Block URL request if masterkey is present in parameters

2017-07-08 08:43:26 +02:00
parent 7a7d2fd724
commit e341963675
6 changed files with 176 additions and 13 deletions
--- a/firefox_webextension/background.js
+++ b/firefox_webextension/background.js
@@ -1,3 +1,38 @@
+function url_block_callback(details)
+{
+    if (details.requestBody)
+    {
+	if (details.requestBody.formData)
+	{
+	    for (var key in details.requestBody.formData)
+	    {
+		for(var idx in details.requestBody.formData[key])
+		{
+		    value = details.requestBody.formData[key][idx];
+		    if (value.startsWith("@@") ||
+			value.startsWith("@_"))
+			return {cancel: true};
+		}
+	    }
+	}
+
+	/*
+	// Analyse POST parameters
+	if (details.method == "POST" && details.requestBody.raw)
+	{
+	    alert(details.requestBody.raw);
+	    var postedString = decodeURIComponent(String.fromCharCode.apply(null,
+                                      new Uint8Array(details.requestBody.raw[0].bytes)));
+	    if (postedString.indexOf("=@@") != -1 ||
+		postedString.indexOf("=@_") != -1)
+		return {cancel: true};
+	}
+*/
+    }
+
+    return {cancel: false};
+}
+
 browser.runtime.onMessage.addListener(
    function(request) {

@@ -14,4 +49,28 @@ browser.runtime.onMessage.addListener(

 	    window.setTimeout(function() {browser.notifications.clear("gPass")}, 2000);
 	}
+	else if (request.type == "block_url")
+	{
+	    browser.tabs.getCurrent().then(
+	    	function onGot(tab) {
+	    	    if (tab)
+	    	    {
+	    		browser.webRequest.onBeforeRequest.addListener(
+	    		    url_block_callback,
+	    		    {urls:[request.options.url],
+	    		     "types":["main_frame"],
+	    		     "tabId":tab.id,
+	    		     "windowId":tab.windowId
+	    		    },
+	    		    ["blocking", "requestBody"]);
+	    	    }
+	    	    else
+	    	    {
+			browser.webRequest.onBeforeRequest.addListener(
+			    url_block_callback,
+			    {urls:[request.options.url], types:["main_frame"]},
+			    ["blocking", "requestBody"]);
+		    }		    
+		});
+	}
    });
--- a/firefox_webextension/manifest.json
+++ b/firefox_webextension/manifest.json
@@ -11,7 +11,7 @@
    
    "content_scripts": [
 	{
-	    "matches": ["https://*/*", "http://*/*"],
+	    "matches": ["<all_urls>"],
 	    "js": ["lib/parseuri.js", "lib/misc.js", "compat.js", "lib/main.js"],
 	    "run_at" : "document_idle",
 	    "all_frames" : true
@@ -26,9 +26,11 @@
    "options_ui": { "page":"options.html" },

    "permissions": [
-	"https://*/",
-	"http://*/",
+	"<all_urls>",
 	"notifications",
+	"webRequest",
+	"webRequestBlocking",
+	"tabs",
 	"storage",
 	"activeTab"
    ]