Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CSP Extension ID leak PoC #35

Merged
merged 5 commits into from
Apr 14, 2021
Merged

CSP Extension ID leak PoC #35

merged 5 commits into from
Apr 14, 2021

Conversation

sammacbeth
Copy link
Collaborator

Test page which reports extension scripts which can be leaked (and blocked) via a CSP report.

Screenshot 2021-04-12 at 14 55 08

@sammacbeth sammacbeth mentioned this pull request Apr 14, 2021
Merged
10 tasks
kdzwinel
kdzwinel reviewed Apr 14, 2021
View reviewed changes
Copy link
Member

@kdzwinel kdzwinel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice work @sammacbeth 🙌 I left couple of comments that should be addressed before merging.

security/csp-report/index.tpml Outdated Show resolved Hide resolved
server.js Outdated Show resolved Hide resolved
security/csp-report/index.tpml Outdated Show resolved Hide resolved
security/csp-report/index.tpml Outdated Show resolved Hide resolved
server.js Show resolved Hide resolved
server.js Show resolved Hide resolved
server.js Show resolved Hide resolved
security/csp-report/index.tpml Outdated Show resolved Hide resolved
security/csp-report/index.tpml Outdated Show resolved Hide resolved
@sammacbeth
Copy link
Collaborator Author

Thanks for the comments @kdzwinel - I've updated the PR addressing all of them.

kdzwinel
kdzwinel approved these changes Apr 14, 2021
View reviewed changes
Copy link
Member

@kdzwinel kdzwinel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM - merging 🚀

package.json
@@ -3,6 +3,9 @@
"version": "1.0.0",
"description": "This project contains a collection of pages that are meant to be used for testing various privacy and security features of browsers and browser extensions.",
"main": "server.js",
"engines": {
"node": ">=12.19"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it's either 12.19+ or 14.10+ (I know because I had to update node for this to work :) ). I hope that glitch will work with this.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah this was the minimum for crypto.randomInt - looks like it worked on glitch though :)

server.js
res.end(contents.replace('%%UID%%', id));
});
// ensure IDs get deleted after 60s
setTimeout(() => cspIds.delete(id), 60000);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

smart 🧠

@kdzwinel kdzwinel merged commit 5fc6ef7 into duckduckgo:gh-pages Apr 14, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kdzwinel kdzwinel kdzwinel approved these changes

@jonathanKingston jonathanKingston Awaiting requested review from jonathanKingston

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sammacbeth @kdzwinel