You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
42 lines
1.1 KiB
JavaScript
42 lines
1.1 KiB
JavaScript
4 years ago
|
console.log("PROBLEMATIC REQUESTS");
|
||
|
|
|
||
|
|
const isThirdParty = (arg) => arg.urlClassification.thirdParty.length > 0;
|
||
|
|
const hasCookie = (arg) => arg.requestHeaders.some((h) => h.name === "Cookie");
|
||
|
|
const hasReferer = (arg) =>
|
||
|
|
arg.requestHeaders.some((h) => h.name === "Referer");
|
||
|
|
|
||
|
|
const getReferer = (arg) =>
|
||
|
|
arg.requestHeaders.filter((h) => h.name === "Referer")[0].value;
|
||
|
|
const getOrigin = async (arg) => {
|
||
|
|
let url;
|
||
|
|
if (arg.tabId) {
|
||
|
|
const tab = await browser.tabs.get(arg.tabId);
|
||
|
|
url = tab.url;
|
||
|
|
} else {
|
||
|
|
url = arg.frameAncestors[0].url;
|
||
|
|
}
|
||
|
|
|
||
|
|
return new URL(url).host;
|
||
|
|
};
|
||
|
|
|
||
|
|
const exposesOrigin = async (arg) => {
|
||
|
|
return getReferer(arg).includes(await getOrigin(arg));
|
||
|
|
};
|
||
|
|
|
||
|
|
browser.webRequest.onBeforeSendHeaders.addListener(
|
||
|
|
async (request) => {
|
||
|
|
// console.log(request.url, request.tabId);
|
||
|
|
if (
|
||
|
|
isThirdParty(request) &&
|
||
|
|
hasReferer(request) &&
|
||
|
|
(await exposesOrigin(request))
|
||
|
|
) {
|
||
|
|
const has_cookie = hasCookie(request);
|
||
|
|
fn = has_cookie ? console.warn : console.log;
|
||
|
|
fn("Leaked referrer! Has cookie:", hasCookie(request), request.url);
|
||
|
|
}
|
||
|
|
},
|
||
|
|
{ urls: ["<all_urls>"] },
|
||
|
|
["requestHeaders"]
|
||
|
|
);
|