Cavemanon/haproxy-protection
8
Fork 0
mirror of https://gitgud.io/fatchan/haproxy-protection.git synced 2025-05-09 02:05:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Delete all basedflare cookies for domain when getting "rejected", prevent a bad (or even expired or changed key) cookie from overwriting a valid cookie in the cookie table

Browse Source
This commit is contained in:
Thomas Lynch
2023-12-14 23:12:08 +11:00
parent 3f1852dd1b
commit b19bd19581
2 changed files with 25 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/js/challenge.js
View File

@ -76,6 +76,15 @@ const wasmSupported = (() => {
// }
// };
function clearCookiesForDomains(domain) {
const parts = domain.split('.');
for (let i = 0; i < parts.length - 1; i++) {
const subdomain = parts.slice(i).join('.');
document.cookie = `_basedflare_pow=; Max-Age=-9999999; Path=/; Domain=.${subdomain}`;
document.cookie = `_basedflare_captcha=; Max-Age=-9999999; Path=/; Domain=.${subdomain}`;
}
}
function postResponse(powResponse, captchaResponse) {
const body = {
"pow_response": powResponse,
@ -94,6 +103,7 @@ function postResponse(powResponse, captchaResponse) {
}).then((res) => {
const s = res.status;
if (s >= 400 && s < 500) {
clearCookiesForDomain(location.hostname);
return insertError(__("Server rejected your submission."));
} else if (s >= 500) {
return insertError(__("Server encountered an error."));