keewebhttp: drop malicious requests
This commit is contained in:
parent
bcb728444c
commit
2ec338341e
|
@ -11,7 +11,7 @@
|
|||
"licence": "MIT",
|
||||
"url": "https://plugins.keeweb.info/plugins/keewebhttp",
|
||||
"resources": {
|
||||
"js": "iTzPUSfTwTOP0zjeZHi8xNzmEg357fHuBQ4kHDlFqu4Svn5tZoseSm/XI9rscKnM5EudOAKhsJfck6Z0N3hTw3Ih3LAYlik6ltpI6P1hU0KP0j9L6bcrCndEoH/BZy7iaJiZqIvQHoRy7NHNf26Bbq6W4VO1bBcx8sH3H7GnaQEGHj2zS68KRTDwVR2QIErLTtOQvwuiSZCUwyZYilvDIM1wGcKi6TDzSz38MHNIyx4X/n7uHV63ToZSB6ipcF6HpoAKGkXKBWaXosqy3LoDPAzif5EZzv7JQGB2dAtpOoq2G5grUA5YZrIQ/SSNfREWUDom7Xj1HCNb59RxViOR+Q=="
|
||||
"js": "LOKItHFTqpYOrqC5L7/P75w7r1sBMl1ZSGIdta3ifcIOQ7BJKAIH1cMNtjGuMIVZWLM7w3APjLwoeQ3pBzw91m09yGeBFY/aMQimVUJ9HV/NKls7YZN48sBtkkdR5ByIXSxniDbHsUIQJgOeTsNyDPy9jCN3tko/jO9tNG4cSgB5O77A0OYVZEbV8MtKwGgr6MNGG4mRdg+dN/23Xd+O8zgFrqCADXUjnMAQ+13y0upnIPbO6Ory1Ou7vtzssqSIpakkpxvnGqV/S25lxzLsdwtqQZRGJB4RJrY1SiB6FjZT0YuN1LqfugWEyIRbeyzdNMo7oCEiwfGR7vFnODq3kg=="
|
||||
},
|
||||
"publicKey": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oZB2Kt7AzRFNqf8FuO3C3kepHPAIQYiDPYdQxHcsiaFCwyKVx6K1cE/3vBhb8/2rj+QIIWNfAAuu1Y+2VK90ZBeq6HciukWzQRO/HWhfdy0c7JwDAslmyGI5olj0ZQkNLhkde1MiMxjDPpRhZtdJaryVO5cFJaJESpv3dV6m0qXsaQCluWYOSNfSjP9C8o2zRVjSi3ZQZnZIV5pnk9K2MtlZIPXrN9iJiM5zZ9DTSnqApI6dC9mX4R3LvGN+GTovm9C8Crl+qb106nGRR3LcweicDnPyMtZLa/E0DBpWYxUVLDp6WeLhxoUBr+6+t3Xp9IDnPoANDQXJXD0f1vQxQIDAQAB",
|
||||
"desktop": true,
|
||||
|
|
|
@ -52,6 +52,16 @@ function run() {
|
|||
return;
|
||||
}
|
||||
server = http.createServer((req, res) => {
|
||||
const origin = req.headers.origin;
|
||||
const referer = req.headers.referrer || req.headers.referer;
|
||||
if (req.method !== 'POST' || referer || origin && !origin.startsWith('chrome-extension://')) {
|
||||
if (DebugMode) {
|
||||
logger.debug('Request dropped', req.method, req.url, req.headers);
|
||||
}
|
||||
req.client.destroy();
|
||||
res.end();
|
||||
return;
|
||||
}
|
||||
if (req.method === 'POST') {
|
||||
const body = [];
|
||||
req.on('data', data => body.push(data));
|
||||
|
@ -71,10 +81,6 @@ function run() {
|
|||
res.end(response);
|
||||
});
|
||||
});
|
||||
} else {
|
||||
res.statusCode = 200;
|
||||
res.setHeader('Content-Type', 'text/plain');
|
||||
res.end('Hey dude, you should POST here!');
|
||||
}
|
||||
});
|
||||
const port = 19455;
|
||||
|
|
Loading…
Reference in New Issue