Project

General

Profile

« Previous | Next » 

Revision 2875397f

Added by koszko about 2 years ago

improve signing\n\nSignature timestamp is now handled in a saner way. Sha256 implementation is no longer pulled in contexts that don't require it.

View differences:

content/main.js
32 32 
}
33 33 

  		




  34
  34
  
    
if (!is_privileged_url(document.URL)) {


  		




  35
  
  
    
    const reductor =


  		




  36
  
  
    
	  (ac, [_, sig, pol]) => ac[0] && ac || [extract_signed(sig, pol), sig];


  		




  37
  
  
    
    const matches = [...document.cookie.matchAll(/hachette-(\w*)=([^;]*)/g)];


  		




  38
  
  
    
    let [policy, signature] = matches.reduce(reductor, []);


  		




  
  35
  
    
    /* Signature valid for half an hour. */


  		




  
  36
  
    
    const min_time = new Date().getTime() - 1800 * 1000;


  		




  
  37
  
    
    let best_result = {time: -1};


  		




  
  38
  
    
    let policy = null;


  		




  
  39
  
    
    const extracted_signatures = [];


  		




  
  40
  
    
    for (const match of document.cookie.matchAll(/hachette-(\w*)=([^;]*)/g)) {


  		




  
  41
  
    
	const new_result = extract_signed(...match.slice(1, 3));


  		




  
  42
  
    
	if (new_result.fail)


  		




  
  43
  
    
	    continue;


  		




  39
  44
  
    

  		




  40
  
  
    
    if (!policy || policy.url !== document.URL) {


  		




  41
  
  
    
	console.log("WARNING! Using default policy!!!");


  		




  
  45
  
    
	extracted_signatures.push(match[1]);


  		




  
  46
  
    

  		




  
  47
  
    
	if (new_result.time < Math.max(min_time, best_result.time))


  		




  
  48
  
    
	    continue;


  		




  
  49
  
    

  		




  
  50
  
    
	/* This should succeed - it's our self-produced valid JSON. */


  		




  
  51
  
    
	const new_policy = JSON.parse(decodeURIComponent(new_result.data));


  		




  
  52
  
    
	if (new_policy.url !== document.URL)


  		




  
  53
  
    
	    continue;


  		




  
  54
  
    

  		




  
  55
  
    
	best_result = new_result;


  		




  
  56
  
    
	policy = new_policy;


  		




  
  57
  
    
    }


  		




  
  58
  
    

  		




  
  59
  
    
    if (!policy) {


  		




  
  60
  
    
	console.warn("WARNING! Using default policy!!!");


  		




  42
  61
  
    
	policy = {allow: false, nonce: gen_nonce()};


  		




  43
  62
  
    
    }


  		




  44
  63
  
    

  		




  45
  
  
    
    if (signature)


  		




  
  64
  
    
    for (const signature of extracted_signatures)


  		




  46
  65
  
    
	document.cookie = `hachette-${signature}=; Max-Age=-1;`;


  		




  47
  66
  
    

  		




  48
  67
  
    
    handle_page_actions(policy.nonce);


  		












Also available in:  Unified diff