Verified Commit 06017793 authored by Thomas Rientjes's avatar Thomas Rientjes
Browse files

Implement file protection module

parent 498662d5
......@@ -7,6 +7,7 @@
"extends": "eslint:recommended",
"globals": {
"Address": true,
"fileGuard": true,
"files": true,
"Header": true,
"helpers": true,
......
......@@ -21,6 +21,7 @@ const Address = {
'ANY': '*://*/*',
'ANY_PATH': '/*',
'ANY_PROTOCOL': '*://',
'CHROME_EXTENSION': 'chrome-extension:',
'EXAMPLE': 'example.org',
'HTTP': 'http:',
'HTTPS': 'https:',
......
/**
* File Guard
* Belongs to Decentraleyes.
*
* @see https://github.com/Synzvato/decentraleyes/pull/258
*
* @author Thomas Rientjes
* @since 2018-05-17
* @license MPL 2.0
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
* You can obtain one at http://mozilla.org/MPL/2.0/.
*/
'use strict';
/**
* File Guard
*/
var fileGuard = {};
/**
* Private Methods
*/
fileGuard._startListening = function () {
let randomHexString = helpers.generateRandomHexString(24);
fileGuard.secret = `?_=${randomHexString}`;
chrome.webRequest.onBeforeRequest.addListener(
fileGuard._verifyRequest,
{'urls': [`${fileGuard.path}/*`]},
[WebRequest.BLOCKING]
);
};
fileGuard._verifyRequest = function (requestDetails) {
let redirectUrl = chrome.runtime.getURL('/');
if (!requestDetails.url.endsWith(fileGuard.secret)) {
return {redirectUrl};
}
};
/**
* Initializations
*/
fileGuard.path = chrome.runtime.getURL('/resources');
fileGuard.secret = '';
if (fileGuard.path.startsWith(Address.CHROME_EXTENSION)) {
fileGuard._startListening();
}
......@@ -87,7 +87,7 @@ interceptor.handleRequest = function (requestDetails, tabIdentifier, tab) {
};
return {
'redirectUrl': chrome.extension.getURL(targetPath)
'redirectUrl': chrome.extension.getURL(targetPath + fileGuard.secret)
};
};
......
......@@ -119,6 +119,23 @@ helpers.extractFilenameFromPath = function (path) {
return filename;
};
helpers.generateRandomHexString = function (length) {
let randomValues, randomHexString;
randomValues = crypto.getRandomValues(new Uint8Array(length));
randomHexString = '';
for (let value of randomValues) {
// eslint-disable-next-line no-bitwise
let hexValue = (0 ^ value & 15 >> 0 / 4).toString(16);
randomHexString = `${randomHexString}${hexValue}`;
}
return randomHexString;
};
helpers.determineCdnName = function (domainName) {
switch (domainName) {
......
......@@ -21,6 +21,7 @@
<script src="../../core/request-sanitizer.js"></script>
<script src="../../core/state-manager.js"></script>
<script src="../../core/request-analyzer.js"></script>
<script src="../../core/file-guard.js"></script>
<script src="../../core/interceptor.js"></script>
<script src="../../core/main.js"></script>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment