commit e2c115d0f2b9780fcf636aba1370654f5250bdb2
Author: nullius <nullius@nym.zone>
Date:   Mon Dec 11 20:45:10 2017 +0000

    Import XPI and code from addons.mozilla.org
    
    Initial commit.  Version 0.0.0-prealpha.
    
     - Glance over code to make sure it looks sane
    
     - Create git repository
    
     - Add substantive files
    
     - Fix icons (PNG CRC errors)
    
     - Add archival copy of xpi from addons.mozilla.org, with metadata
    
     - Add README.md, LICENSE.md
    
     - NOT YET TESTED BY MAINTAINER (@nym-zone)

diff --git a/LICENSE.md b/LICENSE.md
new file mode 100644
index 000000000..418134fb0
--- /dev/null
+++ b/LICENSE.md
@@ -0,0 +1,11 @@
+[Original license](https://addons.mozilla.org/en-US/firefox/addon/block-cloudflare-mitm-attack/license/1.0.0):
+
+# Block Cloudflare MiTM Attack 1.0.0
+# Source Code License
+# WTFPL
+
+WTFPL
+
+---
+
+Any modifications by nullius <nullius@nym.zone> are released to the public domain.  Copyright is irrevocably disclaimed on behalf of self, heirs, assigns, etc., etc.  In other words, NO LICENSE!  The public domain is not a license.  I politely request that derivative works either stay in the public domain, or keep a liberal license.
diff --git a/README.md b/README.md
new file mode 100644
index 000000000..ab7beafc2
--- /dev/null
+++ b/README.md
@@ -0,0 +1,12 @@
+# Block Cloudflare MITM Attack
+
+**Pull requests are welcome!**
+
+The purpose of this browser add-on is to block Cloudflare sites.
+
+The TLS protocol promises end-to-end encryption between the client and an authenticated, identified endpoint server.  The browser’s lock icon is a UI widget which makes this promise to the user.  Cloudflare is a mass-decryption chokepoint, which intercepts and decrypts the Web requests made by billions of people to millions of websites.
+
+- Prior discussion: [Tor Browser Bug #24351: Block Global Active Adversary Cloudflare](https://trac.torproject.org/projects/tor/ticket/24351)
+- Imported from [block_cloudflare_mitm_attack-1.0.0-an+fx.xpi](https://addons.mozilla.org/en-US/firefox/addon/block-cloudflare-mitm-attack/), by an anonymous cypherpunk.  “Cyperpunks write code.”  Cheers!
+- [Original announcement](https://trac.torproject.org/projects/tor/ticket/24351#comment:25)
+- Thanks to [Debian Bug #831835](https://bugs.debian.org/831835) for some inspiration.
diff --git a/archive/amo.md b/archive/amo.md
new file mode 100644
index 000000000..d8bde2873
--- /dev/null
+++ b/archive/amo.md
@@ -0,0 +1,10 @@
+[https://addons.mozilla.org/en-US/firefox/addon/block-cloudflare-mitm-attack/](https://addons.mozilla.org/en-US/firefox/addon/block-cloudflare-mitm-attack/)
+
+# Block Cloudflare MiTM Attack
+## by [cypherpunks](https://addons.mozilla.org/en-US/firefox/user/JustATorUser/)
+
+If the destination use Cloudflare, block future request.
+
+Please read:
+[https://trac.torproject.org/projects/tor/ticket/24351](https://trac.torproject.org/projects/tor/ticket/24351)
+[http://www.crimeflare.com/](http://www.crimeflare.com/)
diff --git a/archive/block_cloudflare_mitm_attack-1.0.0-an+fx.xpi b/archive/block_cloudflare_mitm_attack-1.0.0-an+fx.xpi
new file mode 100644
index 000000000..225bd4198
Binary files /dev/null and b/archive/block_cloudflare_mitm_attack-1.0.0-an+fx.xpi differ
diff --git a/archive/headers0.http b/archive/headers0.http
new file mode 100644
index 000000000..598564aa6
--- /dev/null
+++ b/archive/headers0.http
@@ -0,0 +1,17 @@
+HTTP/1.1 302 FOUND
+Content-Security-Policy: script-src https://ssl.google-analytics.com/ga.js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://addons.cdn.mozilla.net; style-src 'self' 'unsafe-inline' https://addons.cdn.mozilla.net; default-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; img-src 'self' data: blob: https://ssl.google-analytics.com https://addons.cdn.mozilla.net https://static.addons.mozilla.net https://sentry.prod.mozaws.net; media-src https://videos.cdn.mozilla.net; object-src 'none'; connect-src 'self' https://sentry.prod.mozaws.net; font-src 'self' https://addons.cdn.mozilla.net; form-action 'self' https://developer.mozilla.org; base-uri 'self' https://addons.mozilla.org; report-uri /__cspreport__
+Content-Type: text/html; charset=utf-8
+Date: Mon, 11 Dec 2017 18:27:56 GMT
+ETag: "d41d8cd98f00b204e9800998ecf8427e"
+Location: https://addons.cdn.mozilla.net/user-media/addons/902908/block_cloudflare_mitm_attack-1.0.0-an+fx.xpi?filehash=sha256%3A335868a2ef8966ecd11db6532bca642cbd1d9eb31d5f9f1d79d9bd0d77f15c45
+Public-Key-Pins: max-age=5184000; includeSubDomains; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="
+Server: nginx
+strict-transport-security: max-age=31536000
+Vary: User-Agent
+x-content-type-options: nosniff
+X-Frame-Options: DENY
+X-Target-Digest: sha256:335868a2ef8966ecd11db6532bca642cbd1d9eb31d5f9f1d79d9bd0d77f15c45
+x-xss-protection: 1; mode=block
+Content-Length: 0
+Connection: keep-alive
+
diff --git a/archive/headers1.http b/archive/headers1.http
new file mode 100644
index 000000000..8c0a71cb9
--- /dev/null
+++ b/archive/headers1.http
@@ -0,0 +1,15 @@
+HTTP/1.1 200 OK
+Content-Type: application/x-xpinstall
+Content-Length: 9767
+Connection: keep-alive
+Accept-Ranges: bytes
+Cache-Control: max-age=86400
+Content-Security-Policy: default-src 'none'; report-uri https://addons.mozilla.org/__cspreport__
+Date: Mon, 11 Dec 2017 18:29:33 GMT
+Expires: Tue, 12 Dec 2017 18:29:33 GMT
+Last-Modified: Mon, 11 Dec 2017 14:30:08 GMT
+Server: nginx
+X-Cache: Miss from cloudfront
+Via: 1.1 3905f6b396c96f958286f8e228e61547.cloudfront.net (CloudFront)
+X-Amz-Cf-Id: U05sJSn5Gc55Pittka0jqN1NF1a1_b5HNUDS4DLf3-I4U-dXOzJApw==
+
diff --git a/archive/sha256.txt b/archive/sha256.txt
new file mode 100644
index 000000000..07440040c
--- /dev/null
+++ b/archive/sha256.txt
@@ -0,0 +1 @@
+335868a2ef8966ecd11db6532bca642cbd1d9eb31d5f9f1d79d9bd0d77f15c45  block_cloudflare_mitm_attack-1.0.0-an+fx.xpi
diff --git a/archive/sha512.txt b/archive/sha512.txt
new file mode 100644
index 000000000..e9c3d46ea
--- /dev/null
+++ b/archive/sha512.txt
@@ -0,0 +1 @@
+55e0a9c04e891e9bf3abe5b72d38d4e3213e120adbbbb1422cf5bd21bac4008e546988b987d684cdf8838d773cc8bcd9d61767a53a0b7f5674abc361b1fb3a4c  block_cloudflare_mitm_attack-1.0.0-an+fx.xpi
diff --git a/src/icons/icon-48.png b/src/icons/icon-48.png
new file mode 100644
index 000000000..31dcc7fa7
Binary files /dev/null and b/src/icons/icon-48.png differ
diff --git a/src/icons/icon-64.png b/src/icons/icon-64.png
new file mode 100644
index 000000000..44dc2ae25
Binary files /dev/null and b/src/icons/icon-64.png differ
diff --git a/src/manifest.json b/src/manifest.json
new file mode 100644
index 000000000..27b114bcc
--- /dev/null
+++ b/src/manifest.json
@@ -0,0 +1,15 @@
+{
+"manifest_version": 2,
+"name": "Block Cloudflare MiTM Attack",
+"description": "If the destination use Cloudflare, block future request.",
+"version": "1.0.0",
+"homepage_url": "https://trac.torproject.org/projects/tor/ticket/24351",
+"permissions": ["webRequest","webRequestBlocking","<all_urls>"],
+"icons": {
+ "48": "icons/icon-48.png",
+ "64": "icons/icon-64.png"
+},
+"background": {
+ "scripts": ["stop_cf_mitm.js"]
+}
+}
\ No newline at end of file
diff --git a/src/stop_cf_mitm.js b/src/stop_cf_mitm.js
new file mode 100644
index 000000000..f00c9eb20
--- /dev/null
+++ b/src/stop_cf_mitm.js
@@ -0,0 +1,33 @@
+/*
+		<<< Detect Cloudflare MiTM Attack >>>
+						by Sw
+	why? because...
+	https://trac.torproject.org/projects/tor/ticket/24351
+	http://www.crimeflare.com/
+*/
+//===============================================
+function analyzemydata(res){
+//console.log("mitmdetector: scanning: "+res.url);
+var cflink=document.createElement('a');cflink.setAttribute('href',res.url);
+var cf_hostname=cflink.hostname;
+var cf_protocol=cflink.protocol;
+var cf_gothead=res.responseHeaders;
+cflink=null;
+if ((cf_protocol=='http:'||cf_protocol=='https:') && cf_hostname.length>=4){
+//console.log("mitmdetector: testing...: "+res.url);
+var is_cloudflare_infected=0;// 2 to confirm
+for(var i=0;i<cf_gothead.length;i++){
+var cfv=cf_gothead[i];
+if (cfv['name']=='cf-ray' && cfv['value']!=undefined){is_cloudflare_infected+=1;}
+if (cfv['name']=='server' && cfv['value'].includes("cloudflare")){is_cloudflare_infected+=1;}
+if (is_cloudflare_infected==2){break;}
+}
+if (is_cloudflare_infected>=1){
+console.log('SECURITY_WARN: Cloudflare Detected: '+res.url);
+return {redirectUrl: "https://0.0.0.0/"};// just drop the connection
+}
+}
+return;
+}
+browser.webRequest.onHeadersReceived.addListener(analyzemydata,{urls: ["<all_urls>"]},["blocking","responseHeaders"]);
+//
\ No newline at end of file