2020-02-27 13:45:29 +01:00
|
|
|
/**
|
|
|
|
* Request Sanitizer
|
|
|
|
* Belongs to Decentraleyes.
|
|
|
|
*
|
|
|
|
* @author Thomas Rientjes
|
|
|
|
* @since 2018-01-10
|
|
|
|
* @license MPL 2.0
|
|
|
|
*
|
|
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
|
|
|
|
* You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
|
|
*/
|
|
|
|
|
|
|
|
'use strict';
|
|
|
|
|
2021-02-17 07:01:08 +01:00
|
|
|
|
2020-02-27 13:45:29 +01:00
|
|
|
/**
|
|
|
|
* Request Sanitizer
|
|
|
|
*/
|
|
|
|
|
2024-04-28 07:18:40 +02:00
|
|
|
let requestSanitizer = {};
|
2020-02-27 13:45:29 +01:00
|
|
|
|
2021-02-17 07:01:08 +01:00
|
|
|
|
2021-05-04 06:06:38 +02:00
|
|
|
/**
|
|
|
|
* Preparation
|
|
|
|
* https://codeberg.org/nobody/LocalCDN/issues/442
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* eslint-disable indent */
|
|
|
|
const ExtraInfoSpec = BrowserType.FIREFOX
|
|
|
|
? [WebRequest.BLOCKING, WebRequest.HEADERS]
|
|
|
|
: [WebRequest.BLOCKING, WebRequest.HEADERS, WebRequest.EXTRA_HEADERS];
|
|
|
|
/* eslint-enable indent */
|
|
|
|
|
|
|
|
|
2020-02-27 13:45:29 +01:00
|
|
|
/**
|
|
|
|
* Public Methods
|
|
|
|
*/
|
|
|
|
|
|
|
|
requestSanitizer.enable = function () {
|
|
|
|
let onBeforeSendHeaders = chrome.webRequest.onBeforeSendHeaders;
|
|
|
|
|
|
|
|
onBeforeSendHeaders.addListener(requestSanitizer._stripMetadata, {
|
|
|
|
'urls': stateManager.validHosts
|
2021-05-04 06:06:38 +02:00
|
|
|
}, ExtraInfoSpec);
|
2020-02-27 13:45:29 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
requestSanitizer.disable = function () {
|
|
|
|
let onBeforeSendHeaders = chrome.webRequest.onBeforeSendHeaders;
|
|
|
|
|
|
|
|
onBeforeSendHeaders.removeListener(requestSanitizer._stripMetadata, {
|
|
|
|
'urls': stateManager.validHosts
|
2021-05-04 06:06:38 +02:00
|
|
|
}, ExtraInfoSpec);
|
2020-02-27 13:45:29 +01:00
|
|
|
};
|
|
|
|
|
2021-02-17 07:01:08 +01:00
|
|
|
|
2020-02-27 13:45:29 +01:00
|
|
|
/**
|
|
|
|
* Private Methods
|
|
|
|
*/
|
|
|
|
|
|
|
|
requestSanitizer._stripMetadata = function (requestDetails) {
|
2020-11-21 07:01:46 +01:00
|
|
|
let sensitiveHeaders, initiatorDomain, allowlistedDomains;
|
2020-02-27 13:45:29 +01:00
|
|
|
|
2020-11-21 07:01:46 +01:00
|
|
|
sensitiveHeaders = [Header.COOKIE, Header.ORIGIN, Header.REFERER];
|
2021-07-14 07:03:45 +02:00
|
|
|
initiatorDomain = helpers.extractDomainFromUrl(requestDetails.initiator, true);
|
2021-08-07 08:39:10 +02:00
|
|
|
allowlistedDomains = helpers.checkAllowlisted(initiatorDomain, requestAnalyzer.allowlistedDomains);
|
2020-02-27 13:45:29 +01:00
|
|
|
|
2020-11-21 07:01:46 +01:00
|
|
|
if (allowlistedDomains) {
|
2020-11-22 17:06:36 +01:00
|
|
|
return {
|
|
|
|
[WebRequest.HEADERS]: requestDetails.requestHeaders,
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
|
|
|
for (let i = 0; i < requestDetails.requestHeaders.length; ++i) {
|
|
|
|
if (sensitiveHeaders.indexOf(requestDetails.requestHeaders[i].name) > -1) {
|
|
|
|
requestDetails.requestHeaders.splice(i--, 1);
|
2020-02-27 13:45:29 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return {
|
|
|
|
[WebRequest.HEADERS]: requestDetails.requestHeaders
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2021-02-17 07:01:08 +01:00
|
|
|
|
2020-02-27 13:45:29 +01:00
|
|
|
/**
|
|
|
|
* Initializations
|
|
|
|
*/
|
|
|
|
|
2020-08-30 18:56:36 +02:00
|
|
|
storageManager.type.get({[Setting.STRIP_METADATA]: true}, function (items) {
|
2020-02-27 13:45:29 +01:00
|
|
|
if (items === null || items.stripMetadata !== false) {
|
|
|
|
requestSanitizer.enable();
|
|
|
|
}
|
|
|
|
});
|