Block URL request if masterkey is present in parameters
This commit is contained in:
@@ -416,6 +416,8 @@ function on_sumbit(e)
|
||||
|
||||
function document_loaded(doc)
|
||||
{
|
||||
var has_login_form = false;
|
||||
|
||||
// If there is a password in the form, add a "submit" listener
|
||||
for(var i=0; i<doc.forms.length; i++)
|
||||
{
|
||||
@@ -426,11 +428,22 @@ function document_loaded(doc)
|
||||
var field = fields[a];
|
||||
if (field.getAttribute("type") == "password")
|
||||
{
|
||||
block_url(form.action);
|
||||
old_cb = form.onsubmit;
|
||||
if (old_cb)
|
||||
form.removeEventListener("submit", old_cb);
|
||||
form.addEventListener("submit", on_sumbit);
|
||||
if (old_cb)
|
||||
form.addEventListener("submit", old_cb);
|
||||
has_login_form = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/* Request can be sent to another URL... */
|
||||
if (has_login_form)
|
||||
block_url("<all_urls>");
|
||||
}
|
||||
|
||||
document_loaded(document);
|
||||
|
||||
@@ -29,6 +29,12 @@ function notify(text, data)
|
||||
browser.runtime.sendMessage({type: "notification", options:{"message":text}});
|
||||
}
|
||||
|
||||
function block_url(url)
|
||||
{
|
||||
debug("Block URL " + url);
|
||||
browser.runtime.sendMessage({type: "block_url", options:{"url":url}});
|
||||
}
|
||||
|
||||
// https://stackoverflow.com/questions/6965107/converting-between-strings-and-arraybuffers
|
||||
function ab2str(buf) {
|
||||
return String.fromCharCode.apply(null, new Uint8Array(buf));
|
||||
@@ -119,9 +125,6 @@ function _encrypt(mkey, iv, data)
|
||||
while ((data.length % 16))
|
||||
data += "\0";
|
||||
|
||||
debug("Encrypt " + data);
|
||||
debug("Encrypt " + iv.length);
|
||||
|
||||
data = str2ab(data);
|
||||
|
||||
promise = mkey.then(function(mkey){
|
||||
@@ -148,8 +151,6 @@ async function _decrypt(mkey, iv, data)
|
||||
pkcs7_padding = new Uint8Array([16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16]);
|
||||
pkcs7_padding = await _encrypt(mkey, nulliv, ab2str(pkcs7_padding));
|
||||
|
||||
debug("Decrypt " + data);
|
||||
|
||||
data = str2ab(data + pkcs7_padding);
|
||||
|
||||
nulliv = new Uint8Array([0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]);
|
||||
@@ -173,6 +174,8 @@ async function encrypt_ecb(mkey, data)
|
||||
{
|
||||
var result = "";
|
||||
|
||||
console.log("Encrypt ECB " + data);
|
||||
|
||||
nulliv = new Uint8Array([0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]);
|
||||
|
||||
while (data.length > 16)
|
||||
@@ -191,6 +194,8 @@ async function encrypt_ecb(mkey, data)
|
||||
async function decrypt_ecb(mkey, data)
|
||||
{
|
||||
var result = "";
|
||||
|
||||
console.log("Decrypt ECB " + data);
|
||||
|
||||
nulliv = new Uint8Array([0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]);
|
||||
|
||||
@@ -208,7 +213,9 @@ async function decrypt_ecb(mkey, data)
|
||||
}
|
||||
|
||||
async function encrypt_cbc(mkey, iv, data)
|
||||
{
|
||||
{
|
||||
console.log("Encrypt CBC " + data);
|
||||
|
||||
var result = await _encrypt(mkey, str2ab(iv), data);
|
||||
|
||||
// Remove PKCS7 padding
|
||||
@@ -217,6 +224,8 @@ async function encrypt_cbc(mkey, iv, data)
|
||||
|
||||
async function decrypt_cbc(mkey, iv, data)
|
||||
{
|
||||
console.log("Decrypt CBC " + data);
|
||||
|
||||
var result = await _decrypt(mkey, str2ab(iv), data);
|
||||
|
||||
// Remove PKCS7 padding
|
||||
|
||||
Reference in New Issue
Block a user