From 060177935e643b75ee29bf5f788ddcf54560cb39 Mon Sep 17 00:00:00 2001
From: Thomas Rientjes <synzvato@protonmail.com>
Date: Thu, 17 May 2018 16:40:37 +0200
Subject: [PATCH] Implement file protection module
---
.eslintrc | 1 +
core/constants.js | 1 +
core/file-guard.js | 58 ++++++++++++++++++++++++++++++++
core/interceptor.js | 2 +-
modules/internal/helpers.js | 17 ++++++++++
pages/background/background.html | 1 +
6 files changed, 79 insertions(+), 1 deletion(-)
create mode 100644 core/file-guard.js
diff --git a/.eslintrc b/.eslintrc
index 969890a..a1b6ff0 100644
--- a/.eslintrc
+++ b/.eslintrc
@@ -7,6 +7,7 @@
"extends": "eslint:recommended",
"globals": {
"Address": true,
+ "fileGuard": true,
"files": true,
"Header": true,
"helpers": true,
diff --git a/core/constants.js b/core/constants.js
index 86e5754..f476a93 100644
--- a/core/constants.js
+++ b/core/constants.js
@@ -21,6 +21,7 @@ const Address = {
'ANY': '*://*/*',
'ANY_PATH': '/*',
'ANY_PROTOCOL': '*://',
+ 'CHROME_EXTENSION': 'chrome-extension:',
'EXAMPLE': 'example.org',
'HTTP': 'http:',
'HTTPS': 'https:',
diff --git a/core/file-guard.js b/core/file-guard.js
new file mode 100644
index 0000000..004348e
--- /dev/null
+++ b/core/file-guard.js
@@ -0,0 +1,58 @@
+/**
+ * File Guard
+ * Belongs to Decentraleyes.
+ *
+ * @see https://github.com/Synzvato/decentraleyes/pull/258
+ *
+ * @author Thomas Rientjes
+ * @since 2018-05-17
+ * @license MPL 2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+'use strict';
+
+/**
+ * File Guard
+ */
+
+var fileGuard = {};
+
+/**
+ * Private Methods
+ */
+
+fileGuard._startListening = function () {
+
+ let randomHexString = helpers.generateRandomHexString(24);
+ fileGuard.secret = `?_=${randomHexString}`;
+
+ chrome.webRequest.onBeforeRequest.addListener(
+ fileGuard._verifyRequest,
+ {'urls': [`${fileGuard.path}/*`]},
+ [WebRequest.BLOCKING]
+ );
+};
+
+fileGuard._verifyRequest = function (requestDetails) {
+
+ let redirectUrl = chrome.runtime.getURL('/');
+
+ if (!requestDetails.url.endsWith(fileGuard.secret)) {
+ return {redirectUrl};
+ }
+};
+
+/**
+ * Initializations
+ */
+
+fileGuard.path = chrome.runtime.getURL('/resources');
+fileGuard.secret = '';
+
+if (fileGuard.path.startsWith(Address.CHROME_EXTENSION)) {
+ fileGuard._startListening();
+}
diff --git a/core/interceptor.js b/core/interceptor.js
index c4e818d..1e57da6 100644
--- a/core/interceptor.js
+++ b/core/interceptor.js
@@ -87,7 +87,7 @@ interceptor.handleRequest = function (requestDetails, tabIdentifier, tab) {
};
return {
- 'redirectUrl': chrome.extension.getURL(targetPath)
+ 'redirectUrl': chrome.extension.getURL(targetPath + fileGuard.secret)
};
};
diff --git a/modules/internal/helpers.js b/modules/internal/helpers.js
index 4bfcd13..d01421c 100644
--- a/modules/internal/helpers.js
+++ b/modules/internal/helpers.js
@@ -119,6 +119,23 @@ helpers.extractFilenameFromPath = function (path) {
return filename;
};
+helpers.generateRandomHexString = function (length) {
+
+ let randomValues, randomHexString;
+
+ randomValues = crypto.getRandomValues(new Uint8Array(length));
+ randomHexString = '';
+
+ for (let value of randomValues) {
+
+ // eslint-disable-next-line no-bitwise
+ let hexValue = (0 ^ value & 15 >> 0 / 4).toString(16);
+ randomHexString = `${randomHexString}${hexValue}`;
+ }
+
+ return randomHexString;
+};
+
helpers.determineCdnName = function (domainName) {
switch (domainName) {
diff --git a/pages/background/background.html b/pages/background/background.html
index 95c05f0..92ba3c4 100644
--- a/pages/background/background.html
+++ b/pages/background/background.html
@@ -21,6 +21,7 @@
<script src="../../core/request-sanitizer.js"></script>
<script src="../../core/state-manager.js"></script>
<script src="../../core/request-analyzer.js"></script>
+ <script src="../../core/file-guard.js"></script>
<script src="../../core/interceptor.js"></script>
<script src="../../core/main.js"></script>
--
GitLab