Cavemanon/haproxy-protection
8
Fork 0
mirror of https://gitgud.io/fatchan/haproxy-protection.git synced 2025-05-09 02:05:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Delete all basedflare cookies for domain when getting "rejected", prevent a bad (or even expired or changed key) cookie from overwriting a valid cookie in the cookie table

Browse Source
This commit is contained in:
Thomas Lynch
2023-12-14 23:12:08 +11:00
parent 3f1852dd1b
commit b19bd19581
2 changed files with 25 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/js/auto.js
View File

@ -40,6 +40,15 @@ if (!window._basedflareAuto) {
});
};
clearCookiesForDomains = (domain) => {
const parts = domain.split('.');
for (let i = 0; i < parts.length - 1; i++) {
const subdomain = parts.slice(i).join('.');
document.cookie = `_basedflare_pow=; Max-Age=-9999999; Path=/; Domain=.${subdomain}`;
document.cookie = `_basedflare_captcha=; Max-Age=-9999999; Path=/; Domain=.${subdomain}`;
}
};
messageHandler = (e, json) => {
console.log('messageHandler')
if (e.data.length === 1) { return; }
@ -57,10 +66,13 @@ if (!window._basedflareAuto) {
}),
redirect: "manual",
}).then((res) => {
if (res.status >= 400) {
this.fails++;
console.error("basedflare post status >= 400", res);
if (res.status >= 400 && res.status < 500) {
clearCookiesForDomain(location.hostname);
console.error("Server rejected your submission.");
} else if (res.status >= 500) {
console.error("Server encountered an error.");
}
this.fails++;
}).catch((e) => {
console.error(e);
}).finally(() => {

10
src/js/challenge.js
View File

@ -76,6 +76,15 @@ const wasmSupported = (() => {
// }
// };
function clearCookiesForDomains(domain) {
const parts = domain.split('.');
for (let i = 0; i < parts.length - 1; i++) {
const subdomain = parts.slice(i).join('.');
document.cookie = `_basedflare_pow=; Max-Age=-9999999; Path=/; Domain=.${subdomain}`;
document.cookie = `_basedflare_captcha=; Max-Age=-9999999; Path=/; Domain=.${subdomain}`;
}
}
function postResponse(powResponse, captchaResponse) {
const body = {
"pow_response": powResponse,
@ -94,6 +103,7 @@ function postResponse(powResponse, captchaResponse) {
}).then((res) => {
const s = res.status;
if (s >= 400 && s < 500) {
clearCookiesForDomain(location.hostname);
return insertError(__("Server rejected your submission."));
} else if (s >= 500) {
return insertError(__("Server encountered an error."));