Project

General

Profile

« Previous | Next » 

Revision ecb78704

Added by jahoti about 2 years ago

Streamline and harden unique values/settings

The base URL is now included in the settings. The unique value no longer uses
it directly, as it is included by virtue of the settings; however, the number
of full hours since the epoch (UTC) is now incorporated.

View differences:

background/policy_injector.js
17 17 
 * IMPORT gen_nonce
18 18 
 * IMPORT url_item
19 19 
 * IMPORT url_extract_policy
20 
 * IMPORT sign_policy
20 21 
 * IMPORT get_query_best
21 22 
 * IMPORT csp_rule
22 23 
 * IMPORTS_END
......
46 47 
function url_inject(details)
47 48 
{
48 49 
    const targets = url_extract_policy(details.url);
49 
    if (targets.valid_sig) {
50 
    if (targets.current) {
50 51 
	return;
51 52 
    } else if (targets.policy) {
52 53 
	/* Redirect; update policy */
......
59 60 
	/* Defaults */
60 61 
	settings = {};
61 62
62 
    const policy = {allow: settings.allow, nonce: gen_nonce()};
63 
    const policy_string = encodeURIComponent(JSON.stringify(policy));
64 
    const sig = gen_unique(policy_string + targets.base_url);
63 
    const policy = encodeURIComponent(
64 
	JSON.stringify({
65 
	    allow: settings.allow,
66 
	    nonce: gen_nonce(),
67 
	    base_url: targets.base_url
68 
	})
69 
    );
65 70
66 
    let redirect_url = targets.base_url + '#' + sig + policy_string;
71 
    let redirect_url = targets.base_url;
72 
    redirect_url += '#' + sign_policy(policy, new Date()) + policy;
67 73 
    if (targets.target)
68 74 
	redirect_url += targets.target;
69 75 
    if (targets.target2)
......
75 81 
function inject(details)
76 82 
{
77 83 
    const targets = url_extract_policy(details.url);
78 
    if (!targets.valid_sig)
79 
	/* Block unsigned requests */
84 
    if (!targets.current)
85 
	/* Block mis-/unsigned requests */
80 86 
	return {cancel: true};
81 87 

  		




  82
  88
  
    
    const rule = csp_rule(targets.policy.nonce);


  		




  83
  
  
    

  		




  84
  89
  
    
    var headers = details.responseHeaders;


  		




  85
  90
  
    

  		




  86
  91
  
    
    if (!targets.policy.allow || is_mozilla)


  		












Also available in:  Unified diff