2020-02-27 13:45:29 +01:00
|
|
|
/**
|
|
|
|
* Request Sanitizer
|
|
|
|
* Belongs to Decentraleyes.
|
|
|
|
*
|
|
|
|
* @author Thomas Rientjes
|
|
|
|
* @since 2018-01-10
|
|
|
|
* @license MPL 2.0
|
|
|
|
*
|
|
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
|
|
|
|
* You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
|
|
*/
|
|
|
|
|
|
|
|
'use strict';
|
|
|
|
|
2021-02-17 07:01:08 +01:00
|
|
|
|
2020-02-27 13:45:29 +01:00
|
|
|
/**
|
|
|
|
* Request Sanitizer
|
|
|
|
*/
|
|
|
|
|
|
|
|
var requestSanitizer = {};
|
|
|
|
|
2021-02-17 07:01:08 +01:00
|
|
|
|
2020-02-27 13:45:29 +01:00
|
|
|
/**
|
|
|
|
* Public Methods
|
|
|
|
*/
|
|
|
|
|
|
|
|
requestSanitizer.enable = function () {
|
|
|
|
|
|
|
|
let onBeforeSendHeaders = chrome.webRequest.onBeforeSendHeaders;
|
|
|
|
|
|
|
|
onBeforeSendHeaders.addListener(requestSanitizer._stripMetadata, {
|
|
|
|
'urls': stateManager.validHosts
|
|
|
|
}, [WebRequest.BLOCKING, WebRequest.HEADERS]);
|
|
|
|
};
|
|
|
|
|
|
|
|
requestSanitizer.disable = function () {
|
|
|
|
|
|
|
|
let onBeforeSendHeaders = chrome.webRequest.onBeforeSendHeaders;
|
|
|
|
|
|
|
|
onBeforeSendHeaders.removeListener(requestSanitizer._stripMetadata, {
|
|
|
|
'urls': stateManager.validHosts
|
|
|
|
}, [WebRequest.BLOCKING, WebRequest.HEADERS]);
|
|
|
|
};
|
|
|
|
|
2021-02-17 07:01:08 +01:00
|
|
|
|
2020-02-27 13:45:29 +01:00
|
|
|
/**
|
|
|
|
* Private Methods
|
|
|
|
*/
|
|
|
|
|
|
|
|
requestSanitizer._stripMetadata = function (requestDetails) {
|
2020-11-21 07:01:46 +01:00
|
|
|
let sensitiveHeaders, initiatorDomain, allowlistedDomains;
|
2020-02-27 13:45:29 +01:00
|
|
|
|
2020-11-21 07:01:46 +01:00
|
|
|
sensitiveHeaders = [Header.COOKIE, Header.ORIGIN, Header.REFERER];
|
|
|
|
initiatorDomain = helpers.extractDomainFromUrl(requestDetails.originUrl, true);
|
|
|
|
allowlistedDomains = stateManager._domainIsListed(initiatorDomain);
|
2020-02-27 13:45:29 +01:00
|
|
|
|
2020-11-21 07:01:46 +01:00
|
|
|
if (allowlistedDomains) {
|
2020-11-22 17:06:36 +01:00
|
|
|
return {
|
|
|
|
[WebRequest.HEADERS]: requestDetails.requestHeaders,
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
|
|
|
for (let i = 0; i < requestDetails.requestHeaders.length; ++i) {
|
|
|
|
if (sensitiveHeaders.indexOf(requestDetails.requestHeaders[i].name) > -1) {
|
|
|
|
requestDetails.requestHeaders.splice(i--, 1);
|
2020-02-27 13:45:29 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return {
|
|
|
|
[WebRequest.HEADERS]: requestDetails.requestHeaders
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2021-02-17 07:01:08 +01:00
|
|
|
|
2020-02-27 13:45:29 +01:00
|
|
|
/**
|
|
|
|
* Initializations
|
|
|
|
*/
|
|
|
|
|
2020-08-30 18:56:36 +02:00
|
|
|
storageManager.type.get({[Setting.STRIP_METADATA]: true}, function (items) {
|
2020-02-27 13:45:29 +01:00
|
|
|
|
|
|
|
if (items === null || items.stripMetadata !== false) {
|
|
|
|
requestSanitizer.enable();
|
|
|
|
}
|
|
|
|
});
|