From ca5a3127df3c45e00e68dae4cca1cf15ab844471 Mon Sep 17 00:00:00 2001 From: Vladimir Y Date: Mon, 19 Oct 2020 11:15:18 +0300 Subject: [PATCH] enable addition checks in routing images through a custom web proxy code, #312 --- src/electron-main/web-request/index.ts | 37 +++++++++++++++----------- 1 file changed, 22 insertions(+), 15 deletions(-) diff --git a/src/electron-main/web-request/index.ts b/src/electron-main/web-request/index.ts index c732ea71f..5c9e9076f 100644 --- a/src/electron-main/web-request/index.ts +++ b/src/electron-main/web-request/index.ts @@ -27,7 +27,7 @@ const requestProxyCache = (() => { | OnHeadersReceivedListenerDetails | OnErrorOccurredListenerDetails | OnCompletedListenerDetails; - type MapValue = { imageUrlProxified?: boolean; corsProxy?: CorsProxy }; + type MapValue = { additionAllowedOrigin?: string; corsProxy?: CorsProxy }; const map = new Map(); @@ -67,13 +67,6 @@ export function initWebRequestListenersByAccount( } const origins = { - externalContentProxyUrlPattern: ( - enableExternalContentProxy - && - externalContentProxyUrlPattern - && - parseUrlOriginWithNullishCheck(externalContentProxyUrlPattern) - ), webClientEntryUrl: parseUrlOriginWithNullishCheck(webClient.entryUrl), devTools: parseUrlOriginWithNullishCheck("devtools://devtools"), } as const; @@ -97,7 +90,7 @@ export function initWebRequestListenersByAccount( if ( enableExternalContentProxy && - !requestProxyCache.get(details)?.imageUrlProxified // has not yet been proxified + !requestProxyCache.get(details)?.additionAllowedOrigin // has not yet been proxified (preventing infinity redirect loop) && String(details.resourceType).toLowerCase() === "image" && @@ -112,21 +105,35 @@ export function initWebRequestListenersByAccount( if (!externalContentProxyUrlPattern) { throw new Error(`Invalid "external content proxy URL pattern" value.`); } - const redirectURL = externalContentProxyUrlPattern.replace( - ACCOUNT_EXTERNAL_CONTENT_PROXY_URL_REPLACE_PATTERN, - details.url, + + const redirectURL = externalContentProxyUrlPattern.replace(ACCOUNT_EXTERNAL_CONTENT_PROXY_URL_REPLACE_PATTERN, url); + + if ( + redirectURL === externalContentProxyUrlPattern + || + !redirectURL.includes(url) + ) { + throw new Error(`Failed to substitute "${url}" in "${externalContentProxyUrlPattern}" pattern.`); + } + + requestProxyCache.patch( + details, + {additionAllowedOrigin: parseUrlOriginWithNullishCheck(redirectURL)}, ); - requestProxyCache.patch(details, {imageUrlProxified: true}); + callback({redirectURL}); + return; } + const additionAllowedOrigin = requestProxyCache.get(details)?.additionAllowedOrigin; + const bannedUrlAccessMsg: null | string = blockNonEntryUrlBasedRequests ? buildUrlOriginsFailedMsgTester([ ...allowedOrigins, ...( - origins.externalContentProxyUrlPattern && requestProxyCache.get(details)?.imageUrlProxified - ? [origins.externalContentProxyUrlPattern] + additionAllowedOrigin + ? [additionAllowedOrigin] : [] ), ])(url)