diff --git a/.eslintrc b/.eslintrc
index 969890a2e9a441b235c479f91a406c126d9edd27..a1b6ff0b1d47d4570a7951c7ac666cf84e67ff9d 100644
--- a/.eslintrc
+++ b/.eslintrc
@@ -7,6 +7,7 @@
"extends": "eslint:recommended",
"globals": {
"Address": true,
+ "fileGuard": true,
"files": true,
"Header": true,
"helpers": true,
diff --git a/core/constants.js b/core/constants.js
index 86e5754e75c1fd406badd69bd1ae5c384346dc87..f476a93cbb9f69d0fe5a1ffd35932486459ce8d8 100644
--- a/core/constants.js
+++ b/core/constants.js
@@ -21,6 +21,7 @@ const Address = {
'ANY': '*://*/*',
'ANY_PATH': '/*',
'ANY_PROTOCOL': '*://',
+ 'CHROME_EXTENSION': 'chrome-extension:',
'EXAMPLE': 'example.org',
'HTTP': 'http:',
'HTTPS': 'https:',
diff --git a/core/file-guard.js b/core/file-guard.js
new file mode 100644
index 0000000000000000000000000000000000000000..004348e264b020befa7c87ecff06d628c595293c
--- /dev/null
+++ b/core/file-guard.js
@@ -0,0 +1,58 @@
+/**
+ * File Guard
+ * Belongs to Decentraleyes.
+ *
+ * @see https://github.com/Synzvato/decentraleyes/pull/258
+ *
+ * @author Thomas Rientjes
+ * @since 2018-05-17
+ * @license MPL 2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+'use strict';
+
+/**
+ * File Guard
+ */
+
+var fileGuard = {};
+
+/**
+ * Private Methods
+ */
+
+fileGuard._startListening = function () {
+
+ let randomHexString = helpers.generateRandomHexString(24);
+ fileGuard.secret = `?_=${randomHexString}`;
+
+ chrome.webRequest.onBeforeRequest.addListener(
+ fileGuard._verifyRequest,
+ {'urls': [`${fileGuard.path}/*`]},
+ [WebRequest.BLOCKING]
+ );
+};
+
+fileGuard._verifyRequest = function (requestDetails) {
+
+ let redirectUrl = chrome.runtime.getURL('/');
+
+ if (!requestDetails.url.endsWith(fileGuard.secret)) {
+ return {redirectUrl};
+ }
+};
+
+/**
+ * Initializations
+ */
+
+fileGuard.path = chrome.runtime.getURL('/resources');
+fileGuard.secret = '';
+
+if (fileGuard.path.startsWith(Address.CHROME_EXTENSION)) {
+ fileGuard._startListening();
+}
diff --git a/core/interceptor.js b/core/interceptor.js
index c4e818da0da5034e6f09860eb1033b21ee3d31ae..1e57da60db951c79129fd611d235f9787443cedf 100644
--- a/core/interceptor.js
+++ b/core/interceptor.js
@@ -87,7 +87,7 @@ interceptor.handleRequest = function (requestDetails, tabIdentifier, tab) {
};
return {
- 'redirectUrl': chrome.extension.getURL(targetPath)
+ 'redirectUrl': chrome.extension.getURL(targetPath + fileGuard.secret)
};
};
diff --git a/modules/internal/helpers.js b/modules/internal/helpers.js
index 4bfcd1316f899dc773072a1b264b2e84e3b907e2..d01421c1da475565408e930e65507dc512d106e2 100644
--- a/modules/internal/helpers.js
+++ b/modules/internal/helpers.js
@@ -119,6 +119,23 @@ helpers.extractFilenameFromPath = function (path) {
return filename;
};
+helpers.generateRandomHexString = function (length) {
+
+ let randomValues, randomHexString;
+
+ randomValues = crypto.getRandomValues(new Uint8Array(length));
+ randomHexString = '';
+
+ for (let value of randomValues) {
+
+ // eslint-disable-next-line no-bitwise
+ let hexValue = (0 ^ value & 15 >> 0 / 4).toString(16);
+ randomHexString = `${randomHexString}${hexValue}`;
+ }
+
+ return randomHexString;
+};
+
helpers.determineCdnName = function (domainName) {
switch (domainName) {
diff --git a/pages/background/background.html b/pages/background/background.html
index 95c05f04022e754c7f2d8c4171019dd3ae1c903e..92ba3c4cc4281387ade0f0981b3599bf1019d750 100644
--- a/pages/background/background.html
+++ b/pages/background/background.html
@@ -21,6 +21,7 @@
<script src="../../core/request-sanitizer.js"></script>
<script src="../../core/state-manager.js"></script>
<script src="../../core/request-analyzer.js"></script>
+ <script src="../../core/file-guard.js"></script>
<script src="../../core/interceptor.js"></script>
<script src="../../core/main.js"></script>