Skip to content
Snippets Groups Projects
Verified Commit 06017793 authored by Thomas Rientjes's avatar Thomas Rientjes
Browse files

Implement file protection module

parent 498662d5
No related branches found
No related tags found
No related merge requests found
......@@ -7,6 +7,7 @@
"extends": "eslint:recommended",
"globals": {
"Address": true,
"fileGuard": true,
"files": true,
"Header": true,
"helpers": true,
......
......@@ -21,6 +21,7 @@ const Address = {
'ANY': '*://*/*',
'ANY_PATH': '/*',
'ANY_PROTOCOL': '*://',
'CHROME_EXTENSION': 'chrome-extension:',
'EXAMPLE': 'example.org',
'HTTP': 'http:',
'HTTPS': 'https:',
......
/**
* File Guard
* Belongs to Decentraleyes.
*
* @see https://github.com/Synzvato/decentraleyes/pull/258
*
* @author Thomas Rientjes
* @since 2018-05-17
* @license MPL 2.0
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
* You can obtain one at http://mozilla.org/MPL/2.0/.
*/
'use strict';
/**
* File Guard
*/
var fileGuard = {};
/**
* Private Methods
*/
fileGuard._startListening = function () {
let randomHexString = helpers.generateRandomHexString(24);
fileGuard.secret = `?_=${randomHexString}`;
chrome.webRequest.onBeforeRequest.addListener(
fileGuard._verifyRequest,
{'urls': [`${fileGuard.path}/*`]},
[WebRequest.BLOCKING]
);
};
fileGuard._verifyRequest = function (requestDetails) {
let redirectUrl = chrome.runtime.getURL('/');
if (!requestDetails.url.endsWith(fileGuard.secret)) {
return {redirectUrl};
}
};
/**
* Initializations
*/
fileGuard.path = chrome.runtime.getURL('/resources');
fileGuard.secret = '';
if (fileGuard.path.startsWith(Address.CHROME_EXTENSION)) {
fileGuard._startListening();
}
......@@ -87,7 +87,7 @@ interceptor.handleRequest = function (requestDetails, tabIdentifier, tab) {
};
return {
'redirectUrl': chrome.extension.getURL(targetPath)
'redirectUrl': chrome.extension.getURL(targetPath + fileGuard.secret)
};
};
......
......@@ -119,6 +119,23 @@ helpers.extractFilenameFromPath = function (path) {
return filename;
};
helpers.generateRandomHexString = function (length) {
let randomValues, randomHexString;
randomValues = crypto.getRandomValues(new Uint8Array(length));
randomHexString = '';
for (let value of randomValues) {
// eslint-disable-next-line no-bitwise
let hexValue = (0 ^ value & 15 >> 0 / 4).toString(16);
randomHexString = `${randomHexString}${hexValue}`;
}
return randomHexString;
};
helpers.determineCdnName = function (domainName) {
switch (domainName) {
......
......@@ -21,6 +21,7 @@
<script src="../../core/request-sanitizer.js"></script>
<script src="../../core/state-manager.js"></script>
<script src="../../core/request-analyzer.js"></script>
<script src="../../core/file-guard.js"></script>
<script src="../../core/interceptor.js"></script>
<script src="../../core/main.js"></script>
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment