/** * This file is part of Haketilo. * * Function: Miscellaneous operations refactored to a separate file. * * Copyright (C) 2021 Wojtek Kosior * Copyright (C) 2021 jahoti * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * As additional permission under GNU GPL version 3 section 7, you * may distribute forms of that code without the copy of the GNU * GPL normally required by section 4, provided you include this * license notice and, in case of non-source distribution, a URL * through which recipients can access the Corresponding Source. * If you modify file(s) with this exception, you may extend this * exception to your version of the file(s), but you are not * obligated to do so. If you do not wish to do so, delete this * exception statement from your version. * * As a special exception to the GPL, any HTML file which merely * makes function calls to this code, and for that purpose * includes it by reference shall be deemed a separate work for * copyright law purposes. If you modify this code, you may extend * this exception to your version of the code, but you are not * obligated to do so. If you do not wish to do so, delete this * exception statement from your version. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . * * I, Wojtek Kosior, thereby promise not to sue for violation of this file's * license. Although I request that you do not make use of this code in a * proprietary program, I am not going to enforce this in court. */ /* * uint8_to_hex is a separate function used in cryptographic functions and when * dealing with binary data. */ const uint8_to_hex = array => [...array].map(b => ("0" + b.toString(16)).slice(-2)).join(""); #EXPORT uint8_to_hex /* * Asynchronously compute hex string representation of a sha256 digest of a * UTF-8 string. */ async function sha256_async(string) { const input_ab = new TextEncoder("utf-8").encode(string); const digest_ab = await crypto.subtle.digest("SHA-256", input_ab); return uint8_to_hex(new Uint8Array(digest_ab)); } #EXPORT sha256_async /* * Generate a unique value that can be computed synchronously and is impossible * to guess for a malicious website. */ function gen_nonce(length=16) { const random_data = new Uint8Array(length); crypto.getRandomValues(random_data); return uint8_to_hex(random_data); } #EXPORT gen_nonce /* Check if some HTTP header might define CSP rules. */ const csp_header_regex = /^\s*(content-security-policy|x-webkit-csp|x-content-security-policy)\s*$/i; #EXPORT csp_header_regex /* * Check if url corresponds to a browser's special page (or a directory index in * case of `file://' protocol). */ #IF MOZILLA const priv_reg = /^moz-extension:\/\/|^about:|^view-source:|^file:\/\/[^?#]*\/([?#]|$)/; #ELIF CHROMIUM const priv_reg = /^chrome(-extension)?:\/\/|^about:|^view-source:|^file:\/\/[^?#]*\/([?#]|$)/; #ENDIF #EXPORT url => priv_reg.test(url) AS is_privileged_url /* Make it possible to serialize en Error object. */ function error_data_jsonifiable(error) { const jsonifiable = {}; for (const property of ["name", "message", "fileName", "lineNumber"]) jsonifiable[property] = error[property]; return jsonifiable; } #EXPORT error_data_jsonifiable