diff options
| -rw-r--r-- | content/anubis-bot-blocker.js | 51 |
1 files changed, 40 insertions, 11 deletions
diff --git a/content/anubis-bot-blocker.js b/content/anubis-bot-blocker.js index f8b266f..1b3a9c3 100644 --- a/content/anubis-bot-blocker.js +++ b/content/anubis-bot-blocker.js @@ -150,7 +150,25 @@ function err(what) { /* TODO: Display message on the page. */ } -const challengeScript = document.getElementById("anubis_challenge"); +/* + * Note that there exists a variant of Anubis "modified for phpBB", where + * + * - the relevant <script> element has id "challenge" rather than + * "anubis_challenge", + * - a <script> elem with id "anubis_settings" is present and holds the path to + * use in the GET request (and element with id "anubis_base_prefix" seems to + * be absent), + * - difficulty is provided as a string (like "4"), and + * - "timestamp" present in the challenge data has to be included in the GET + * request. + * + * The code below aims to handle both Anubis variants. + */ + +const settingsScript = document.getElementById("anubis_settings"); +const challengeScript = + document.getElementById("anubis_challenge") || + (settingsScript && document.getElementById("challenge")); const anubisPrefixScript = document.getElementById("anubis_base_prefix"); const anubisUrlScript = document.getElementById("anubis_public_url"); @@ -161,7 +179,7 @@ async function solve() { const badDataFormatErr = () => unsupportedAnubisErr("Challenge data format not understood."); - let anubisPrefix = "", anubisUrl = null, challengeData; + let anubisPrefix = "", anubisUrl = null, challengeData, settingsData; try { challengeData = JSON.parse(challengeScript.textContent); @@ -177,6 +195,9 @@ async function solve() { if (anubisUrlString) anubisUrl = new URL(anubisUrlString); } + + if (settingsScript) + settingsData = JSON.parse(settingsScript.textContent); } catch(ex) { console.error(ex); @@ -187,15 +208,25 @@ async function solve() { if (challengeData.rules?.algorithm === "metarefresh") return; - const randomData = (challengeData.challenge?.randomData || - challengeData.challenge); + /* + * Older Anubis versions (and the "modified for phpBB" variant) have the + * random data under `challenge' rather than `challenge.randomData'. + */ + const randomData = + (challengeData.challenge?.randomData || challengeData.challenge); const challengeId = challengeData.challenge?.id; const difficulty = challengeData.rules?.difficulty; + const timestamp = challengeData.timestamp || ""; + const routePrefix = + (settingsData?.route_prefix || + `${anubisPrefix}/.within.website/x/cmd/anubis/api/pass-challenge`); if (typeof randomData !== "string" || - typeof difficulty !== "number" || + !/^[0-9]+$/.test(difficulty) || (challengeId && typeof challengeId !== "string") || - typeof anubisPrefix !== "string") + typeof anubisPrefix !== "string" || + !/^[0-9]*$/.test(timestamp) || + (routePrefix && typeof routePrefix !== "string")) return badDataFormatErr(); if (!["fast", "preact", "slow"].includes(challengeData.rules.algorithm)) @@ -216,15 +247,13 @@ async function solve() { const solver = challengeData.rules.algorithm === "preact" ? solvePreact : solvePow; - const solutionUrlParams = await solver(randomData, difficulty); + const solutionUrlParams = await solver(randomData, difficulty * 1); - const destination = new URL( - anubisPrefix + "/.within.website/x/cmd/anubis/api/pass-challenge?", - window.location.href - ); + const destination = new URL(routePrefix + "?", window.location.href); destination.search = new URLSearchParams({ ...solutionUrlParams, ...(challengeId && {id: challengeId}), + ...(timestamp && {timestamp}), redir: redirectTarget }); |