Microsoft has acquired GitHub. Decentraleyes has left GitHub. Welcome to its new home!

To participate, please register, or sign in with an existing GitLab.com, Bitbucket, or GitHub account.

Past contributions on GitHub? Be sure to reclaim your Comments, Issues, and Pull Requests.

Verified Commit 1246b61c authored by Thomas Rientjes's avatar Thomas Rientjes
Browse files

Update and refactor existing codebase

parent ebe03bd8
{
"name": "decentraleyes-audit",
"version": "1.5.0",
"version": "1.6.0",
"author": "Thomas Rientjes",
"license": "MPL-2.0",
"description": "Library audit tool for Decentraleyes.",
......
......@@ -207,7 +207,7 @@ resourceAmount = localResourcePaths.length;
localResourcePaths.forEach(function (resourcePath) {
var resourceRoute = resourcePath.substr(localResourceLocationLength + 1);
resourceRoute = resourceRoute.substring(0, resourceRoute.length - 4);
resourceRoute = resourceRoute.substring(0, resourceRoute.length - 1);
_getLocalResourceContents(resourcePath, function (localResourceContents) {
......
......@@ -49,48 +49,8 @@ interceptor.handleRequest = function (requestDetails, tabIdentifier, tab) {
}
}
// Temporary list of undetectable tainted domains.
let undetectableTaintedDomains = {
'10fastfingers.com': true,
'blog.datawrapper.de': true,
'bundleofholding.com': true,
'cdnjs.com': true,
'cellmapper.net': true,
'code.world': true,
'creativecommons.org': true,
'dropbox.com': true,
'epey.com': true,
'evoice.com': true,
'freebusy.io': true,
'gazetadopovo.com.br': true,
'glowing-bear.org': true,
'ico.org.uk': true,
'labdoor.com': true,
'manualslib.com': true,
'meslieux.paris.fr': true,
'mgm.gov.tr': true,
'minigames.mail.ru': true,
'miniquadtestbench.com': true,
'nhm.ac.uk': true,
'openweathermap.org': true,
'poedb.tw': true,
'qwertee.com': true,
'regentgreymouth.co.nz': true,
'report-uri.io': true,
'scan.nextcloud.com': true,
'scotthelme.co.uk': true,
'securityheaders.com': true,
'securityheaders.io': true,
'somiibo.com': true,
'stefansundin.github.io': true,
'transcend-info.com': true,
'udacity.com': true,
'yadi.sk': true,
'yourvotematters.co.uk': true
};
if (undetectableTaintedDomains[tabDomain] || (/yandex\./).test(tabDomain)) {
return interceptor._handleMissingCandidate(requestDetails.url);
if (interceptor.taintedDomains[tabDomain] || (/yandex\./).test(tabDomain)) {
return interceptor._handleMissingCandidate(requestDetails.url, true);
}
targetDetails = requestAnalyzer.getLocalTarget(requestDetails);
......@@ -117,7 +77,9 @@ interceptor.handleRequest = function (requestDetails, tabIdentifier, tab) {
* Private Methods
*/
interceptor._handleMissingCandidate = function (requestUrl) {
interceptor._handleMissingCandidate = function (requestUrl, preserveUrl) {
let requestUrlSegments;
if (interceptor.blockMissing === true) {
......@@ -126,7 +88,14 @@ interceptor._handleMissingCandidate = function (requestUrl) {
};
}
let requestUrlSegments = new URL(requestUrl);
if (preserveUrl === true) {
return {
'cancel': false
};
}
requestUrlSegments = new URL(requestUrl);
if (requestUrlSegments.protocol === Address.HTTP) {
......@@ -160,6 +129,54 @@ interceptor._handleStorageChanged = function (changes) {
* Initializations
*/
// Temporary list of tainted domains.
interceptor.taintedDomains = {
'10fastfingers.com': true,
'blog.datawrapper.de': true,
'bundleofholding.com': true,
'cdnjs.com': true,
'cellmapper.net': true,
'code.world': true,
'creativecommons.org': true,
'docs.servicenow.com': true,
'dropbox.com': true,
'echo-news.co.uk': true,
'epey.com': true,
'evoice.com': true,
'freebusy.io': true,
'gazetadopovo.com.br': true,
'gdt.oqlf.gouv.qc.ca': true,
'glowing-bear.org': true,
'ico.org.uk': true,
'identi.ca': true,
'labdoor.com': true,
'manualslib.com': true,
'meslieux.paris.fr': true,
'mgm.gov.tr': true,
'minigames.mail.ru': true,
'miniquadtestbench.com': true,
'newlook.dteenergy.com': true,
'nhm.ac.uk': true,
'opavote.com': true,
'openweathermap.org': true,
'poedb.tw': true,
'qwertee.com': true,
'regentgreymouth.co.nz': true,
'report-uri.io': true,
'scan.nextcloud.com': true,
'scotthelme.co.uk': true,
'securityheaders.com': true,
'securityheaders.io': true,
'somiibo.com': true,
'stefansundin.github.io': true,
'timescale.com': true,
'transcend-info.com': true,
'udacity.com': true,
'yadi.sk': true,
'yelp.com': true,
'yourvotematters.co.uk': true
};
interceptor.amountInjected = 0;
interceptor.xhrTestDomain = Address.DECENTRALEYES;
interceptor.blockMissing = false;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment