Import XPI and code from addons.mozilla.org

Initial commit. Version 0.0.0-prealpha. - Glance over code to make sure it looks sane - Create git repository - Add substantive files - Fix icons (PNG CRC errors) - Add archival copy of xpi from addons.mozilla.org, with metadata - Add README.md, LICENSE.md - NOT YET TESTED BY MAINTAINER (@nym-zone)
2017-12-11 20:45:10 +00:00 · 2017-12-11 20:45:10 +00:00 · e2c115d0f2
commit e2c115d0f2
12 changed files with 115 additions and 0 deletions
--- a/LICENSE.md
+++ b/LICENSE.md
@ -0,0 +1,11 @@
+[Original license](https://addons.mozilla.org/en-US/firefox/addon/block-cloudflare-mitm-attack/license/1.0.0):
+
+# Block Cloudflare MiTM Attack 1.0.0
+# Source Code License
+# WTFPL
+
+WTFPL
+
+---
+
+Any modifications by nullius <nullius@nym.zone> are released to the public domain.  Copyright is irrevocably disclaimed on behalf of self, heirs, assigns, etc., etc.  In other words, NO LICENSE!  The public domain is not a license.  I politely request that derivative works either stay in the public domain, or keep a liberal license.
--- a/README.md
+++ b/README.md
@ -0,0 +1,12 @@
+# Block Cloudflare MITM Attack
+
+**Pull requests are welcome!**
+
+The purpose of this browser add-on is to block Cloudflare sites.
+
+The TLS protocol promises end-to-end encryption between the client and an authenticated, identified endpoint server.  The browser’s lock icon is a UI widget which makes this promise to the user.  Cloudflare is a mass-decryption chokepoint, which intercepts and decrypts the Web requests made by billions of people to millions of websites.
+
+- Prior discussion: [Tor Browser Bug #24351: Block Global Active Adversary Cloudflare](https://trac.torproject.org/projects/tor/ticket/24351)
+- Imported from [block_cloudflare_mitm_attack-1.0.0-an+fx.xpi](https://addons.mozilla.org/en-US/firefox/addon/block-cloudflare-mitm-attack/), by an anonymous cypherpunk.  “Cyperpunks write code.”  Cheers!
+- [Original announcement](https://trac.torproject.org/projects/tor/ticket/24351#comment:25)
+- Thanks to [Debian Bug #831835](https://bugs.debian.org/831835) for some inspiration.
--- a/archive/amo.md
+++ b/archive/amo.md
@ -0,0 +1,10 @@
+[https://addons.mozilla.org/en-US/firefox/addon/block-cloudflare-mitm-attack/](https://addons.mozilla.org/en-US/firefox/addon/block-cloudflare-mitm-attack/)
+
+# Block Cloudflare MiTM Attack
+## by [cypherpunks](https://addons.mozilla.org/en-US/firefox/user/JustATorUser/)
+
+If the destination use Cloudflare, block future request.
+
+Please read:
+[https://trac.torproject.org/projects/tor/ticket/24351](https://trac.torproject.org/projects/tor/ticket/24351)
+[http://www.crimeflare.com/](http://www.crimeflare.com/)
--- a/archive/block_cloudflare_mitm_attack-1.0.0-an+fx.xpi
+++ b/archive/block_cloudflare_mitm_attack-1.0.0-an+fx.xpi
--- a/archive/headers0.http
+++ b/archive/headers0.http
@ -0,0 +1,17 @@
+HTTP/1.1 302 FOUND
+Content-Security-Policy: script-src https://ssl.google-analytics.com/ga.js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://addons.cdn.mozilla.net; style-src 'self' 'unsafe-inline' https://addons.cdn.mozilla.net; default-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; img-src 'self' data: blob: https://ssl.google-analytics.com https://addons.cdn.mozilla.net https://static.addons.mozilla.net https://sentry.prod.mozaws.net; media-src https://videos.cdn.mozilla.net; object-src 'none'; connect-src 'self' https://sentry.prod.mozaws.net; font-src 'self' https://addons.cdn.mozilla.net; form-action 'self' https://developer.mozilla.org; base-uri 'self' https://addons.mozilla.org; report-uri /__cspreport__
+Content-Type: text/html; charset=utf-8
+Date: Mon, 11 Dec 2017 18:27:56 GMT
+ETag: "d41d8cd98f00b204e9800998ecf8427e"
+Location: https://addons.cdn.mozilla.net/user-media/addons/902908/block_cloudflare_mitm_attack-1.0.0-an+fx.xpi?filehash=sha256%3A335868a2ef8966ecd11db6532bca642cbd1d9eb31d5f9f1d79d9bd0d77f15c45
+Public-Key-Pins: max-age=5184000; includeSubDomains; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="
+Server: nginx
+strict-transport-security: max-age=31536000
+Vary: User-Agent
+x-content-type-options: nosniff
+X-Frame-Options: DENY
+X-Target-Digest: sha256:335868a2ef8966ecd11db6532bca642cbd1d9eb31d5f9f1d79d9bd0d77f15c45
+x-xss-protection: 1; mode=block
+Content-Length: 0
+Connection: keep-alive
+
--- a/archive/headers1.http
+++ b/archive/headers1.http
@ -0,0 +1,15 @@
+HTTP/1.1 200 OK
+Content-Type: application/x-xpinstall
+Content-Length: 9767
+Connection: keep-alive
+Accept-Ranges: bytes
+Cache-Control: max-age=86400
+Content-Security-Policy: default-src 'none'; report-uri https://addons.mozilla.org/__cspreport__
+Date: Mon, 11 Dec 2017 18:29:33 GMT
+Expires: Tue, 12 Dec 2017 18:29:33 GMT
+Last-Modified: Mon, 11 Dec 2017 14:30:08 GMT
+Server: nginx
+X-Cache: Miss from cloudfront
+Via: 1.1 3905f6b396c96f958286f8e228e61547.cloudfront.net (CloudFront)
+X-Amz-Cf-Id: U05sJSn5Gc55Pittka0jqN1NF1a1_b5HNUDS4DLf3-I4U-dXOzJApw==
+
--- a/archive/sha256.txt
+++ b/archive/sha256.txt
@ -0,0 +1 @@
+335868a2ef8966ecd11db6532bca642cbd1d9eb31d5f9f1d79d9bd0d77f15c45  block_cloudflare_mitm_attack-1.0.0-an+fx.xpi
--- a/archive/sha512.txt
+++ b/archive/sha512.txt
@ -0,0 +1 @@
+55e0a9c04e891e9bf3abe5b72d38d4e3213e120adbbbb1422cf5bd21bac4008e546988b987d684cdf8838d773cc8bcd9d61767a53a0b7f5674abc361b1fb3a4c  block_cloudflare_mitm_attack-1.0.0-an+fx.xpi
--- a/src/icons/icon-48.png
+++ b/src/icons/icon-48.png
--- a/src/icons/icon-64.png
+++ b/src/icons/icon-64.png
--- a/src/manifest.json
+++ b/src/manifest.json
@ -0,0 +1,15 @@
+{
+"manifest_version": 2,
+"name": "Block Cloudflare MiTM Attack",
+"description": "If the destination use Cloudflare, block future request.",
+"version": "1.0.0",
+"homepage_url": "https://trac.torproject.org/projects/tor/ticket/24351",
+"permissions": ["webRequest","webRequestBlocking","<all_urls>"],
+"icons": {
+ "48": "icons/icon-48.png",
+ "64": "icons/icon-64.png"
+},
+"background": {
+ "scripts": ["stop_cf_mitm.js"]
+}
+}
--- a/src/stop_cf_mitm.js
+++ b/src/stop_cf_mitm.js
@ -0,0 +1,33 @@
+/*
+		<<< Detect Cloudflare MiTM Attack >>>
+						by Sw
+	why? because...
+	https://trac.torproject.org/projects/tor/ticket/24351
+	http://www.crimeflare.com/
+*/
+//===============================================
+function analyzemydata(res){
+//console.log("mitmdetector: scanning: "+res.url);
+var cflink=document.createElement('a');cflink.setAttribute('href',res.url);
+var cf_hostname=cflink.hostname;
+var cf_protocol=cflink.protocol;
+var cf_gothead=res.responseHeaders;
+cflink=null;
+if ((cf_protocol=='http:'||cf_protocol=='https:') && cf_hostname.length>=4){
+//console.log("mitmdetector: testing...: "+res.url);
+var is_cloudflare_infected=0;// 2 to confirm
+for(var i=0;i<cf_gothead.length;i++){
+var cfv=cf_gothead[i];
+if (cfv['name']=='cf-ray' && cfv['value']!=undefined){is_cloudflare_infected+=1;}
+if (cfv['name']=='server' && cfv['value'].includes("cloudflare")){is_cloudflare_infected+=1;}
+if (is_cloudflare_infected==2){break;}
+}
+if (is_cloudflare_infected>=1){
+console.log('SECURITY_WARN: Cloudflare Detected: '+res.url);
+return {redirectUrl: "https://0.0.0.0/"};// just drop the connection
+}
+}
+return;
+}
+browser.webRequest.onHeadersReceived.addListener(analyzemydata,{urls: ["<all_urls>"]},["blocking","responseHeaders"]);
+//
				`@ -0,0 +1 @@`
				`335868a2ef8966ecd11db6532bca642cbd1d9eb31d5f9f1d79d9bd0d77f15c45 block_cloudflare_mitm_attack-1.0.0-an+fx.xpi`
				`@ -0,0 +1 @@`
				`55e0a9c04e891e9bf3abe5b72d38d4e3213e120adbbbb1422cf5bd21bac4008e546988b987d684cdf8838d773cc8bcd9d61767a53a0b7f5674abc361b1fb3a4c block_cloudflare_mitm_attack-1.0.0-an+fx.xpi`