checkpoint

master
Kuba Orlik 4 years ago
parent b0638b1d2a
commit 750b68fa24

@ -1,12 +1,21 @@
console.log("PROBLEMATIC REQUESTS");
const isThirdParty = (arg) => arg.urlClassification.thirdParty.length > 0;
// const isThirdParty = (arg) => arg.urlClassification.thirdParty.length > 0;
async function isThirdParty(request) {
const request_url = new URL(request.url);
const origin_url = new URL(await getOrigin(request));
return (
request_url.origin != origin_url.origin ||
request.urlClassification.thirdParty.length > 0
);
}
const hasCookie = (arg) => arg.requestHeaders.some((h) => h.name === "Cookie");
const hasReferer = (arg) =>
arg.requestHeaders.some((h) => h.name === "Referer");
const getReferer = (arg) =>
arg.requestHeaders.filter((h) => h.name === "Referer")[0].value;
const getOrigin = async (arg) => {
let url;
if (arg.tabId) {
@ -16,24 +25,29 @@ const getOrigin = async (arg) => {
url = arg.frameAncestors[0].url;
}
return new URL(url).host;
return url;
};
const exposesOrigin = async (arg) => {
return getReferer(arg).includes(await getOrigin(arg));
return getReferer(arg).includes(new URL(await getOrigin(arg)).host);
};
browser.webRequest.onBeforeSendHeaders.addListener(
async (request) => {
// console.log(request.url, request.tabId);
if (
isThirdParty(request) &&
(await isThirdParty(request)) &&
hasReferer(request) &&
(await exposesOrigin(request))
) {
const has_cookie = hasCookie(request);
fn = has_cookie ? console.warn : console.log;
fn("Leaked referrer! Has cookie:", hasCookie(request), request.url);
fn(
"Leaked referrer! Has cookie:",
hasCookie(request),
request.url,
"referer was",
getReferer(request)
);
}
},
{ urls: ["<all_urls>"] },

Loading…
Cancel
Save