archive
/
nuTensor
mirror of https://github.com/geekprojects/nuTensor.git
1
0
Fork 0
Code Issues Releases Wiki Activity

code review: various fixes

Browse Source 
- Ensure REFERER spoofing is always reported in logger
- Fixed possible exception thrown when asynchronously reporting cookies
pull/2/head
Raymond Hill 6 years ago
parent 18ecb90bd0
commit 46669115dc
No known key found for this signature in database
GPG Key ID: 25E1490B761470C2
4 changed files with 15 additions and 15 deletions
Show Stats Download Patch File Download Diff File

1
src/js/background.js
Unescape Escape View File

@ -237,7 +237,6 @@ return {
cookieRemovedCounter: 0, cookieRemovedCounter: 0,
localStorageRemovedCounter: 0, localStorageRemovedCounter: 0,
cookieHeaderFoiledCounter: 0, cookieHeaderFoiledCounter: 0,
refererHeaderFoiledCounter: 0,
hyperlinkAuditingFoiledCounter: 0, hyperlinkAuditingFoiledCounter: 0,
browserCacheClearedCounter: 0, browserCacheClearedCounter: 0,
storageUsed: 0, storageUsed: 0,

1
src/js/cookies.js
Unescape Escape View File

@ -209,6 +209,7 @@ var recordPageCookie = (function() {
if ( pageStore.tabId === '' ) { continue; } if ( pageStore.tabId === '' ) { continue; }
for ( let cookieKey of qentry[1] ) { for ( let cookieKey of qentry[1] ) {
let cookieEntry = cookieDict.get(cookieKey); let cookieEntry = cookieDict.get(cookieKey);
if ( cookieEntry === undefined ) { continue; }
let block = µm.mustBlock( let block = µm.mustBlock(
pageStore.pageHostname, pageStore.pageHostname,
cookieEntry.hostname, cookieEntry.hostname,

1
src/js/pagestats.js
Unescape Escape View File

@ -123,6 +123,7 @@ PageStore.prototype = {
this.distinctRequestCount = 0; this.distinctRequestCount = 0;
this.perLoadAllowedRequestCount = 0; this.perLoadAllowedRequestCount = 0;
this.perLoadBlockedRequestCount = 0; this.perLoadBlockedRequestCount = 0;
this.perLoadBlockedReferrerCount = 0;
this.has3pReferrer = false; this.has3pReferrer = false;
this.hasMixedContent = false; this.hasMixedContent = false;
this.hasNoscriptTags = false; this.hasNoscriptTags = false;

27
src/js/traffic.js
Unescape Escape View File

@ -182,7 +182,7 @@ var onBeforeRequestHandler = function(details) {
// Sanitize outgoing headers as per user settings. // Sanitize outgoing headers as per user settings.
var onBeforeSendHeadersHandler = function(details) { var onBeforeSendHeadersHandler = function(details) {
var µm = µMatrix, let µm = µMatrix,
µmuri = µm.URI, µmuri = µm.URI,
requestURL = details.url, requestURL = details.url,
requestScheme = µmuri.schemeFromURI(requestURL); requestScheme = µmuri.schemeFromURI(requestURL);
@ -197,11 +197,10 @@ var onBeforeSendHeadersHandler = function(details) {
// to scope on unknown scheme? Etc. // to scope on unknown scheme? Etc.
// https://github.com/gorhill/httpswitchboard/issues/191 // https://github.com/gorhill/httpswitchboard/issues/191
// https://github.com/gorhill/httpswitchboard/issues/91#issuecomment-37180275 // https://github.com/gorhill/httpswitchboard/issues/91#issuecomment-37180275
var tabId = details.tabId, let tabId = details.tabId,
pageStore = µm.mustPageStoreFromTabId(tabId), pageStore = µm.mustPageStoreFromTabId(tabId),
requestType = requestTypeNormalizer[details.type] || 'other', requestType = requestTypeNormalizer[details.type] || 'other',
requestHeaders = details.requestHeaders, requestHeaders = details.requestHeaders;
headerIndex, headerValue;
// https://github.com/gorhill/httpswitchboard/issues/342 // https://github.com/gorhill/httpswitchboard/issues/342
// Is this hyperlink auditing? // Is this hyperlink auditing?
@ -224,9 +223,9 @@ var onBeforeSendHeadersHandler = function(details) {
// With hyperlink-auditing, removing header(s) is pointless, the whole // With hyperlink-auditing, removing header(s) is pointless, the whole
// request must be cancelled. // request must be cancelled.
headerIndex = headerIndexFromName('ping-to', requestHeaders); let headerIndex = headerIndexFromName('ping-to', requestHeaders);
if ( headerIndex !== -1 ) { if ( headerIndex !== -1 ) {
headerValue = requestHeaders[headerIndex].value; let headerValue = requestHeaders[headerIndex].value;
if ( headerValue !== '' ) { if ( headerValue !== '' ) {
var block = µm.userSettings.processHyperlinkAuditing; var block = µm.userSettings.processHyperlinkAuditing;
pageStore.recordRequest('other', requestURL + '{Ping-To:' + headerValue + '}', block); pageStore.recordRequest('other', requestURL + '{Ping-To:' + headerValue + '}', block);
@ -241,7 +240,7 @@ var onBeforeSendHeadersHandler = function(details) {
// If we reach this point, request is not blocked, so what is left to do // If we reach this point, request is not blocked, so what is left to do
// is to sanitize headers. // is to sanitize headers.
var rootHostname = pageStore.pageHostname, let rootHostname = pageStore.pageHostname,
requestHostname = µmuri.hostnameFromURI(requestURL), requestHostname = µmuri.hostnameFromURI(requestURL),
modified = false; modified = false;
@ -253,7 +252,7 @@ var onBeforeSendHeadersHandler = function(details) {
µm.mustBlock(rootHostname, requestHostname, 'cookie') µm.mustBlock(rootHostname, requestHostname, 'cookie')
) { ) {
modified = true; modified = true;
headerValue = requestHeaders[headerIndex].value; let headerValue = requestHeaders[headerIndex].value;
requestHeaders.splice(headerIndex, 1); requestHeaders.splice(headerIndex, 1);
µm.cookieHeaderFoiledCounter++; µm.cookieHeaderFoiledCounter++;
if ( requestType === 'doc' ) { if ( requestType === 'doc' ) {
@ -284,28 +283,28 @@ var onBeforeSendHeadersHandler = function(details) {
headerIndex = headerIndexFromName('referer', requestHeaders); headerIndex = headerIndexFromName('referer', requestHeaders);
if ( headerIndex !== -1 ) { if ( headerIndex !== -1 ) {
headerValue = requestHeaders[headerIndex].value; let headerValue = requestHeaders[headerIndex].value;
if ( headerValue !== '' ) { if ( headerValue !== '' ) {
var toDomain = µmuri.domainFromHostname(requestHostname); let toDomain = µmuri.domainFromHostname(requestHostname);
if ( toDomain !== '' && toDomain !== µmuri.domainFromURI(headerValue) ) { if ( toDomain !== '' && toDomain !== µmuri.domainFromURI(headerValue) ) {
pageStore.has3pReferrer = true; pageStore.has3pReferrer = true;
if ( µm.tMatrix.evaluateSwitchZ('referrer-spoof', rootHostname) ) { if ( µm.tMatrix.evaluateSwitchZ('referrer-spoof', rootHostname) ) {
modified = true; modified = true;
var newValue; let newValue;
if ( details.method === 'GET' ) { if ( details.method === 'GET' ) {
newValue = requestHeaders[headerIndex].value = newValue = requestHeaders[headerIndex].value =
requestScheme + '://' + requestHostname + '/'; requestScheme + '://' + requestHostname + '/';
} else { } else {
requestHeaders.splice(headerIndex, 1); requestHeaders.splice(headerIndex, 1);
} }
µm.refererHeaderFoiledCounter++; if ( pageStore.perLoadBlockedReferrerCount === 0 ) {
if ( requestType === 'doc' ) { pageStore.perLoadBlockedRequestCount += 1;
pageStore.perLoadBlockedRequestCount++;
µm.logger.writeOne(tabId, 'net', '', headerValue, 'REFERER', true); µm.logger.writeOne(tabId, 'net', '', headerValue, 'REFERER', true);
if ( newValue !== undefined ) { if ( newValue !== undefined ) {
µm.logger.writeOne(tabId, 'net', '', newValue, 'REFERER', false); µm.logger.writeOne(tabId, 'net', '', newValue, 'REFERER', false);
} }
} }
pageStore.perLoadBlockedReferrerCount += 1;
} }
} }
} }

Write Preview
Loading…
Cancel
Save