaXMgZmlsZSwgWW91IGNhbiBvYnRhaW4gb25lIGF0IGh0dHBzOi8vbW96aWxsYS5vcmcvTVBMLzIuMC8uCi8vLS0+CjxsaW5rIGlkPSJmYXZpY29uIiByZWw9Imljb24iIHR5cGU9ImltYWdlL3gtaWNvbiIgaHJlZj0iZGF0YTppbWFnZS94LWljb247YmFzZTY0LEFBQUJBQUVBRUJBQUFBRUFJQUJvQkFBQUZnQUFBQ2dBQUFBUUFBQUFJQUFBQUFFQUlBQUFBQUFBQUFRQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFPems0T0twTVNrcTZVRTlQdWxSVFU3cFhWMWU2VzF0YnVsMWRYYnBiVzF1NldGaFl1bFZWVmJwVFUxTzZVRkJRdWt4TVRMb3RMUzJiQUFBQU96WTBOSjdZM056L3Y5emgvOEhlNC8vRDRlYi94dVRwLzhqbTYvL0k1T24veCtQby84Ymo2Zi9FNGVmL3d0L2wvOEhkNC8rLzJkLy8zTi9mL3hrWkdZVTJOVFdkMk43ZS94ZWt4ZjhXdWVEL0ZycmgveGE3NGY4VXI5UC9JaXd1L3lJc0x2OFdzOS8vRjdEZS94ZXIzUDhYcHRyL0lKUzYvOTdnNGY4WkdSbUNBQUFBVjlIUTBPOTFzN3ovRjhIai94YkM0LzhXdytUL0ZMYlYveUFyTGY4Z0t5My9GcnJoL3hhMTMvOFhzTjcvRnFiVi81RzN2Zit4c2JIVUFBQUFSUUFBQUM1b1oyZVYyTjdmL3lXdHYvOFh5dWIvRnNybS94Yko1djhacThmL0dhdkgveGJBNC84V3UrSC9GclhmL3pXZ3VmL1oyZG4vTHk4dmVBQUFBQndBQUFBQUFBQUFTc2JGeGQyZ3k4Ny9LdFRtL3huVTZ2OFcwT2ovRkVKSS94UkNTUDhXeGVYL0ZyL2oveFd3MC8rc3dzUC9rNU9UdGdBQUFEb0FBQUFBQUFBQUFBQUFBQ0ZGUlVWKzZldnIvenExdnY4dzVQSC9KOS92L3lJaUl2OGlJaUwvRnNybS94YkU1UDlYcTduLzE5ZlgrQmtaR1cwQUFBQUtBQUFBQUFBQUFBQUFBQUFBQUFBQVByZTJ0c25BM3VEL0xOcmoveS9vOHY4ckt5di9LeXNyL3l2Yjd2OG12ZEQveE0vUC8zZDNkNkFBQUFBMEFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFCVWJHeHR0OFBEdytGckF3Lzh1N1BQL05EUTAvelEwTlA4dzNlLy9nTHUvLzhqSXlPZ0FBQUJSQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBTkoyZG5iVFM0K1QvS2REVi96UThQUDgwUUVIL05MM0ovOVhaMmY5V1ZsYUxBQUFBS0FBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFrQUFBQlgzOS9mNzMzRXh2OHQ1dkgvTGRycC81ckJ3LysydHJiVUFBQUFSUUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFMbTF0YlpYZjV1Yi9MTG5ELzBTN3hQL2QzZDMvTVRFeGVBQUFBQndBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFCS3g4ZkgzYkhQMGYrOHpNMy9sNWVYdGdBQUFEb0FBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUlUSXlNbmErdnI3VHJxNnV5UmtaR1cwQUFBQUtBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFiQUFBQVJBQUFBRDRBQUFBVkFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBLy84QUFJQUJBQUFBQUFBQUFBQUFBSUFCQUFDQUF3QUF3QU1BQU9BSEFBRGdCd0FBOEE4QUFQQVBBQUQ0SHdBQStEOEFBUHcvQUFEK2Z3QUEvLzhBQUE9PSI+CjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+QG5hbWVzcGFjZSBodG1sICJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIjtAbmFtZXNwYWNlIHh1bCAiaHR0cDovL3d3dy5tb3ppbGxhLm9yZy9rZXltYXN0ZXIvZ2F0ZWtlZXBlci90aGVyZS5pcy5vbmx5Lnh1bCI7KnwqOnJvb3R7LS1pbi1jb250ZW50LXBhZ2UtY29sb3I6IzQyNGU1YTstLWluLWNvbnRlbnQtcGFnZS1iYWNrZ3JvdW5kOiNmYmZiZmI7LS1pbi1jb250ZW50LXRleHQtY29sb3I6IzMzMzstLWluLWNvbnRlbnQtc2VsZWN0ZWQtdGV4dDojZmZmOy0taW4tY29udGVudC1oZWFkZXItYm9yZGVyLWNvbG9yOiNjOGM4Yzg7LS1pbi1jb250ZW50LWJveC1iYWNrZ3JvdW5kOiNmZmY7LS1pbi1jb250ZW50LWJveC1iYWNrZ3JvdW5kLW9kZDojZjNmNmZhOy0taW4tY29udGVudC1ib3gtYmFja2dyb3VuZC1ob3ZlcjojZWJlYmViOy0taW4tY29udGVudC1ib3gtYmFja2dyb3VuZC1hY3RpdmU6I2RhZGFkYTstLWluLWNvbnRlbnQtYm94LWJvcmRlci1jb2xvcjojYzFjMWMxOy0taW4tY29udGVudC1pdGVtLWhvdmVyOnJnYmEoMCwxNDksMjIxLDAuMjUpOy0taW4tY29udGVudC1pdGVtLXNlbGVjdGVkOiMwMDk1ZGQ7LS1pbi1jb250ZW50LWJvcmRlci1oaWdobGlnaHQ6I2ZmOTUwMDstLWluLWNvbnRlbnQtYm9yZGVyLWZvY3VzOiMwMDk1ZGQ7LS1pbi1jb250ZW50LWJvcmRlci1jb2xvcjojYzFjMWMxOy0taW4tY29udGVudC1jYXRlZ29yeS10ZXh0OiNjMWMxYzE7LS1pbi1jb250ZW50LWNhdGVnb3J5LWJvcmRlci1mb2N1czoxcHggZG90dGVkICNmZmY7LS1pbi1jb250ZW50LWNhdGVnb3J5LXRleHQtc2VsZWN0ZWQ6I2YyZjJmMjstLWluLWNvbnRlbnQtY2F0ZWdvcnktYmFja2dyb3VuZDojNDI0ZjVhOy0taW4tY29udGVudC1jYXRlZ29yeS1iYWNrZ3JvdW5kLWhvdmVyOiM1ZTY5NzI7LS1pbi1jb250ZW50LWNhdGVnb3J5LWJhY2tncm91bmQtYWN0aXZlOiMzNDNmNDg7LS1pbi1jb250ZW50LXRhYi1jb2xvcjojNDI0ZjVhOy0taW4tY29udGVudC1saW5rLWNvbG9yOiMwMDk1ZGQ7LS1pbi1jb250ZW50LWxpbmstY29sb3ItaG92ZXI6IzE3OGNlNTstLWluLWNvbnRlbnQtbGluay1jb2xvci1hY3RpdmU6I2ZmOTUwMDstLW
var blockingCFnow=browser.tabs.executeScript(res.tabId,{code: cfblockscreen});blockingCFnow.then(()=>{return {cancel: true};},onError);

}else{// warning only

console.log('SECURITY_ALERT: '+mitm_cdnname+' MiTM Detected: '+res.url);
cfblockscreen='var orig_dt=document.title;setInterval(function(){var link=document.querySelector("link[rel*=\'icon\']")||document.createElement(\'link\');link.type=\'image/x-icon\';link.rel=\'icon\';link.href=\'data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOzk4OKpMSkq6UE9PulRTU7pXV1e6W1tbul1dXbpbW1u6WFhYulVVVbpTU1O6UFBQukxMTLotLS2bAAAAOzY0NJ7Y3Nz/v9zh/8He4//D4eb/xuTp/8jm6//I5On/x+Po/8bj6f/E4ef/wt/l/8Hd4/+/2d//3N/f/xkZGYU2NTWd2N7e/xekxf8WueD/Frrh/xa74f8Ur9P/Iiwu/yIsLv8Ws9//F7De/xer3P8Xptr/IJS6/97g4f8ZGRmCAAAAV9HQ0O91s7z/F8Hj/xbC4/8Ww+T/FLbV/yArLf8gKy3/Frrh/xa13/8XsN7/FqbV/5G3vf+xsbHUAAAARQAAAC5oZ2eV2N7f/yWtv/8Xyub/Fsrm/xbJ5v8Zq8f/GavH/xbA4/8Wu+H/FrXf/zWguf/Z2dn/Ly8veAAAABwAAAAAAAAASsbFxd2gy87/KtTm/xnU6v8W0Oj/FEJI/xRCSP8WxeX/Fr/j/xWw0/+swsP/k5OTtgAAADoAAAAAAAAAAAAAACFFRUV+6evr/zq1vv8w5PH/J9/v/yIiIv8iIiL/Fsrm/xbE5P9Xq7n/19fX+BkZGW0AAAAKAAAAAAAAAAAAAAAAAAAAPre2tsnA3uD/LNrj/y/o8v8rKyv/Kysr/yvb7v8mvdD/xM/P/3d3d6AAAAA0AAAAAAAAAAAAAAAAAAAAAAAAABUbGxtt8PDw+FrAw/8u7PP/NDQ0/zQ0NP8w3e//gLu//8jIyOgAAABRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANJ2dnbTS4+T/KdDV/zQ8PP80QEH/NL3J/9XZ2f9WVlaLAAAAKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkAAABX39/f733Exv8t5vH/Ldrp/5rBw/+2trbUAAAARQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALm1tbZXf5ub/LLnD/0S7xP/d3d3/MTExeAAAABwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKx8fH3bHP0f+8zM3/l5eXtgAAADoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAITIyMna+vr7Trq6uyRkZGW0AAAAKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbAAAARAAAAD4AAAAVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA//8AAIABAAAAAAAAAAAAAIABAACAAwAAwAMAAOAHAADgBwAA8A8AAPAPAAD4HwAA+D8AAPw/AAD+fwAA//8AAA==\';document.getElementsByTagName(\'head\')[0].appendChild(link);if (!document.title.startsWith(\'[!!\') && !document.title.includes(\'!!]\')){document.title=\'[!!'+mitm_cdnname+'!!] \'+orig_dt;}},2500);';
var warningCFnow=browser.tabs.executeScript(res.tabId,{code: cfblockscreen});warningCFnow.then(function(){},onError);

}
}

  }
  return;
}

function gotwhitelistrequest(r){
var v_whitelist=r.url.replace('https://0.0.0.0/cfmitm_addon/allow/','',).split('?',2);
if (v_whitelist.length==2){if (/^([0-9a-z.-]{4,200})$/.test(v_whitelist[0]) && v_whitelist[1]==btoa(v_whitelist[0])){
if (cf_history.includes(v_whitelist[0])){// found in history, assume this request is valid
console.log('CFMITM: Adding to whitelist: '+v_whitelist[0]);
var _gwr=browser.storage.local.get();_gwr.then(function(r){
var _currentwhitelist=v_whitelist[0]+"\n";if (r.myset_cfwhite){_currentwhitelist+=r.myset_cfwhite;}
_currentwhitelist=_currentwhitelist.split("\n");for (var l=0;l<_currentwhitelist.length;l++){
if (!/^([0-9a-z.-]{1,})\.([a-z]{2,20})$/.test(_currentwhitelist[l])||_currentwhitelist[l].startsWith(".")||_currentwhitelist[l].includes("..")||
_currentwhitelist[l].endsWith(".cloudflare.com")||_currentwhitelist[l]=='cloudflare.com'||
_currentwhitelist[l].endsWith(".incapsula.com")||_currentwhitelist[l]=='incapsula.com'||
_currentwhitelist[l].endsWith(".withgoogle.com")||_currentwhitelist[l].endsWith(".google.com")){_currentwhitelist[l]='';}
}
_currentwhitelist=_currentwhitelist.slice().sort(function(a,b){return a>b}).reduce(function(a,b){if (a.slice(-1)[0]!==b){a.push(b);};return a;},[]);// -duplicate
_currentwhitelist=_currentwhitelist.filter(v=>v!='');// -empty
_currentwhitelist=_currentwhitelist.join("\n");
browser.storage.local.set({myset_cfwhite: _currentwhitelist});
cf_ignore=_currentwhitelist.split("\n").filter(v=>v!='');//update whitelist
browser.tabs.executeScript({code: 'location.reload();'});
},onError);
}
}}
return {cancel: true};
}

browser.webRequest.onHeadersReceived.addListener(analyzemydata,{urls:["http://*/*","https://*/*"]},["blocking","responseHeaders"]);
browser.webRequest.onBeforeRequest.addListener(gotwhitelistrequest,{urls:["https://0.0.0.0/cfmitm_addon/*"]},["blocking"]);
browser.browserAction.onClicked.addListener(function(t){browser.runtime.openOptionsPage().then(function(){},onError);});
Restyle main Javascript file I tried to copy the indent style of files seen in Torbutton, with added guidance from my instincts as a C programmer accustomed to KNF. This can now be edited without wrecking diffs, unless I change it again because this will drive me crazy. Closes issue #1. 2017-12-12 04:31:18 +00:00			`/**`
			`* <<< Detect Cloudflare MiTM Attack >>>`
			`* by Sw`
			`* why? because...`
			`* https://trac.torproject.org/projects/tor/ticket/24351`
			`* http://www.crimeflare.com/`
			`*/`

Import v1.0.7.1 from a.m.o. This is a huge jump. Sorry, I will not manually import all intermediary versions to track development. Significant changes: - Major feature: Now works with Firefox 52 / current Tor Browser. Closes #2. - Major feature: Error page. Closes #3. - Major feature: Whitelist. Closes #4. - Regression: Indentation/style is busted. Reopens #1. 2017-12-30 21:55:46 +00:00			`var cf_ignore=[];`
			`var cf_history=[];//used by whitelist-from-warnpage`
			`var stop_incapsula=0;`
			`var stop_gshield=0;`
			`var stop_sucuri=0;`
			`var ign_phttp=0;`
			`var ign_rescj=0;`
			`var do_simplewarn=0;`

			`function whitelist_reload(w){`
			`//WHITELIST`
			`if (w.myset_cfwhite){`
			`var tmp_whitelist=w.myset_cfwhite;`
			`tmp_whitelist=tmp_whitelist.split("\n").filter(v=>v!='');`
			`cf_ignore=tmp_whitelist;`
			`//console.log(cf_ignore);`
			`}else{cf_ignore=[];}`
			`//ADVANCED`
			`if (w.myset_xincapsula=='y'){stop_incapsula=1;}else{stop_incapsula=0;}`
			`if (w.myset_xgshield=='y'){stop_gshield=1;}else{stop_gshield=0;}`
			`if (w.myset_xsucuri=='y'){stop_sucuri=1;}else{stop_sucuri=0;}`
			`if (w.myset_xignhttp=='y'){ign_phttp=1;}else{ign_phttp=0;}`
			`if (w.myset_xigncj=='y'){ign_rescj=1;}else{ign_rescj=0;}`
			`if (w.myset_xsimplewarn=='y'){do_simplewarn=1;}else{do_simplewarn=0;}`
			`}`

			function onError(e){console.log(`CFMITM Error:${e}`);}

			`function analyzemydata(res){`
			`var lmcfg=browser.storage.local.get();lmcfg.then(whitelist_reload,onError);// load latest settings without restarting a browser`

			`//console.log("CFMITM: scanning: "+res.url);`
Restyle main Javascript file I tried to copy the indent style of files seen in Torbutton, with added guidance from my instincts as a C programmer accustomed to KNF. This can now be edited without wrecking diffs, unless I change it again because this will drive me crazy. Closes issue #1. 2017-12-12 04:31:18 +00:00			`var cflink = document.createElement('a');`
			`cflink.setAttribute('href',res.url);`
			`var cf_hostname = cflink.hostname;`
			`var cf_protocol = cflink.protocol;`
			`var cf_gothead = res.responseHeaders;`
			`cflink = null;`

Import v1.0.7.1 from a.m.o. This is a huge jump. Sorry, I will not manually import all intermediary versions to track development. Significant changes: - Major feature: Now works with Firefox 52 / current Tor Browser. Closes #2. - Major feature: Error page. Closes #3. - Major feature: Whitelist. Closes #4. - Regression: Indentation/style is busted. Reopens #1. 2017-12-30 21:55:46 +00:00			`//whitelisted by default (destination is same)`
			`if (cf_hostname.endsWith('.cloudflare.com')\|\|cf_hostname=='cloudflare.com'){return;}`
			`if (stop_incapsula==1){if (cf_hostname.endsWith('.incapsula.com')\|\|cf_hostname=='incapsula.com'){return;}}`
			`if (stop_gshield==1){if (cf_hostname.endsWith('.withgoogle.com')\|\|cf_hostname.endsWith('.google.com')){return;}}`
			`if (stop_sucuri==1){if (cf_hostname.endsWith('.sucuri.net')\|\|cf_hostname=='sucuri.net'){return;}}`
			`//whitelisted`
			`if (cf_ignore.includes(cf_hostname)){return;}`
			`if (cf_protocol=='http:' && ign_phttp==1){return;}`
			`if (ign_rescj==1 && /^http(.)\.(js\|css\|jpg\|jpeg\|gif\|png\|tif\|ico\|svg\|woff\|woff2\|ttf\|cur\|ani)(\|\?(.))$/.test(res.url)){return;}`


			`if ((cf_protocol == 'http:' \|\| cf_protocol == 'https:') && cf_hostname.length >= 4) {`

			`//console.log("CFMITM: testing...: "+res.url);`

			`var mitm_isdetected=0;`
			`var mitm_cdnname='Cloudflare';`

			`for (var i=0;i<cf_gothead.length;i++){`
			`var cfv=cf_gothead[i];`
			`var cfv_vname=cfv['name'];if (cfv_vname!=undefined){cfv_vname=cfv_vname.toLowerCase();}`
			`var cfv_vvalue=cfv['value'];if (cfv_vvalue!=undefined){cfv_vvalue=cfv_vvalue.toLowerCase();}`
			`//<`
			`//Cloudflare`
			`if (cfv_vname=='cf-ray' && cfv_vvalue!=undefined){mitm_isdetected+=1;}`
			`if (cfv_vname=='server' && cfv_vvalue.includes("cloudflare")){mitm_isdetected+=1;}`
			`if (cfv_vname=='cf-cache-status' && cfv_vvalue!=undefined){mitm_isdetected+=1;}`
			`if (cfv_vname=='set-cookie' && cfv_vvalue.includes("__cfduid")){mitm_isdetected+=1;}`
			`//Incapsula`
			`if (stop_incapsula==1){`
			`if (cfv_vname.includes("incap_") && cfv_vvalue!=undefined){mitm_isdetected+=1;mitm_cdnname='Incapsula';}`
			`if (cfv_vname=='x-iinfo' && cfv_vvalue!=undefined){mitm_isdetected+=1;mitm_cdnname='Incapsula';}`
			`if (cfv_vname=='x-cdn' && cfv_vvalue=='incapsula'){mitm_isdetected+=1;mitm_cdnname='Incapsula';}`
			`if (cfv_vname=='set-cookie' && cfv_vvalue.includes("visid_incap_")){mitm_isdetected+=1;mitm_cdnname='Incapsula';}`
			`}`
			`//GPShield`
			`if (stop_gshield==1){`
			`if (cfv_vname=='server' && cfv_vvalue=='shield'){mitm_isdetected+=1;mitm_cdnname='Google Project Shield';}`
			`if (cfv_vname=='x-shield-request-id' && cfv_vvalue!=undefined){mitm_isdetected+=1;mitm_cdnname='Google Project Shield';}`
			`}`
			`//Sucuri`
			`if (stop_sucuri==1){`
			`if (cfv_vname=='x-sucuri-cache' && cfv_vvalue!=undefined){mitm_isdetected+=1;mitm_cdnname='Sucuri';}`
			`if (cfv_vname=='x-sucuri-id' && cfv_vvalue!=undefined){mitm_isdetected+=1;mitm_cdnname='Sucuri';}`
			`if (cfv_vname=='set-cookie' && cfv_vvalue.includes("sucuri-")){mitm_isdetected+=1;mitm_cdnname='Sucuri';}`
			`}`
			`//>`
			`if (mitm_isdetected>=2){break;}`
			`}`


			`var cfblockscreen='';`
			`if (mitm_isdetected>=1){`

			`//add to history (used in gotwhitelistrequest())`
			`if (cf_history.length>=10){cf_history=[];}`
			`if (!cf_history.includes(cf_hostname)){cf_history.push(cf_hostname);}`


			`if (do_simplewarn!=1){// block`

			`console.log('SECURITY_WARN: '+mitm_cdnname+' MiTM Detected: '+res.url);`
			cfblockscreen='document.documentElement.innerHTML=atob(\'PGh0bWwgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGh0bWwiPjxoZWFkPjx0aXRsZT5JbnNlY3VyZSBDb25uZWN0aW9uPC90aXRsZT4KPCEtLQpUaGlzIFNvdXJjZSBDb2RlIEZvcm0gaXMgc3ViamVjdCB0byB0aGUgdGVybXMgb2YgdGhlIE1vemlsbGEgUHVibGljIExpY2Vuc2UsIHYuIDIuMC4KSWYgYSBjb3B5IG9mIHRoZSBNUEwgd2FzIG5vdCBkaXN0cmlidXRlZCB3aXRoIHRoaXMgZmlsZSwgWW91IGNhbiBvYnRhaW4gb25lIGF0IGh0dHBzOi8vbW96aWxsYS5vcmcvTVBMLzIuMC8uCi8vLS0+CjxsaW5rIGlkPSJmYXZpY29uIiByZWw9Imljb24iIHR5cGU9ImltYWdlL3gtaWNvbiIgaHJlZj0iZGF0YTppbWFnZS94LWljb247YmFzZTY0LEFBQUJBQUVBRUJBQUFBRUFJQUJvQkFBQUZnQUFBQ2dBQUFBUUFBQUFJQUFBQUFFQUlBQUFBQUFBQUFRQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFPems0T0twTVNrcTZVRTlQdWxSVFU3cFhWMWU2VzF0YnVsMWRYYnBiVzF1NldGaFl1bFZWVmJwVFUxTzZVRkJRdWt4TVRMb3RMUzJiQUFBQU96WTBOSjdZM056L3Y5emgvOEhlNC8vRDRlYi94dVRwLzhqbTYvL0k1T24veCtQby84Ymo2Zi9FNGVmL3d0L2wvOEhkNC8rLzJkLy8zTi9mL3hrWkdZVTJOVFdkMk43ZS94ZWt4ZjhXdWVEL0ZycmgveGE3NGY4VXI5UC9JaXd1L3lJc0x2OFdzOS8vRjdEZS94ZXIzUDhYcHRyL0lKUzYvOTdnNGY4WkdSbUNBQUFBVjlIUTBPOTFzN3ovRjhIai94YkM0LzhXdytUL0ZMYlYveUFyTGY4Z0t5My9GcnJoL3hhMTMvOFhzTjcvRnFiVi81RzN2Zit4c2JIVUFBQUFSUUFBQUM1b1oyZVYyTjdmL3lXdHYvOFh5dWIvRnNybS94Yko1djhacThmL0dhdkgveGJBNC84V3UrSC9GclhmL3pXZ3VmL1oyZG4vTHk4dmVBQUFBQndBQUFBQUFBQUFTc2JGeGQyZ3k4Ny9LdFRtL3huVTZ2OFcwT2ovRkVKSS94UkNTUDhXeGVYL0ZyL2oveFd3MC8rc3dzUC9rNU9UdGdBQUFEb0FBQUFBQUFBQUFBQUFBQ0ZGUlVWKzZldnIvenExdnY4dzVQSC9KOS92L3lJaUl2OGlJaUwvRnNybS94YkU1UDlYcTduLzE5ZlgrQmtaR1cwQUFBQUtBQUFBQUFBQUFBQUFBQUFBQUFBQVByZTJ0c25BM3VEL0xOcmoveS9vOHY4ckt5di9LeXNyL3l2Yjd2OG12ZEQveE0vUC8zZDNkNkFBQUFBMEFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFCVWJHeHR0OFBEdytGckF3Lzh1N1BQL05EUTAvelEwTlA4dzNlLy9nTHUvLzhqSXlPZ0FBQUJSQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBTkoyZG5iVFM0K1QvS2REVi96UThQUDgwUUVIL05MM0ovOVhaMmY5V1ZsYUxBQUFBS0FBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFrQUFBQlgzOS9mNzMzRXh2OHQ1dkgvTGRycC81ckJ3LysydHJiVUFBQUFSUUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFMbTF0YlpYZjV1Yi9MTG5ELzBTN3hQL2QzZDMvTVRFeGVBQUFBQndBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFCS3g4ZkgzYkhQMGYrOHpNMy9sNWVYdGdBQUFEb0FBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUlUSXlNbmErdnI3VHJxNnV5UmtaR1cwQUFBQUtBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFiQUFBQVJBQUFBRDRBQUFBVkFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBLy84QUFJQUJBQUFBQUFBQUFBQUFBSUFCQUFDQUF3QUF3QU1BQU9BSEFBRGdCd0FBOEE4QUFQQVBBQUQ0SHdBQStEOEFBUHcvQUFEK2Z3QUEvLzhBQUE9PSI+CjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+QG5hbWVzcGFjZSBodG1sICJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIjtAbmFtZXNwYWNlIHh1bCAiaHR0cDovL3d3dy5tb3ppbGxhLm9yZy9rZXltYXN0ZXIvZ2F0ZWtlZXBlci90aGVyZS5pcy5vbmx5Lnh1bCI7KnwqOnJvb3R7LS1pbi1jb250ZW50LXBhZ2UtY29sb3I6IzQyNGU1YTstLWluLWNvbnRlbnQtcGFnZS1iYWNrZ3JvdW5kOiNmYmZiZmI7LS1pbi1jb250ZW50LXRleHQtY29sb3I6IzMzMzstLWluLWNvbnRlbnQtc2VsZWN0ZWQtdGV4dDojZmZmOy0taW4tY29udGVudC1oZWFkZXItYm9yZGVyLWNvbG9yOiNjOGM4Yzg7LS1pbi1jb250ZW50LWJveC1iYWNrZ3JvdW5kOiNmZmY7LS1pbi1jb250ZW50LWJveC1iYWNrZ3JvdW5kLW9kZDojZjNmNmZhOy0taW4tY29udGVudC1ib3gtYmFja2dyb3VuZC1ob3ZlcjojZWJlYmViOy0taW4tY29udGVudC1ib3gtYmFja2dyb3VuZC1hY3RpdmU6I2RhZGFkYTstLWluLWNvbnRlbnQtYm94LWJvcmRlci1jb2xvcjojYzFjMWMxOy0taW4tY29udGVudC1pdGVtLWhvdmVyOnJnYmEoMCwxNDksMjIxLDAuMjUpOy0taW4tY29udGVudC1pdGVtLXNlbGVjdGVkOiMwMDk1ZGQ7LS1pbi1jb250ZW50LWJvcmRlci1oaWdobGlnaHQ6I2ZmOTUwMDstLWluLWNvbnRlbnQtYm9yZGVyLWZvY3VzOiMwMDk1ZGQ7LS1pbi1jb250ZW50LWJvcmRlci1jb2xvcjojYzFjMWMxOy0taW4tY29udGVudC1jYXRlZ29yeS10ZXh0OiNjMWMxYzE7LS1pbi1jb250ZW50LWNhdGVnb3J5LWJvcmRlci1mb2N1czoxcHggZG90dGVkICNmZmY7LS1pbi1jb250ZW50LWNhdGVnb3J5LXRleHQtc2VsZWN0ZWQ6I2YyZjJmMjstLWluLWNvbnRlbnQtY2F0ZWdvcnktYmFja2dyb3VuZDojNDI0ZjVhOy0taW4tY29udGVudC1jYXRlZ29yeS1iYWNrZ3JvdW5kLWhvdmVyOiM1ZTY5NzI7LS1pbi1jb250ZW50LWNhdGVnb3J5LWJhY2tncm91bmQtYWN0aXZlOiMzNDNmNDg7LS1pbi1jb250ZW50LXRhYi1jb2xvcjojNDI0ZjVhOy0taW4tY29udGVudC1saW5rLWNvbG9yOiMwMDk1ZGQ7LS1pbi1jb250ZW50LWxpbmstY29sb3ItaG92ZXI6IzE3OGNlNTstLWluLWNvbnRlbnQtbGluay1jb2xvci1hY3RpdmU6I2ZmOTUwMDstLW
			`var blockingCFnow=browser.tabs.executeScript(res.tabId,{code: cfblockscreen});blockingCFnow.then(()=>{return {cancel: true};},onError);`

			`}else{// warning only`

			`console.log('SECURITY_ALERT: '+mitm_cdnname+' MiTM Detected: '+res.url);`
			cfblockscreen='var orig_dt=document.title;setInterval(function(){var link=document.querySelector("link[rel*=\'icon\']")\|\|document.createElement(\'link\');link.type=\'image/x-icon\';link.rel=\'icon\';link.href=\'data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOzk4OKpMSkq6UE9PulRTU7pXV1e6W1tbul1dXbpbW1u6WFhYulVVVbpTU1O6UFBQukxMTLotLS2bAAAAOzY0NJ7Y3Nz/v9zh/8He4//D4eb/xuTp/8jm6//I5On/x+Po/8bj6f/E4ef/wt/l/8Hd4/+/2d//3N/f/xkZGYU2NTWd2N7e/xekxf8WueD/Frrh/xa74f8Ur9P/Iiwu/yIsLv8Ws9//F7De/xer3P8Xptr/IJS6/97g4f8ZGRmCAAAAV9HQ0O91s7z/F8Hj/xbC4/8Ww+T/FLbV/yArLf8gKy3/Frrh/xa13/8XsN7/FqbV/5G3vf+xsbHUAAAARQAAAC5oZ2eV2N7f/yWtv/8Xyub/Fsrm/xbJ5v8Zq8f/GavH/xbA4/8Wu+H/FrXf/zWguf/Z2dn/Ly8veAAAABwAAAAAAAAASsbFxd2gy87/KtTm/xnU6v8W0Oj/FEJI/xRCSP8WxeX/Fr/j/xWw0/+swsP/k5OTtgAAADoAAAAAAAAAAAAAACFFRUV+6evr/zq1vv8w5PH/J9/v/yIiIv8iIiL/Fsrm/xbE5P9Xq7n/19fX+BkZGW0AAAAKAAAAAAAAAAAAAAAAAAAAPre2tsnA3uD/LNrj/y/o8v8rKyv/Kysr/yvb7v8mvdD/xM/P/3d3d6AAAAA0AAAAAAAAAAAAAAAAAAAAAAAAABUbGxtt8PDw+FrAw/8u7PP/NDQ0/zQ0NP8w3e//gLu//8jIyOgAAABRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANJ2dnbTS4+T/KdDV/zQ8PP80QEH/NL3J/9XZ2f9WVlaLAAAAKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkAAABX39/f733Exv8t5vH/Ldrp/5rBw/+2trbUAAAARQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALm1tbZXf5ub/LLnD/0S7xP/d3d3/MTExeAAAABwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKx8fH3bHP0f+8zM3/l5eXtgAAADoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAITIyMna+vr7Trq6uyRkZGW0AAAAKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbAAAARAAAAD4AAAAVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA//8AAIABAAAAAAAAAAAAAIABAACAAwAAwAMAAOAHAADgBwAA8A8AAPAPAAD4HwAA+D8AAPw/AAD+fwAA//8AAA==\';document.getElementsByTagName(\'head\')[0].appendChild(link);if (!document.title.startsWith(\'[!!\') && !document.title.includes(\'!!]\')){document.title=\'[!!'+mitm_cdnname+'!!] \'+orig_dt;}},2500);';
			`var warningCFnow=browser.tabs.executeScript(res.tabId,{code: cfblockscreen});warningCFnow.then(function(){},onError);`

			`}`
			`}`

Restyle main Javascript file I tried to copy the indent style of files seen in Torbutton, with added guidance from my instincts as a C programmer accustomed to KNF. This can now be edited without wrecking diffs, unless I change it again because this will drive me crazy. Closes issue #1. 2017-12-12 04:31:18 +00:00			`}`
			`return;`
Import XPI and code from addons.mozilla.org Initial commit. Version 0.0.0-prealpha. - Glance over code to make sure it looks sane - Create git repository - Add substantive files - Fix icons (PNG CRC errors) - Add archival copy of xpi from addons.mozilla.org, with metadata - Add README.md, LICENSE.md - NOT YET TESTED BY MAINTAINER (@nym-zone) 2017-12-11 20:45:10 +00:00			`}`
Restyle main Javascript file I tried to copy the indent style of files seen in Torbutton, with added guidance from my instincts as a C programmer accustomed to KNF. This can now be edited without wrecking diffs, unless I change it again because this will drive me crazy. Closes issue #1. 2017-12-12 04:31:18 +00:00
Import v1.0.7.1 from a.m.o. This is a huge jump. Sorry, I will not manually import all intermediary versions to track development. Significant changes: - Major feature: Now works with Firefox 52 / current Tor Browser. Closes #2. - Major feature: Error page. Closes #3. - Major feature: Whitelist. Closes #4. - Regression: Indentation/style is busted. Reopens #1. 2017-12-30 21:55:46 +00:00			`function gotwhitelistrequest(r){`
			`var v_whitelist=r.url.replace('https://0.0.0.0/cfmitm_addon/allow/','',).split('?',2);`
			`if (v_whitelist.length==2){if (/^([0-9a-z.-]{4,200})$/.test(v_whitelist[0]) && v_whitelist[1]==btoa(v_whitelist[0])){`
			`if (cf_history.includes(v_whitelist[0])){// found in history, assume this request is valid`
			`console.log('CFMITM: Adding to whitelist: '+v_whitelist[0]);`
			`var _gwr=browser.storage.local.get();_gwr.then(function(r){`
			`var _currentwhitelist=v_whitelist[0]+"\n";if (r.myset_cfwhite){_currentwhitelist+=r.myset_cfwhite;}`
			`_currentwhitelist=_currentwhitelist.split("\n");for (var l=0;l<_currentwhitelist.length;l++){`
			`if (!/^([0-9a-z.-]{1,})\.([a-z]{2,20})$/.test(_currentwhitelist[l])\|\|_currentwhitelist[l].startsWith(".")\|\|_currentwhitelist[l].includes("..")\|\|`
			`_currentwhitelist[l].endsWith(".cloudflare.com")\|\|_currentwhitelist[l]=='cloudflare.com'\|\|`
			`_currentwhitelist[l].endsWith(".incapsula.com")\|\|_currentwhitelist[l]=='incapsula.com'\|\|`
			`_currentwhitelist[l].endsWith(".withgoogle.com")\|\|_currentwhitelist[l].endsWith(".google.com")){_currentwhitelist[l]='';}`
			`}`
			`_currentwhitelist=_currentwhitelist.slice().sort(function(a,b){return a>b}).reduce(function(a,b){if (a.slice(-1)[0]!==b){a.push(b);};return a;},[]);// -duplicate`
			`_currentwhitelist=_currentwhitelist.filter(v=>v!='');// -empty`
			`_currentwhitelist=_currentwhitelist.join("\n");`
			`browser.storage.local.set({myset_cfwhite: _currentwhitelist});`
			`cf_ignore=_currentwhitelist.split("\n").filter(v=>v!='');//update whitelist`
			`browser.tabs.executeScript({code: 'location.reload();'});`
			`},onError);`
			`}`
			`}}`
			`return {cancel: true};`
			`}`

			`browser.webRequest.onHeadersReceived.addListener(analyzemydata,{urls:["http:///","https:///"]},["blocking","responseHeaders"]);`
			`browser.webRequest.onBeforeRequest.addListener(gotwhitelistrequest,{urls:["https://0.0.0.0/cfmitm_addon/*"]},["blocking"]);`
			`browser.browserAction.onClicked.addListener(function(t){browser.runtime.openOptionsPage().then(function(){},onError);});`