Signal which entries expose origin or are part of a request that
exposes origin
This commit is contained in:
parent
68078546fa
commit
7f67bd5e2b
|
|
@ -128,19 +128,33 @@ export default class ExtendedRequest {
|
||||||
}
|
}
|
||||||
|
|
||||||
exposesOrigin() {
|
exposesOrigin() {
|
||||||
const url = new URL(this.origin);
|
const url = new URL(this.originalURL);
|
||||||
const host = url.host;
|
const host = url.host;
|
||||||
const path = url.pathname;
|
const path = url.pathname;
|
||||||
const shorthost = getshorthost(host);
|
const shorthost = getshorthost(host);
|
||||||
return (
|
if (this.getReferer().includes(shorthost)) {
|
||||||
this.getReferer().includes(host) ||
|
return true;
|
||||||
this.stolenData.filter(
|
}
|
||||||
(entry) =>
|
for (const entry of this.stolenData) {
|
||||||
entry.value.includes(host) ||
|
if (
|
||||||
entry.value.includes(path) ||
|
entry.value.includes(host) ||
|
||||||
entry.value.includes(shorthost)
|
entry.value.includes(path) ||
|
||||||
).length > 0
|
entry.value.includes(shorthost)
|
||||||
);
|
) {
|
||||||
|
console.log(
|
||||||
|
"request",
|
||||||
|
this.data.url,
|
||||||
|
"exposes origin in ",
|
||||||
|
entry,
|
||||||
|
". Checked",
|
||||||
|
host,
|
||||||
|
path,
|
||||||
|
shorthost
|
||||||
|
);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
private getAllStolenData(): StolenDataEntry[] {
|
private getAllStolenData(): StolenDataEntry[] {
|
||||||
|
|
|
||||||
|
|
@ -44,19 +44,10 @@ const icons: Record<Sources, string> = {
|
||||||
header: "H",
|
header: "H",
|
||||||
};
|
};
|
||||||
|
|
||||||
function StolenDataRow({
|
function StolenDataRow({ entry }: { entry: StolenDataEntry }) {
|
||||||
entry,
|
|
||||||
cluster,
|
|
||||||
}: {
|
|
||||||
entry: StolenDataEntry;
|
|
||||||
cluster: RequestCluster;
|
|
||||||
}) {
|
|
||||||
const [version] = useEmitter(entry);
|
const [version] = useEmitter(entry);
|
||||||
return (
|
return (
|
||||||
<tr
|
<tr data-key={entry.id} data-version={version}>
|
||||||
data-key={origin + cluster.id + entry.getUniqueKey()}
|
|
||||||
data-version={version}
|
|
||||||
>
|
|
||||||
<td>
|
<td>
|
||||||
<input
|
<input
|
||||||
type="checkbox"
|
type="checkbox"
|
||||||
|
|
@ -73,7 +64,16 @@ function StolenDataRow({
|
||||||
>
|
>
|
||||||
{entry.name}
|
{entry.name}
|
||||||
</th>
|
</th>
|
||||||
<td>{[entry.source].map((source) => icons[source])}</td>
|
<td style={{ whiteSpace: "nowrap" }}>
|
||||||
|
{[entry.source].map((source) => icons[source])}
|
||||||
|
{entry.exposesOrigin() ? (
|
||||||
|
<span title="Pokazuje część historii przeglądania">🔴</span>
|
||||||
|
) : entry.request.exposesOrigin() ? (
|
||||||
|
<span title="Jest częścią zapytania, które ujawnia historię przeglądania">
|
||||||
|
🟡
|
||||||
|
</span>
|
||||||
|
) : null}
|
||||||
|
</td>
|
||||||
<td style={{ wordWrap: "anywhere" as any }}>
|
<td style={{ wordWrap: "anywhere" as any }}>
|
||||||
<StolenDataValue entry={entry} />
|
<StolenDataValue entry={entry} />
|
||||||
</td>
|
</td>
|
||||||
|
|
@ -126,7 +126,6 @@ export default function StolenDataCluster({
|
||||||
<StolenDataRow
|
<StolenDataRow
|
||||||
{...{
|
{...{
|
||||||
entry,
|
entry,
|
||||||
cluster,
|
|
||||||
key: entry.id,
|
key: entry.id,
|
||||||
}}
|
}}
|
||||||
/>
|
/>
|
||||||
|
|
|
||||||
|
|
@ -4,6 +4,7 @@ import ExtendedRequest, { HAREntry } from "./extended-request";
|
||||||
|
|
||||||
import {
|
import {
|
||||||
getshorthost,
|
getshorthost,
|
||||||
|
isBase64,
|
||||||
isBase64JSON,
|
isBase64JSON,
|
||||||
isJSONObject,
|
isJSONObject,
|
||||||
isURL,
|
isURL,
|
||||||
|
|
@ -28,7 +29,7 @@ const id = (function* id() {
|
||||||
}
|
}
|
||||||
})();
|
})();
|
||||||
|
|
||||||
export type DecodingSchema = "base64";
|
export type DecodingSchema = "base64" | "raw";
|
||||||
|
|
||||||
export class StolenDataEntry extends EventEmitter {
|
export class StolenDataEntry extends EventEmitter {
|
||||||
public isIAB = false;
|
public isIAB = false;
|
||||||
|
|
@ -36,7 +37,8 @@ export class StolenDataEntry extends EventEmitter {
|
||||||
public id: number;
|
public id: number;
|
||||||
private marked = false;
|
private marked = false;
|
||||||
public classification: keyof typeof Classifications;
|
public classification: keyof typeof Classifications;
|
||||||
public decoding_applied: DecodingSchema = null;
|
public decoding_applied: DecodingSchema = "raw";
|
||||||
|
public decodings_available: DecodingSchema[] = ["raw"];
|
||||||
|
|
||||||
constructor(
|
constructor(
|
||||||
public request: ExtendedRequest,
|
public request: ExtendedRequest,
|
||||||
|
|
@ -52,9 +54,8 @@ export class StolenDataEntry extends EventEmitter {
|
||||||
super();
|
super();
|
||||||
this.id = id.next().value as number;
|
this.id = id.next().value as number;
|
||||||
this.classification = this.classify();
|
this.classification = this.classify();
|
||||||
if (isBase64JSON(value)) {
|
if (isBase64(value)) {
|
||||||
this.value = atob(value);
|
this.decodings_available.push("base64");
|
||||||
this.decoding_applied = "base64";
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -213,4 +214,8 @@ export class StolenDataEntry extends EventEmitter {
|
||||||
getUniqueKey() {
|
getUniqueKey() {
|
||||||
return this.request.shorthost + ";" + this.name + ";" + this.value;
|
return this.request.shorthost + ";" + this.name + ";" + this.value;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
exposesOrigin(): boolean {
|
||||||
|
return this.value.includes(getshorthost(this.request.origin));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user