Unverified Commit 1a7f41ee authored by Thomas Rientjes's avatar Thomas Rientjes Committed by GitHub
Browse files

Merge pull request #258 from gorhill/experimental

Hide web accessible resources from websites
parents 4c826259 e6a5de16
......@@ -111,7 +111,7 @@ interceptor._handleMissingCandidate = function (requestUrl) {
requestUrl = requestUrlSegments.toString();
return {
'redirectUrl': requestUrl
'redirectUrl': requestUrl + interceptor.warSecret
};
} else {
......@@ -147,3 +147,22 @@ chrome.storage.local.get([Setting.AMOUNT_INJECTED, Setting.BLOCK_MISSING], funct
*/
chrome.storage.onChanged.addListener(interceptor._handleStorageChanged);
/**
* Guard web accessible resources from direct access by web pages
*/
interceptor.warSecret = '?_=' +
Math.floor(Math.random() * 982451653 + 982451653).toString(36) +
Math.floor(Math.random() * 982451653 + 982451653).toString(36);
chrome.webRequest.onBeforeRequest.addListener(
function(requestDetails) {
if (!requestDetails.url.endsWith(interceptor.warSecret)) {
return { redirectUrl: chrome.runtime.getURL('/') };
}
},
{'urls': [chrome.runtime.getURL('/') + 'resources/*']},
[WebRequest.BLOCKING]
);
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment