commit b0638b1d2a3f34c463a5e7e21d260195c4e2e3e6 Author: Kuba Orlik Date: Fri Apr 23 14:56:41 2021 +0200 Initial commit diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..6ab38c8 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.log diff --git a/border-48.png b/border-48.png new file mode 100644 index 0000000..90687de Binary files /dev/null and b/border-48.png differ diff --git a/manifest.json b/manifest.json new file mode 100644 index 0000000..42d0386 --- /dev/null +++ b/manifest.json @@ -0,0 +1,31 @@ +{ + "manifest_version": 2, + "name": "Problematyczne requesty", + "version": "1.0", + + "description": "Adds a red border to all webpages matching mozilla.org.", + + "icons": { + "48": "icons/border-48.png" + }, + + "background": { + "scripts": ["problematic.js"] + }, + + "browser_action": { + "default_icon": "border-48.png", + "default_title": "Pokaż problematyczne requesty", + "default_popup": "popup/choose_beast.html" + }, + "icons": { + "48": "icons/border-48.png" + }, + "permissions": [ + "proxy", + "storage", + "", + "webRequest", + "webRequestBlocking" + ] +} diff --git a/problematic.js b/problematic.js new file mode 100644 index 0000000..da7b8ff --- /dev/null +++ b/problematic.js @@ -0,0 +1,41 @@ +console.log("PROBLEMATIC REQUESTS"); + +const isThirdParty = (arg) => arg.urlClassification.thirdParty.length > 0; +const hasCookie = (arg) => arg.requestHeaders.some((h) => h.name === "Cookie"); +const hasReferer = (arg) => + arg.requestHeaders.some((h) => h.name === "Referer"); + +const getReferer = (arg) => + arg.requestHeaders.filter((h) => h.name === "Referer")[0].value; +const getOrigin = async (arg) => { + let url; + if (arg.tabId) { + const tab = await browser.tabs.get(arg.tabId); + url = tab.url; + } else { + url = arg.frameAncestors[0].url; + } + + return new URL(url).host; +}; + +const exposesOrigin = async (arg) => { + return getReferer(arg).includes(await getOrigin(arg)); +}; + +browser.webRequest.onBeforeSendHeaders.addListener( + async (request) => { + // console.log(request.url, request.tabId); + if ( + isThirdParty(request) && + hasReferer(request) && + (await exposesOrigin(request)) + ) { + const has_cookie = hasCookie(request); + fn = has_cookie ? console.warn : console.log; + fn("Leaked referrer! Has cookie:", hasCookie(request), request.url); + } + }, + { urls: [""] }, + ["requestHeaders"] +);