additional isolation by contextual id

2019-11-11 16:34:41 -05:00
parent e631c82363
commit b7ebbd5b79
5 changed files with 345 additions and 42 deletions
--- a/background.js
+++ b/background.js
@@ -5,33 +5,60 @@ function onGot(contexts) {
    ids.push(context.name);
  }
  console.log("Checking new contexts");
-  if (ids.indexOf("i2pbrowser") == -1) {
+  if (ids.indexOf("I2P Browsing") == -1) {
    browser.contextualIdentities
      .create({
-        name: "i2pbrowser",
+        name: "I2P Browsing",
        color: "orange",
        icon: "fingerprint"
      })
      .then(onCreated, onError);
  }
-  if (ids.indexOf("fenced-default") == -1) {
+  if (ids.indexOf("Web Browsing") == -1) {
    browser.contextualIdentities
      .create({
-        name: "fenced-default",
-        color: "toolbar",
-        icon: "fence"
+        name: "Web Browsing",
+        color: "red",
+        icon: "circle"
      })
      .then(onCreated, onError);
  }
-  if (ids.indexOf("routerconsole") == -1) {
+  if (ids.indexOf("Router Console") == -1) {
    browser.contextualIdentities
      .create({
-        name: "routerconsole",
+        name: "Router Console",
        color: "blue",
        icon: "briefcase"
      })
      .then(onCreated, onError);
  }
+  if (ids.indexOf("Hidden Services Manager") == -1) {
+    browser.contextualIdentities
+      .create({
+        name: "Hidden Services Manager",
+        color: "green",
+        icon: "tree"
+      })
+      .then(onCreated, onError);
+  }
+  if (ids.indexOf("Web Mail") == -1) {
+    browser.contextualIdentities
+      .create({
+        name: "Web Mail",
+        color: "yellow",
+        icon: "briefcase"
+      })
+      .then(onCreated, onError);
+  }
+  if (ids.indexOf("Bittorrent") == -1) {
+    browser.contextualIdentities
+      .create({
+        name: "Bittorrent",
+        color: "purple",
+        icon: "chill"
+      })
+      .then(onCreated, onError);
+  }
 }

 function onCreated(context) {
@@ -72,7 +99,7 @@ function themeWindow(window) {
  // Check if the window is in private browsing
  function logTabs(tabInfo) {
    function onGot(context) {
-      if (context.name == "i2pbrowser") {
+      if (context.name == "I2P Browsing") {
        console.log("Active in I2P window");
        if (window.incognito) {
          chrome.theme.update(window.id, {
@@ -89,8 +116,8 @@ function themeWindow(window) {
            }
          });
        }
-      } else if (context.name == "routerconsole") {
-        console.log("Active in I2P window");
+      } else if (context.name == "Router Console") {
+        console.log("Active in Router Console window");
        if (window.incognito) {
          chrome.theme.update(window.id, {
            colors: {
@@ -106,6 +133,57 @@ function themeWindow(window) {
            }
          });
        }
+      } else if (context.name == "Hidden Services Manager") {
+        console.log("Active in Hidden Services Manager window");
+        if (window.incognito) {
+          chrome.theme.update(window.id, {
+            colors: {
+              frame: "#D9D9D6",
+              toolbar: "#D9D9D6"
+            }
+          });
+        } else {
+          chrome.theme.update(window.id, {
+            colors: {
+              frame: "#D9D9D6",
+              toolbar: "#D9D9D6"
+            }
+          });
+        }
+      } else if (context.name == "Web Mail") {
+        console.log("Active in Web Mail window");
+        if (window.incognito) {
+          chrome.theme.update(window.id, {
+            colors: {
+              frame: "#F7E59A",
+              toolbar: "#F7E59A"
+            }
+          });
+        } else {
+          chrome.theme.update(window.id, {
+            colors: {
+              frame: "#F7E59A",
+              toolbar: "#F7E59A"
+            }
+          });
+        }
+      } else if (context.name == "Bittorrent") {
+        console.log("Active in Bittorrent window");
+        if (window.incognito) {
+          chrome.theme.update(window.id, {
+            colors: {
+              frame: "#A48FE1",
+              toolbar: "#A48FE1"
+            }
+          });
+        } else {
+          chrome.theme.update(window.id, {
+            colors: {
+              frame: "#A48FE1",
+              toolbar: "#A48FE1"
+            }
+          });
+        }
      } else {
        console.log("Not active in I2P window");
        chrome.theme.reset(window.id);
@@ -135,7 +213,67 @@ function setTitle(window) {
    console.log(tabInfo);

    function onGot(context) {
-      if (context.name == "i2pbrowser") {
+      if (context.name == "I2P Browsing") {
+        console.log("Active in I2P window");
+
+        if (window.incognito) {
+          chrome.windows.update(window.id, {
+            titlePreface: titleprefpriv
+          });
+        } else {
+          chrome.windows.update(window.id, {
+            titlePreface: titlepref
+          });
+        }
+      } else if (context.name == "Web Browsing") {
+        console.log("Active in Web window");
+
+        if (window.incognito) {
+          chrome.windows.update(window.id, {
+            titlePreface: titleprefpriv
+          });
+        } else {
+          chrome.windows.update(window.id, {
+            titlePreface: titlepref
+          });
+        }
+      } else if (context.name == "Router Console") {
+        console.log("Active in Router Console window");
+
+        if (window.incognito) {
+          chrome.windows.update(window.id, {
+            titlePreface: titleprefpriv
+          });
+        } else {
+          chrome.windows.update(window.id, {
+            titlePreface: titlepref
+          });
+        }
+      } else if (context.name == "Hidden Services Manager") {
+        console.log("Active in Hidden Services Manager window");
+
+        if (window.incognito) {
+          chrome.windows.update(window.id, {
+            titlePreface: titleprefpriv
+          });
+        } else {
+          chrome.windows.update(window.id, {
+            titlePreface: titlepref
+          });
+        }
+      } else if (context.name == "Web Mail") {
+        console.log("Active in Web Mail window");
+
+        if (window.incognito) {
+          chrome.windows.update(window.id, {
+            titlePreface: titleprefpriv
+          });
+        } else {
+          chrome.windows.update(window.id, {
+            titlePreface: titlepref
+          });
+        }
+      } else if (context.name == "Bittorrent") {
        console.log("Active in I2P window");

        if (window.incognito) {
--- a/context.js
+++ b/context.js
@@ -52,7 +52,7 @@ if (browser.contextualIdentities === undefined) {
 } else {
  browser.contextualIdentities
    .query({
-      name: "i2pbrowser"
+      name: "I2P Browsing"
    })
    .then(identities => {
      if (!identities.length) {
--- a/privacy.js
+++ b/privacy.js
@@ -227,7 +227,7 @@ function forgetBrowsingData(storedSettings) {
    browser.notifications.create({
      type: "basic",
      title: "Removed browsing data",
-      message: `Removed ${dataTypesString}\n for i2pbrowser`
+      message: `Removed ${dataTypesString}\n for I2P Browsing`
    });
  }

@@ -270,7 +270,7 @@ function forgetBrowsingData(storedSettings) {
        console.log("cleared Local Storage");

        contexts = browser.contextualIdentities.query({
-          name: "i2pbrowser"
+          name: "I2P Browsing"
        });

        function deepCleanCookies(cookies) {
--- a/proxy.js
+++ b/proxy.js
@@ -23,7 +23,7 @@ var handleContextProxyRequest = async function(requestDetails) {
        proxyDns: false
      };
      if (context != undefined) {
-        if (context.name == "i2pbrowser") {
+        if (context.name == "I2P Browsing") {
          proxy = {
            type: getScheme(),
            host: getHost(),
@@ -38,7 +38,7 @@ var handleContextProxyRequest = async function(requestDetails) {
            proxy.host + ":" + proxy.port
          );
          return proxy;
-        } else if (context.name == "routerconsole") {
+        } else if (context.name == "Router Console") {
          if (routerHost(requestDetails.url)) {
            return proxy;
          } else if (!routerHost(requestDetails.url)) {
@@ -62,7 +62,7 @@ var handleContextProxyRequest = async function(requestDetails) {
            proxy.host + ":" + proxy.port
          );
          return proxy;
-        } else if (context.name == "fenced-default") {
+        } else if (context.name == "Web Browsing") {
          if (localHost(requestDetails.url)) {
            if (!routerHost(requestDetails.url)) {
              proxy = {
@@ -85,6 +85,10 @@ var handleContextProxyRequest = async function(requestDetails) {
      }
      if (!routerHost(requestDetails.url)) {
        if (localHost(requestDetails.url)) {
+          console.log(
+            "(proxy) non-routerconsole localhost url, dropping",
+            requestDetails.url
+          );
          proxy = {
            type: "http",
            host: "localhost",
@@ -111,10 +115,6 @@ var handleContextProxyRequest = async function(requestDetails) {
    };
    var tabFind = async function(tabId) {
      try {
-        context = await browser.contextualIdentities.query({
-          name: "i2pbrowser"
-        });
-        tabId.cookieStoreId = context[0].cookieStoreId;
        console.log("(proxy) forcing context", tabId.cookieStoreId);
        return tabId;
      } catch (error) {
--- a/scrub.js
+++ b/scrub.js
@@ -4,7 +4,7 @@ var contextScrub = async function(requestDetails) {
    var headerScrub = function(context) {
      if (!context) {
        console.error("Context not found");
-      } else if (context.name == "i2pbrowser") {
+      } else if (context.name == "I2P Browsing") {
        var ua = "MYOB/6.66 (AN/ON)";
        if (i2pHost(requestDetails.url)) {
          for (var header of requestDetails.requestHeaders) {
@@ -17,7 +17,7 @@ var contextScrub = async function(requestDetails) {
        return {
          requestHeaders: requestDetails.requestHeaders
        };
-      } else if (context.name == "routerconsole") {
+      } else if (context.name == "Router Console") {
        var ua = "MYOB/6.66 (AN/ON)";
        if (i2pHost(requestDetails.url)) {
          for (var header of requestDetails.requestHeaders) {
@@ -45,7 +45,7 @@ var contextScrub = async function(requestDetails) {
    var tabFind = async function(tabId) {
      try {
        context = await browser.contextualIdentities.query({
-          name: "i2pbrowser"
+          name: "I2P Browsing"
        });
        tabId.cookieStoreId = context[0].cookieStoreId;
        console.log("(scrub) forcing context", tabId.cookieStoreId);
@@ -76,13 +76,14 @@ var contextScrub = async function(requestDetails) {
        req = await context.then(headerScrub);
        console.log("(scrub)Scrubbing I2P Request", req);
        return req;
-      } else {
+      } else if (routerHost(requestDetails.url)) {
        tab = tabGet(requestDetails.tabId);
        context = tab.then(contextGet);
        req = await context.then(headerScrub);
        console.log("(scrub)Scrubbing non-I2P Request", req);
        return req;
      }
+      return req;
    }
  } catch (error) {
    console.log("(scrub)Not scrubbing non-I2P request.", error);
@@ -95,11 +96,11 @@ var contextSetup = async function(requestDetails) {
    var tabFind = async function(tabId) {
      try {
        var context = await browser.contextualIdentities.query({
-          name: "i2pbrowser"
+          name: "I2P Browsing"
        });
        if (tabId.cookieStoreId != context[0].cookieStoreId) {
          console.log(
-            "(isolate) forcing",
+            "(isolate) forcing I2P Browsing",
            requestDetails.url,
            " context",
            tabId.cookieStoreId,
@@ -133,11 +134,127 @@ var contextSetup = async function(requestDetails) {
    var routerTabFind = async function(tabId) {
      try {
        var context = await browser.contextualIdentities.query({
-          name: "routerconsole"
+          name: "Router Console"
        });
        if (tabId.cookieStoreId != context[0].cookieStoreId) {
          console.log(
-            "(isolate) forcing",
+            "(isolate) forcing Router Console",
+            requestDetails.url,
+            " context",
+            tabId.cookieStoreId,
+            context[0].cookieStoreId
+          );
+          function Create(window) {
+            function onCreated(tab) {
+              console.log("(isolate) Closing old, un-isolated tab");
+              browser.tabs.remove(tabId.id);
+              browser.tabs.remove(window.tabs[0].id);
+            }
+            function onError(error) {
+              console.log(`Error: ${error}`);
+            }
+            var created = browser.tabs.create({
+              active: true,
+              cookieStoreId: context[0].cookieStoreId,
+              url: requestDetails.url,
+              windowId: window.id
+            });
+            created.then(onCreated, onError);
+          }
+          var getting = browser.windows.getCurrent();
+          getting.then(Create);
+          return tabId;
+        }
+      } catch (error) {
+        console.log("(isolate)Context Error", error);
+      }
+    };
+    var i2ptunnelTabFind = async function(tabId) {
+      try {
+        var context = await browser.contextualIdentities.query({
+          name: "Hidden Services Manager"
+        });
+        if (tabId.cookieStoreId != context[0].cookieStoreId) {
+          console.log(
+            "(isolate) forcing HSM context",
+            requestDetails.url,
+            " context",
+            tabId.cookieStoreId,
+            context[0].cookieStoreId
+          );
+          function Create(window) {
+            function onCreated(tab) {
+              console.log("(isolate) Closing old, un-isolated tab");
+              browser.tabs.remove(tabId.id);
+              if (window != undefined) {
+                browser.tabs.remove(window.tabs[0].id);
+              }
+            }
+            function onError(error) {
+              console.log(`Error: ${error}`);
+            }
+            var created = browser.tabs.create({
+              active: true,
+              cookieStoreId: context[0].cookieStoreId,
+              url: requestDetails.url,
+              windowId: window.id
+            });
+            created.then(onCreated, onError);
+          }
+          var getting = browser.windows.getCurrent();
+          getting.then(Create);
+          return tabId;
+        }
+      } catch (error) {
+        console.log("(isolate)Context Error", error);
+      }
+    };
+    var snarkTabFind = async function(tabId) {
+      try {
+        var context = await browser.contextualIdentities.query({
+          name: "Bittorrent"
+        });
+        if (tabId.cookieStoreId != context[0].cookieStoreId) {
+          console.log(
+            "(isolate) forcing Bittorrent",
+            requestDetails.url,
+            " context",
+            tabId.cookieStoreId,
+            context[0].cookieStoreId
+          );
+          function Create(window) {
+            function onCreated(tab) {
+              console.log("(isolate) Closing old, un-isolated tab");
+              browser.tabs.remove(tabId.id);
+              browser.tabs.remove(window.tabs[0].id);
+            }
+            function onError(error) {
+              console.log(`Error: ${error}`);
+            }
+            var created = browser.tabs.create({
+              active: true,
+              cookieStoreId: context[0].cookieStoreId,
+              url: requestDetails.url,
+              windowId: window.id
+            });
+            created.then(onCreated, onError);
+          }
+          var getting = browser.windows.getCurrent();
+          getting.then(Create);
+          return tabId;
+        }
+      } catch (error) {
+        console.log("(isolate)Context Error", error);
+      }
+    };
+    var mailTabFind = async function(tabId) {
+      try {
+        var context = await browser.contextualIdentities.query({
+          name: "Web Mail"
+        });
+        if (tabId.cookieStoreId != context[0].cookieStoreId) {
+          console.log(
+            "(isolate) forcing Web Mail",
            requestDetails.url,
            " context",
            tabId.cookieStoreId,
@@ -171,13 +288,16 @@ var contextSetup = async function(requestDetails) {
    var anyTabFind = async function(tabId) {
      try {
        var context = await browser.contextualIdentities.query({
-          name: "fenced-default"
+          name: "Web Browsing"
        });
        console.log("(ISOLATE)", tabId.cookieStoreId);
-        if (tabId.cookieStoreId == "firefox-default") {
+        if (
+          tabId.cookieStoreId == "firefox-default" ||
+          tabId.cookieStoreId == "firefox-private"
+        ) {
          if (tabId.cookieStoreId != context[0].cookieStoreId) {
            console.log(
-              "(isolate) forcing",
+              "(isolate) forcing Web Browsing",
              requestDetails.url,
              " context",
              tabId.cookieStoreId,
@@ -227,14 +347,30 @@ var contextSetup = async function(requestDetails) {
        var mtab = tab.then(tabFind);
        return requestDetails;
      }
-      if (routerHost(requestDetails.url)) {
+      let routerhost = routerHost(requestDetails.url);
+      if (routerhost) {
+        if (routerhost === "i2ptunnelmgr") {
+          var tab = tabGet(requestDetails.tabId);
+          var mtab = tab.then(i2ptunnelTabFind);
+          return requestDetails;
+        } else if (routerhost === "i2psnark") {
+          var tab = tabGet(requestDetails.tabId);
+          var mtab = tab.then(snarkTabFind);
+          return requestDetails;
+        } else if (routerhost === "webmail") {
+          var tab = tabGet(requestDetails.tabId);
+          var mtab = tab.then(mailTabFind);
+          return requestDetails;
+        } else if (routerhost === "routerconsole") {
+          var tab = tabGet(requestDetails.tabId);
+          var mtab = tab.then(routerTabFind);
+          return requestDetails;
+        }
+      } else {
        var tab = tabGet(requestDetails.tabId);
-        var mtab = tab.then(routerTabFind);
+        var mtab = tab.then(anyTabFind);
        return requestDetails;
      }
-      var tab = tabGet(requestDetails.tabId);
-      var mtab = tab.then(anyTabFind);
-      return requestDetails;
    }
    //var tab = tabGet(requestDetails.tabId);
    //var mtab = tab.then(anyTabFind);
@@ -291,21 +427,50 @@ function localHost(url) {

 function routerHost(url) {
  let hostname = "";
+  let path = "";
+  function pathcheck(str) {
+    if (str != undefined) {
+      let final = str.split("/")[0];
+      if (final === "i2ptunnelmgr" || final === "i2ptunnel") {
+        console.log("(urlcheck) application path", final);
+        return "i2ptunnelmgr";
+      } else if (final === "i2psnark" || final == "torrents") {
+        console.log("(urlcheck) application path", final);
+        return "i2psnark";
+      } else if (final === "webmail") {
+        console.log("(urlcheck) application path", final);
+        return "webmail";
+      } else if (final == "") {
+        console.log("(urlcheck) application path", final);
+        return "routerconsole";
+      }
+    }
+    return true;
+  }
  if (url.indexOf("://") > -1) {
    hostname = url.split("/")[2];
+    prefix = url.substr(0, url.indexOf("://") + 3);
+    path = url.replace(prefix + hostname + "/", "");
  } else {
    hostname = url.split("/")[0];
+    path = url.replace(hostname + "/", "");
  }
  if (hostname === "127.0.0.1:7657") {
-    return true;
+    return pathcheck(path);
  } else if (hostname === "localhost:7657") {
-    return true;
+    return pathcheck(path);
+  }
+
+  if (hostname === "127.0.0.1:7647") {
+    return pathcheck(path);
+  } else if (hostname === "localhost:7647") {
+    return pathcheck(path);
  }

  if (hostname === "127.0.0.1:7070") {
-    return true;
+    return pathcheck(path);
  } else if (hostname === "localhost:7070") {
-    return true;
+    return pathcheck(path);
  }

  return false;