diff options
author | jahoti <jahoti@tilde.team> | 2021-07-18 00:00:00 +0000 |
---|---|---|
committer | jahoti <jahoti@tilde.team> | 2021-07-18 00:00:00 +0000 |
commit | ecb787046271de708b94da70240713e725299d86 (patch) | |
tree | 9c7968dd81bd54fcb63debe951207337e95911cd /common | |
parent | 8b823e1a6f29e52effc086d02dfe2e2812b2e187 (diff) | |
download | browser-extension-ecb787046271de708b94da70240713e725299d86.tar.gz browser-extension-ecb787046271de708b94da70240713e725299d86.zip |
Streamline and harden unique values/settings
The base URL is now included in the settings. The unique value no longer uses
it directly, as it is included by virtue of the settings; however, the number
of full hours since the epoch (UTC) is now incorporated.
Diffstat (limited to 'common')
-rw-r--r-- | common/misc.js | 34 |
1 files changed, 26 insertions, 8 deletions
diff --git a/common/misc.js b/common/misc.js index 036eb45..472620e 100644 --- a/common/misc.js +++ b/common/misc.js @@ -104,23 +104,40 @@ function is_privileged_url(url) return !!/^(chrome(-extension)?|moz-extension):\/\/|^about:/i.exec(url); } +/* Sign a given policy for a given time */ +function sign_policy(policy, now, hours_offset) { + let time = Math.floor(now / 3600000) + (hours_offset || 0); + return gen_unique(time + policy); +} + /* Extract any policy present in the URL */ function url_extract_policy(url) { - var policy_string; const targets = url_extract_target(url); + if (!targets.target) + return targets; + + /* %7B -> { */ + const index = targets.target.indexOf('%7B'); + if (index === -1) + return targets; + + const now = new Date(); + const sig = targets.target.substring(1, index); + const policy = targets.target.substring(index); + if ( + sig !== sign_policy(policy, now) && + sig !== sign_policy(policy, now, -1) && + sig !== sign_policy(policy, now, 1) + ) + return targets; try { - policy_string = targets.target.substring(65); - targets.policy = JSON.parse(decodeURIComponent(policy_string)); + targets.policy = JSON.parse(decodeURIComponent(policy)); + targets.current = targets.policy.base_url === targets.base_url; } catch (e) { /* TODO what should happen here? */ } - - if (targets.policy) { - const sig = gen_unique(policy_string + targets.base_url); - targets.valid_sig = targets.target.substring(1, 65) === sig; - } return targets; } @@ -132,6 +149,7 @@ function url_extract_policy(url) * EXPORT url_item * EXPORT url_extract_target * EXPORT url_extract_policy + * EXPORT sign_policy * EXPORT csp_rule * EXPORT nice_name * EXPORT open_in_settings |