From e3d9163ff94e3cd455b2150a2733e5cdd6632cd5 Mon Sep 17 00:00:00 2001
From: Thomas Rientjes <synzvato@protonmail.com>
Date: Sat, 7 Oct 2017 22:55:50 -0300
Subject: [PATCH] Implement a temporary list of tainted domains

---
 core/interceptor.js | 27 ++++++++++++++++++++++++++-
 1 file changed, 26 insertions(+), 1 deletion(-)

diff --git a/core/interceptor.js b/core/interceptor.js
index 78cb9ae..57ce92a 100644
--- a/core/interceptor.js
+++ b/core/interceptor.js
@@ -31,7 +31,7 @@ const HTTP_EXPRESSION = /^http?:\/\//;
 
 interceptor.handleRequest = function (requestDetails, tabIdentifier, tab) {
 
-    let validCandidate, targetDetails, targetPath;
+    let validCandidate, tabDomain, targetDetails, targetPath;
 
     validCandidate = requestAnalyzer.isValidCandidate(requestDetails, tab);
 
@@ -42,6 +42,31 @@ interceptor.handleRequest = function (requestDetails, tabIdentifier, tab) {
         };
     }
 
+    try {
+        tabDomain = tab.url.match(WEB_DOMAIN_EXPRESSION)[1];
+        tabDomain = requestAnalyzer._normalizeDomain(tabDomain);
+    } catch (exception) {
+        tabDomain = 'example.org';
+    }
+
+    // Temporary list of undetectable tainted domains.
+    let undetectableTaintedDomains = {
+        'cdnjs.com': true,
+        'dropbox.com': true,
+        'minigames.mail.ru': true,
+        'report-uri.io': true,
+        'securityheaders.io': true,
+        'stefansundin.github.io': true,
+        'udacity.com': true
+    };
+
+    if (undetectableTaintedDomains[tabDomain] || /yandex\./.test(tabDomain)) {
+
+        if (tabDomain !== 'yandex.ru') {
+            return interceptor._handleMissingCandidate(requestDetails.url);
+        }
+    }
+
     targetDetails = requestAnalyzer.getLocalTarget(requestDetails);
     targetPath = targetDetails.path;
 
-- 
GitLab