Cavemanon/haproxy-protection
8
Fork 0
mirror of https://gitgud.io/fatchan/haproxy-protection.git synced 2025-05-09 02:05:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Delete all basedflare cookies for domain when getting "rejected", prevent a bad (or even expired or changed key) cookie from overwriting a valid cookie in the cookie table

Browse Source
This commit is contained in:
Thomas Lynch
2023-12-14 23:12:08 +11:00
parent 3f1852dd1b
commit b19bd19581
2 changed files with 25 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/js/auto.js
View File

@ -40,6 +40,15 @@ if (!window._basedflareAuto) {
}); });
}; };
clearCookiesForDomains = (domain) => {
const parts = domain.split('.');
for (let i = 0; i < parts.length - 1; i++) {
const subdomain = parts.slice(i).join('.');
document.cookie = `_basedflare_pow=; Max-Age=-9999999; Path=/; Domain=.${subdomain}`;
document.cookie = `_basedflare_captcha=; Max-Age=-9999999; Path=/; Domain=.${subdomain}`;
}
};
messageHandler = (e, json) => { messageHandler = (e, json) => {
console.log('messageHandler') console.log('messageHandler')
if (e.data.length === 1) { return; } if (e.data.length === 1) { return; }
@ -57,10 +66,13 @@ if (!window._basedflareAuto) {
}), }),
redirect: "manual", redirect: "manual",
}).then((res) => { }).then((res) => {
if (res.status >= 400) { if (res.status >= 400 && res.status < 500) {
this.fails++; clearCookiesForDomain(location.hostname);
console.error("basedflare post status >= 400", res); console.error("Server rejected your submission.");
} else if (res.status >= 500) {
console.error("Server encountered an error.");
} }
this.fails++;
}).catch((e) => { }).catch((e) => {
console.error(e); console.error(e);
}).finally(() => { }).finally(() => {

10
src/js/challenge.js
View File

@ -76,6 +76,15 @@ const wasmSupported = (() => {
// } // }
// }; // };
function clearCookiesForDomains(domain) {
const parts = domain.split('.');
for (let i = 0; i < parts.length - 1; i++) {
const subdomain = parts.slice(i).join('.');
document.cookie = `_basedflare_pow=; Max-Age=-9999999; Path=/; Domain=.${subdomain}`;
document.cookie = `_basedflare_captcha=; Max-Age=-9999999; Path=/; Domain=.${subdomain}`;
}
}
function postResponse(powResponse, captchaResponse) { function postResponse(powResponse, captchaResponse) {
const body = { const body = {
"pow_response": powResponse, "pow_response": powResponse,
@ -94,6 +103,7 @@ function postResponse(powResponse, captchaResponse) {
}).then((res) => { }).then((res) => {
const s = res.status; const s = res.status;
if (s >= 400 && s < 500) { if (s >= 400 && s < 500) {
clearCookiesForDomain(location.hostname);
return insertError(__("Server rejected your submission.")); return insertError(__("Server rejected your submission."));
} else if (s >= 500) { } else if (s >= 500) {
return insertError(__("Server encountered an error.")); return insertError(__("Server encountered an error."));