mirror of
				https://codeberg.org/crimeflare/cloudflare-tor
				synced 2025-10-26 14:16:47 +01:00 
			
		
		
		
	Import 1.0.8.6 from a.m.o. Closes #10.
This commit is contained in:
		
							parent
							
								
									d4b26a7686
								
							
						
					
					
						commit
						0524b2a7cd
					
				
					 9 changed files with 121 additions and 70 deletions
				
			
		|  | @ -7,6 +7,6 @@ The purpose of this browser add-on is to block Cloudflare sites. | |||
| The TLS protocol promises end-to-end encryption between the client and an authenticated, identified endpoint server.  The browser’s lock icon is a UI widget which makes this promise to the user.  Cloudflare is a mass-decryption chokepoint, which intercepts and decrypts the Web requests made by billions of people to millions of websites. | ||||
| 
 | ||||
| - Prior discussion: [Tor Browser Bug #24351: Block Global Active Adversary Cloudflare](https://trac.torproject.org/projects/tor/ticket/24351) | ||||
| - Imported from [block_cloudflare_mitm_attack-1.0.8-an+fx.xpi](https://addons.mozilla.org/en-US/firefox/addon/block-cloudflare-mitm-attack/), by an anonymous cypherpunk.  “Cyperpunks write code.”  Cheers! | ||||
| - Imported from [block_cloudflare_mitm_attack-1.0.8.6-an+fx.xpi](https://addons.mozilla.org/en-US/firefox/addon/block-cloudflare-mitm-attack/), by an anonymous cypherpunk.  “Cyperpunks write code.”  Cheers! | ||||
| - [Original announcement](https://trac.torproject.org/projects/tor/ticket/24351#comment:25) | ||||
| - Thanks to [Debian Bug #831835](https://bugs.debian.org/831835) for some inspiration. | ||||
|  |  | |||
							
								
								
									
										47
									
								
								src/META-INF/manifest.mf
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										47
									
								
								src/META-INF/manifest.mf
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,47 @@ | |||
| Manifest-Version: 1.0 | ||||
| 
 | ||||
| Name: manifest.json | ||||
| Digest-Algorithms: MD5 SHA1 | ||||
| MD5-Digest: zGY60qlrfec2aFsUpYrEqw== | ||||
| SHA1-Digest: v9XeO2ot0V/rLuSXYs4AUccSP4Y= | ||||
| 
 | ||||
| Name: setwhitelist.html | ||||
| Digest-Algorithms: MD5 SHA1 | ||||
| MD5-Digest: 5IRX40t9xV3hOSzG5DQt8g== | ||||
| SHA1-Digest: bZ6eElvQE432Qn5zeoGXI46I4OU= | ||||
| 
 | ||||
| Name: setwhitelist.js | ||||
| Digest-Algorithms: MD5 SHA1 | ||||
| MD5-Digest: zyiTPW8+zVdotk5uf71nuw== | ||||
| SHA1-Digest: Ttn6071lJN7uBVK2UaZOhroEm5I= | ||||
| 
 | ||||
| Name: stop_cf_mitm.js | ||||
| Digest-Algorithms: MD5 SHA1 | ||||
| MD5-Digest: z8IOdHN5/VdbDGGQNMqMnw== | ||||
| SHA1-Digest: jzwn+6SLINasUf2De/FE8fpmNJc= | ||||
| 
 | ||||
| Name: style.css | ||||
| Digest-Algorithms: MD5 SHA1 | ||||
| MD5-Digest: qVs2pHeT+noWZ7sQttO/2Q== | ||||
| SHA1-Digest: TgXktEJyUNImPTbaPF/viYfWcQo= | ||||
| 
 | ||||
| Name: icons/icon-16.png | ||||
| Digest-Algorithms: MD5 SHA1 | ||||
| MD5-Digest: BMpS9q28ylgmlebPGO0HBw== | ||||
| SHA1-Digest: ejT7934OdR+CRbKWJFoXPSvAo7M= | ||||
| 
 | ||||
| Name: icons/icon-32.png | ||||
| Digest-Algorithms: MD5 SHA1 | ||||
| MD5-Digest: DPnYcEZnUZa6voVAI6nm0w== | ||||
| SHA1-Digest: CqFkcPOpoKmq7Ly82vbmq/Ouhzs= | ||||
| 
 | ||||
| Name: icons/icon-48.png | ||||
| Digest-Algorithms: MD5 SHA1 | ||||
| MD5-Digest: PVwvbCCjWU+2fJeaUrrwVA== | ||||
| SHA1-Digest: upats+fdmYeFmAtgvIVwaW8mszA= | ||||
| 
 | ||||
| Name: icons/icon-64.png | ||||
| Digest-Algorithms: MD5 SHA1 | ||||
| MD5-Digest: YVzojmSoYwjhM0m20OOk5A== | ||||
| SHA1-Digest: sa4ES4gA5mSb0cu9UgGpp/2eh84= | ||||
| 
 | ||||
							
								
								
									
										
											BIN
										
									
								
								src/META-INF/mozilla.rsa
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										
											BIN
										
									
								
								src/META-INF/mozilla.rsa
									
										
									
									
									
										Normal file
									
								
							
										
											Binary file not shown.
										
									
								
							
							
								
								
									
										4
									
								
								src/META-INF/mozilla.sf
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								src/META-INF/mozilla.sf
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,4 @@ | |||
| Signature-Version: 1.0 | ||||
| MD5-Digest-Manifest: /gjyjvUwMAfWGYwYw54bpw== | ||||
| SHA1-Digest-Manifest: 93RJzzo6Uc5BI3Yj2ffLSr6dWnI= | ||||
| 
 | ||||
|  | @ -2,7 +2,7 @@ | |||
| "manifest_version": 2, | ||||
| "name": "Block Cloudflare MiTM Attack", | ||||
| "description": "If the destination website use Cloudflare, block further request.", | ||||
| "version": "1.0.8.1", | ||||
| "version": "1.0.8.6", | ||||
| "homepage_url": "https://trac.torproject.org/projects/tor/ticket/24351", | ||||
| "permissions": ["webRequest","webRequestBlocking","<all_urls>","storage","activeTab"], | ||||
| "options_ui": { | ||||
|  | @ -28,4 +28,4 @@ | |||
|     "strict_min_version": "52.0" | ||||
|   } | ||||
| } | ||||
| } | ||||
| } | ||||
|  | @ -1,18 +1,22 @@ | |||
| <html><head><meta charset="utf-8"><link rel="stylesheet" href="style.css"></head><body><form> | ||||
| [Whitelist]<br> | ||||
| 1. Add FQDN you want to ignore. One FQDN per line. Click "Save".<br> | ||||
| 1. Add FQDN or .FQDN you want to ignore. Click "Save".<br> | ||||
| 2. Open new tab and visit whitelisted website.<br> | ||||
| <small>(<i><b>.</b>mozilla.org</i> will allow <i>mozilla.org</i> and <i>*.mozilla.org</i>)</small> | ||||
| <textarea cols="50" rows="12" id="myset_cfwhite" wrap="off"></textarea><br> | ||||
| <br> | ||||
| [Advanced]<br> | ||||
| <label><input type="checkbox" id="myset_xincapsula"> Also detect and block Incapsula MiTM</label><br> | ||||
| <label><input type="checkbox" id="myset_xgshield"> Also detect and block Google's Project Shield MiTM</label><br> | ||||
| <label><input type="checkbox" id="myset_xsucuri"> Also detect and block Sucuri MiTM</label><br> | ||||
| <label><input type="checkbox" id="myset_xignhttp"> Ignore http:// resource (not recommend)</label><br> | ||||
| <label><input type="checkbox" id="myset_xigncj"> Ignore CSS|JS|Image|Font|Cursor resource (not recommend)</label><br> | ||||
| <label><input type="checkbox" id="myset_xsimplewarn"> Don't show warning message; just change title and favicon(<img src="data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOzk4OKpMSkq6UE9PulRTU7pXV1e6W1tbul1dXbpbW1u6WFhYulVVVbpTU1O6UFBQukxMTLotLS2bAAAAOzY0NJ7Y3Nz/v9zh/8He4//D4eb/xuTp/8jm6//I5On/x+Po/8bj6f/E4ef/wt/l/8Hd4/+/2d//3N/f/xkZGYU2NTWd2N7e/xekxf8WueD/Frrh/xa74f8Ur9P/Iiwu/yIsLv8Ws9//F7De/xer3P8Xptr/IJS6/97g4f8ZGRmCAAAAV9HQ0O91s7z/F8Hj/xbC4/8Ww+T/FLbV/yArLf8gKy3/Frrh/xa13/8XsN7/FqbV/5G3vf+xsbHUAAAARQAAAC5oZ2eV2N7f/yWtv/8Xyub/Fsrm/xbJ5v8Zq8f/GavH/xbA4/8Wu+H/FrXf/zWguf/Z2dn/Ly8veAAAABwAAAAAAAAASsbFxd2gy87/KtTm/xnU6v8W0Oj/FEJI/xRCSP8WxeX/Fr/j/xWw0/+swsP/k5OTtgAAADoAAAAAAAAAAAAAACFFRUV+6evr/zq1vv8w5PH/J9/v/yIiIv8iIiL/Fsrm/xbE5P9Xq7n/19fX+BkZGW0AAAAKAAAAAAAAAAAAAAAAAAAAPre2tsnA3uD/LNrj/y/o8v8rKyv/Kysr/yvb7v8mvdD/xM/P/3d3d6AAAAA0AAAAAAAAAAAAAAAAAAAAAAAAABUbGxtt8PDw+FrAw/8u7PP/NDQ0/zQ0NP8w3e//gLu//8jIyOgAAABRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANJ2dnbTS4+T/KdDV/zQ8PP80QEH/NL3J/9XZ2f9WVlaLAAAAKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkAAABX39/f733Exv8t5vH/Ldrp/5rBw/+2trbUAAAARQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALm1tbZXf5ub/LLnD/0S7xP/d3d3/MTExeAAAABwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKx8fH3bHP0f+8zM3/l5eXtgAAADoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAITIyMna+vr7Trq6uyRkZGW0AAAAKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbAAAARAAAAD4AAAAVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA//8AAIABAAAAAAAAAAAAAIABAACAAwAAwAMAAOAHAADgBwAA8A8AAPAPAAD4HwAA+D8AAPw/AAD+fwAA//8AAA==">)</label><br> | ||||
| <label><input type="checkbox" id="myset_xign3p"> Ignore 3rd party resource (not recommend)</label><br> | ||||
| <label><input type="checkbox" checked disabled> I don't like Man-in-the-middle attack.</label><br><!-- justajokedonttakethisseriouslyLOL //--> | ||||
| <br> | ||||
| <input type="submit" value=" Save "> | ||||
| When MiTM attempt is detected:<br> | ||||
| <label><input type="radio" name="acttype" id="myset_xsimplewarn_0" value="0"> Show security warning page</label><br> | ||||
| <label><input type="radio" name="acttype" id="myset_xsimplewarn_1" value="1"> Just change title and favicon</label><br> | ||||
| <label><input type="radio" name="acttype" id="myset_xsimplewarn_2" value="2"> Cancel request immediately</label><br> | ||||
| <br> | ||||
| <input type="submit" value="  Save  "> | ||||
| </form><script src="setwhitelist.js"></script> | ||||
| </body></html> | ||||
| </body></html> | ||||
|  | @ -5,7 +5,7 @@ e.preventDefault(); | |||
| // check each line and remove bad fqdn (simple check)
 | ||||
| var cf_tmpdata=document.querySelector("#myset_cfwhite").value.split("\n"); | ||||
| for (var i=0;i<cf_tmpdata.length;i++){ | ||||
| if (!/^([0-9a-z.-]{1,})\.([a-z]{2,20})$/.test(cf_tmpdata[i])||cf_tmpdata[i].startsWith(".")||cf_tmpdata[i].includes("..")|| | ||||
| if (!/^([0-9a-z.-]{1,})\.([a-z]{2,20})$/.test(cf_tmpdata[i])||cf_tmpdata[i].includes("..")|| | ||||
| cf_tmpdata[i].endsWith(".cloudflare.com")||cf_tmpdata[i]=='cloudflare.com'|| | ||||
| cf_tmpdata[i].endsWith(".incapsula.com")||cf_tmpdata[i]=='incapsula.com'|| | ||||
| cf_tmpdata[i].endsWith(".withgoogle.com")||cf_tmpdata[i].endsWith(".google.com")){cf_tmpdata[i]='';} | ||||
|  | @ -13,17 +13,18 @@ cf_tmpdata[i].endsWith(".withgoogle.com")||cf_tmpdata[i].endsWith(".google.com") | |||
| cf_tmpdata=cf_tmpdata.slice().sort(function(a,b){return a>b}).reduce(function(a,b){if (a.slice(-1)[0]!==b){a.push(b);};return a;},[]);// -duplicate
 | ||||
| cf_tmpdata=cf_tmpdata.filter(v=>v!='');// -empty
 | ||||
| cf_tmpdata=cf_tmpdata.join("\n"); | ||||
| browser.storage.local.set({myset_cfwhite: cf_tmpdata}); | ||||
| document.querySelector("#myset_cfwhite").value=cf_tmpdata; | ||||
| //workaround - simplewarn didn't work as expected if igncj is active
 | ||||
| if (document.querySelector("#myset_xsimplewarn").checked){document.querySelector("#myset_xigncj").checked=false;} | ||||
| browser.storage.local.set({myset_cfwhite: cf_tmpdata});document.querySelector("#myset_cfwhite").value=cf_tmpdata; | ||||
| //workaround - simplewarn didn't work as expected if ign3p is active
 | ||||
| if (document.querySelector("#myset_xsimplewarn_1").checked){document.querySelector("#myset_xign3p").checked=false;} | ||||
| //ADVANCED
 | ||||
| if (document.querySelector("#myset_xincapsula").checked){browser.storage.local.set({myset_xincapsula: "y"});}else{browser.storage.local.set({myset_xincapsula: "n"});} | ||||
| if (document.querySelector("#myset_xgshield").checked){browser.storage.local.set({myset_xgshield: "y"});}else{browser.storage.local.set({myset_xgshield: "n"});} | ||||
| if (document.querySelector("#myset_xsucuri").checked){browser.storage.local.set({myset_xsucuri: "y"});}else{browser.storage.local.set({myset_xsucuri: "n"});} | ||||
| if (document.querySelector("#myset_xignhttp").checked){browser.storage.local.set({myset_xignhttp: "y"});}else{browser.storage.local.set({myset_xignhttp: "n"});} | ||||
| if (document.querySelector("#myset_xigncj").checked){browser.storage.local.set({myset_xigncj: "y"});}else{browser.storage.local.set({myset_xigncj: "n"});} | ||||
| if (document.querySelector("#myset_xsimplewarn").checked){browser.storage.local.set({myset_xsimplewarn: "y"});}else{browser.storage.local.set({myset_xsimplewarn: "n"});} | ||||
| if (document.querySelector("#myset_xign3p").checked){browser.storage.local.set({myset_xign3p: "y"});}else{browser.storage.local.set({myset_xign3p: "n"});} | ||||
| //ACTION
 | ||||
| if (document.querySelector("#myset_xsimplewarn_0").checked){browser.storage.local.set({myset_xsimplewarn:0});} | ||||
| if (document.querySelector("#myset_xsimplewarn_1").checked){browser.storage.local.set({myset_xsimplewarn:1});} | ||||
| if (document.querySelector("#myset_xsimplewarn_2").checked){browser.storage.local.set({myset_xsimplewarn:2});} | ||||
| browser.runtime.sendMessage({relnow:'go'}).then(function(r){},onError); | ||||
| } | ||||
| function loadWhitelist(){ | ||||
|  | @ -34,9 +35,12 @@ document.querySelector("#myset_cfwhite").value = r.myset_cfwhite||""; | |||
| if (r.myset_xincapsula=='y'){document.querySelector("#myset_xincapsula").checked=true;}else{document.querySelector("#myset_xincapsula").checked=false;} | ||||
| if (r.myset_xgshield=='y'){document.querySelector("#myset_xgshield").checked=true;}else{document.querySelector("#myset_xgshield").checked=false;} | ||||
| if (r.myset_xsucuri=='y'){document.querySelector("#myset_xsucuri").checked=true;}else{document.querySelector("#myset_xsucuri").checked=false;} | ||||
| if (r.myset_xignhttp=='y'){document.querySelector("#myset_xignhttp").checked=true;}else{document.querySelector("#myset_xignhttp").checked=false;} | ||||
| if (r.myset_xigncj=='y'){document.querySelector("#myset_xigncj").checked=true;}else{document.querySelector("#myset_xigncj").checked=false;} | ||||
| if (r.myset_xsimplewarn=='y'){document.querySelector("#myset_xsimplewarn").checked=true;}else{document.querySelector("#myset_xsimplewarn").checked=false;} | ||||
| if (r.myset_xign3p=='y'){document.querySelector("#myset_xign3p").checked=true;}else{document.querySelector("#myset_xign3p").checked=false;} | ||||
| if (r.myset_xsimplewarn){switch(r.myset_xsimplewarn){ | ||||
| case 1:document.querySelector("#myset_xsimplewarn_1").checked=true;break; | ||||
| case 2:document.querySelector("#myset_xsimplewarn_2").checked=true;break; | ||||
| default:document.querySelector("#myset_xsimplewarn_0").checked=true;break; | ||||
| }}else{document.querySelector("#myset_xsimplewarn_0").checked=true;} | ||||
| } | ||||
| var getting=browser.storage.local.get(); | ||||
| getting.then(setCurrentChoice, onError); | ||||
|  |  | |||
										
											
												File diff suppressed because one or more lines are too long
											
										
									
								
							|  | @ -1,3 +1,3 @@ | |||
| body{font:13px Verdana} | ||||
| label{-webkit-user-select:none;-moz-user-select:none} | ||||
| textarea{white-space:pre;overflow-wrap:normal;overflow-x:scroll} | ||||
| textarea{white-space:pre;overflow-wrap:normal;overflow-x:scroll} | ||||
		Loading…
	
	Add table
		
		Reference in a new issue