diff options
author | Wojtek Kosior <koszko@koszko.org> | 2021-08-18 17:53:57 +0200 |
---|---|---|
committer | Wojtek Kosior <koszko@koszko.org> | 2021-08-18 17:53:57 +0200 |
commit | 014f2a2f4e2071c35314d67285711f0f4615266b (patch) | |
tree | 081c18c6fc1270d1e312962bd21b71a7072004c4 /content | |
parent | 0bbda8fceb52f28032460db0331b09ad086a2a64 (diff) | |
download | browser-extension-014f2a2f4e2071c35314d67285711f0f4615266b.tar.gz browser-extension-014f2a2f4e2071c35314d67285711f0f4615266b.zip |
implement smuggling via cookies instead of URL
Diffstat (limited to 'content')
-rw-r--r-- | content/main.js | 24 |
1 files changed, 13 insertions, 11 deletions
diff --git a/content/main.js b/content/main.js index 9ed557c..8adcd48 100644 --- a/content/main.js +++ b/content/main.js @@ -9,8 +9,7 @@ /* * IMPORTS_START * IMPORT handle_page_actions - * IMPORT url_extract_target - * IMPORT gen_unique + * IMPORT extract_signed * IMPORT gen_nonce * IMPORT csp_rule * IMPORT is_privileged_url @@ -98,18 +97,21 @@ function inject_csp(head) } if (!is_privileged_url(document.URL)) { - const targets = url_extract_target(document.URL); - if (targets.policy) { - if (targets.target2) - window.location.href = targets.base_url + targets.target2; - else - history.replaceState(null, "", targets.base_url); + const reductor = + (ac, [_, sig, pol]) => ac[0] && ac || [extract_signed(sig, pol), sig]; + const matches = [...document.cookie.matchAll(/hachette-(\w*)=([^;]*)/g)]; + let [policy, signature] = matches.reduce(reductor, []); + + console.log("extracted policy", [signature, policy]); + if (!policy || policy.url !== document.URL) { + console.log("using default policy"); + policy = {allow: false, nonce: gen_nonce()}; } - const policy = targets.current ? targets.policy : {}; + if (signature) + document.cookie = `hachette-${signature}=; Max-Age=-1;`; - nonce = policy.nonce || gen_nonce(); - handle_page_actions(nonce); + handle_page_actions(policy.nonce); if (!policy.allow) { block_nodes_recursively(document.documentElement); |