DWS/hadrian
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

improve js rewriting functionality by not relying on js to get proxy and proxified URLs; direct injection from golang

Browse Source
This commit is contained in:
Kevin Pham
2023-11-21 20:54:09 -06:00
parent a4e016b36c
commit 854dafbcfa
16 changed files with 38 additions and 183 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
proxychain/responsemodifers/rewriters/html_resource_url_rewriter.go
View File

@@ -145,7 +145,11 @@ func (r *HTMLResourceURLRewriter) Read(p []byte) (int, error) {
// inject <script> right after <head>
isHeadToken := (r.currentToken.Type == html.StartTagToken || r.currentToken.Type == html.SelfClosingTagToken) && r.currentToken.Data == "head"
if isHeadToken {
injectScript(r.tokenBuffer, rewriteJSResourceUrlsScript)
params := map[string]string{
"PROXY_ORIGIN_INJECT_FROM_GOLANG": r.proxyURL,
"ORIGIN_INJECT_FROM_GOLANG": fmt.Sprintf("%s://%s", r.baseURL.Scheme, r.baseURL.Host),
}
injectScriptWithParams(r.tokenBuffer, rewriteJSResourceUrlsScript, params)
}
r.currentTokenProcessed = false
@@ -171,6 +175,19 @@ func injectScript(tokenBuffer *bytes.Buffer, script string) {
)
}
func injectScriptWithParams(tokenBuffer *bytes.Buffer, script string, params map[string]string) {
for old, new := range params {
script = strings.ReplaceAll(
script,
fmt.Sprintf("`${%s}`", old),
fmt.Sprintf("`${%s}`", new),
)
}
tokenBuffer.WriteString(
fmt.Sprintf("\n<script>\n%s\n</script>\n", script),
)
}
// possible ad-blocking / bypassing opportunity here
func modifyInlineScript(scriptContentBuffer *bytes.Buffer) string {
return html.UnescapeString(scriptContentBuffer.String())

6
proxychain/responsemodifers/rewriters/js_resource_url_rewriter.js
View File

@@ -27,12 +27,14 @@
if (blacklistedSchemes.includes(url)) return url;
// don't double rewrite
const proxyOrigin = globalThis.window.location.origin;
//const proxyOrigin = globalThis.window.location.origin;
const proxyOrigin = `${PROXY_ORIGIN_INJECT_FROM_GOLANG}`;
if (url.startsWith(proxyOrigin)) return url;
if (url.startsWith(`/${proxyOrigin}`)) return url;
if (url.startsWith(`/${origin}`)) return url;
const origin = (new URL(decodeURIComponent(globalThis.window.location.pathname.substring(1)))).origin
//const origin = (new URL(decodeURIComponent(globalThis.window.location.pathname.substring(1)))).origin
const origin = `${ORIGIN_INJECT_FROM_GOLANG}`;
//console.log(`proxychain: origin: ${origin} // proxyOrigin: ${proxyOrigin} // original: ${oldUrl}`)
if (url.startsWith("//")) {