Implement file protection module

06017793 · Thomas Rientjes · 498662d5 · 06017793 · 06017793 · 06017793
Verified Commit 06017793 authored 6 years ago by Thomas Rientjes
--- a/.eslintrc
+++ b/.eslintrc
@@ -7,6 +7,7 @@
  "extends": "eslint:recommended",
  "globals": {
    "Address": true,
+    "fileGuard": true,
    "files": true,
    "Header": true,
    "helpers": true,

--- a/core/constants.js
+++ b/core/constants.js
@@ -21,6 +21,7 @@ const Address = {
    'ANY': '*://*/*',
    'ANY_PATH': '/*',
    'ANY_PROTOCOL': '*://',
+    'CHROME_EXTENSION': 'chrome-extension:',
    'EXAMPLE': 'example.org',
    'HTTP': 'http:',
    'HTTPS': 'https:',

--- a/core/file-guard.js
+++ b/core/file-guard.js
+/**
+ * File Guard
+ * Belongs to Decentraleyes.
+ *
+ * @see https://github.com/Synzvato/decentraleyes/pull/258
+ *
+ * @author      Thomas Rientjes
+ * @since       2018-05-17
+ * @license     MPL 2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+'use strict';
+
+/**
+ * File Guard
+ */
+
+var fileGuard = {};
+
+/**
+ * Private Methods
+ */
+
+fileGuard._startListening = function () {
+
+    let randomHexString = helpers.generateRandomHexString(24);
+    fileGuard.secret = `?_=${randomHexString}`;
+
+    chrome.webRequest.onBeforeRequest.addListener(
+        fileGuard._verifyRequest,
+        {'urls': [`${fileGuard.path}/*`]},
+        [WebRequest.BLOCKING]
+    );
+};
+
+fileGuard._verifyRequest = function (requestDetails) {
+
+    let redirectUrl = chrome.runtime.getURL('/');
+
+    if (!requestDetails.url.endsWith(fileGuard.secret)) {
+        return {redirectUrl};
+    }
+};
+
+/**
+ * Initializations
+ */
+
+fileGuard.path = chrome.runtime.getURL('/resources');
+fileGuard.secret = '';
+
+if (fileGuard.path.startsWith(Address.CHROME_EXTENSION)) {
+    fileGuard._startListening();
+}
--- a/core/interceptor.js
+++ b/core/interceptor.js
@@ -87,7 +87,7 @@ interceptor.handleRequest = function (requestDetails, tabIdentifier, tab) {
    };

    return {
-        'redirectUrl': chrome.extension.getURL(targetPath)
+        'redirectUrl': chrome.extension.getURL(targetPath + fileGuard.secret)
    };
 };


--- a/modules/internal/helpers.js
+++ b/modules/internal/helpers.js
@@ -119,6 +119,23 @@ helpers.extractFilenameFromPath = function (path) {
    return filename;
 };

+helpers.generateRandomHexString = function (length) {
+
+    let randomValues, randomHexString;
+
+    randomValues = crypto.getRandomValues(new Uint8Array(length));
+    randomHexString = '';
+
+    for (let value of randomValues) {
+
+        // eslint-disable-next-line no-bitwise
+        let hexValue = (0 ^ value & 15 >> 0 / 4).toString(16);
+        randomHexString = `${randomHexString}${hexValue}`;
+    }
+
+    return randomHexString;
+};
+
 helpers.determineCdnName = function (domainName) {

    switch (domainName) {

--- a/pages/background/background.html
+++ b/pages/background/background.html
@@ -21,6 +21,7 @@
        <script src="../../core/request-sanitizer.js"></script>
        <script src="../../core/state-manager.js"></script>
        <script src="../../core/request-analyzer.js"></script>
+        <script src="../../core/file-guard.js"></script>
        <script src="../../core/interceptor.js"></script>
        <script src="../../core/main.js"></script>