aboutsummaryrefslogtreecommitdiff
path: root/content
diff options
context:
space:
mode:
authorWojtek Kosior <koszko@koszko.org>2021-08-18 17:53:57 +0200
committerWojtek Kosior <koszko@koszko.org>2021-08-18 17:53:57 +0200
commit014f2a2f4e2071c35314d67285711f0f4615266b (patch)
tree081c18c6fc1270d1e312962bd21b71a7072004c4 /content
parent0bbda8fceb52f28032460db0331b09ad086a2a64 (diff)
downloadbrowser-extension-014f2a2f4e2071c35314d67285711f0f4615266b.tar.gz
browser-extension-014f2a2f4e2071c35314d67285711f0f4615266b.zip
implement smuggling via cookies instead of URL
Diffstat (limited to 'content')
-rw-r--r--content/main.js24
1 files changed, 13 insertions, 11 deletions
diff --git a/content/main.js b/content/main.js
index 9ed557c..8adcd48 100644
--- a/content/main.js
+++ b/content/main.js
@@ -9,8 +9,7 @@
/*
* IMPORTS_START
* IMPORT handle_page_actions
- * IMPORT url_extract_target
- * IMPORT gen_unique
+ * IMPORT extract_signed
* IMPORT gen_nonce
* IMPORT csp_rule
* IMPORT is_privileged_url
@@ -98,18 +97,21 @@ function inject_csp(head)
}
if (!is_privileged_url(document.URL)) {
- const targets = url_extract_target(document.URL);
- if (targets.policy) {
- if (targets.target2)
- window.location.href = targets.base_url + targets.target2;
- else
- history.replaceState(null, "", targets.base_url);
+ const reductor =
+ (ac, [_, sig, pol]) => ac[0] && ac || [extract_signed(sig, pol), sig];
+ const matches = [...document.cookie.matchAll(/hachette-(\w*)=([^;]*)/g)];
+ let [policy, signature] = matches.reduce(reductor, []);
+
+ console.log("extracted policy", [signature, policy]);
+ if (!policy || policy.url !== document.URL) {
+ console.log("using default policy");
+ policy = {allow: false, nonce: gen_nonce()};
}
- const policy = targets.current ? targets.policy : {};
+ if (signature)
+ document.cookie = `hachette-${signature}=; Max-Age=-1;`;
- nonce = policy.nonce || gen_nonce();
- handle_page_actions(nonce);
+ handle_page_actions(policy.nonce);
if (!policy.allow) {
block_nodes_recursively(document.documentElement);