bubblev
/
bubble
9
0
Форкнуть 0
Код Задачи 0 Pull Request'ы 0 Релизы 130 Вики Активность
Метки Этапы
Новый Pull Request

#58 Add request protector app with cross-domain cookies filtering

Слито
jonathan слито 35 коммит(ов) из kris/request_protector_app в master 4 лет назад
Обсуждение 4 Коммиты 35 Измененные файлы 17
kris прокомментировал 4 лет назад

@jonathan please review

Waiting on Jenkins build: https://jenkins.bubblev.org/job/bubble-dev-kris/252/
but not sure how it will go as current master build is failing.

@jonathan please review Waiting on Jenkins build: https://jenkins.bubblev.org/job/bubble-dev-kris/252/ but not sure how it will go as current master build is failing.
jonathan был назначен kris 4 лет назад
jonathan прокомментировал 4 лет назад
Владелец

Looks good, but what would the regex be if the intent is “delete any cookies NOT belonging to the current domain, or one of its subdomains”?

It seems like we would need some more logic -- if we add these 2 things I think it would work:

  1. The regex can include {{fqdn}} which will be replaced (in mitm-land) with the (regex-escaped) FQDN for the current request
  2. In addition to regex and replacement, add mode which can be match or no_match. Or, alternatively, see if the “regex negation” syntax works in Python’s regex implementation, see: https://stackoverflow.com/questions/2637675/how-to-negate-the-whole-regex ). If regex negation works, that may be easier.

Thoughts?

Looks good, but what would the regex be if the intent is "delete any cookies NOT belonging to the current domain, or one of its subdomains"? It seems like we would need some more logic -- if we add these 2 things I think it would work: 1. The regex can include `{{fqdn}}` which will be replaced (in mitm-land) with the (regex-escaped) FQDN for the current request 2. In addition to `regex` and `replacement`, add `mode` which can be `match` or `no_match`. Or, alternatively, see if the "regex negation" syntax works in Python's regex implementation, see: https://stackoverflow.com/questions/2637675/how-to-negate-the-whole-regex ). If regex negation works, that may be easier. Thoughts?
kris прокомментировал 4 лет назад
Автор
  1. will do. Separate PR? (easier review)
  2. (?!...) is supported in python3’s re
1. will do. Separate PR? (easier review) 2. `(?!...)` is supported in python3's `re`
jonathan прокомментировал 4 лет назад
Владелец
  1. will do. Separate PR? (easier review)

No, let’s do it in this one. And test it :) this will be very cool when it works!

  1. (?!...) is supported in python3’s re

That’s good news. Let’s do that.

> 1. will do. Separate PR? (easier review) No, let's do it in this one. And test it :) this will be very cool when it works! > 2. `(?!...)` is supported in python3's `re` That's good news. Let's do that.
👍 1
kris изменил заголовок с Add request protector app with cross-domain cookies filtering на WIP: (testing after fqdn part) Add request protector app with cross-domain cookies filtering 4 лет назад
kris изменил заголовок с WIP: (testing after fqdn part) Add request protector app with cross-domain cookies filtering на Add request protector app with cross-domain cookies filtering 4 лет назад
kris изменил заголовок с Add request protector app with cross-domain cookies filtering на WIP: (waiting on fresh Jenkins build) Add request protector app with cross-domain cookies filtering 4 лет назад
kris изменил заголовок с WIP: (waiting on fresh Jenkins build) Add request protector app with cross-domain cookies filtering на Add request protector app with cross-domain cookies filtering 4 лет назад
kris прокомментировал 4 лет назад
Автор

Passing Jenkins build: https://jenkins.bubblev.org/job/bubble-dev-kris/260/

Passing Jenkins build: https://jenkins.bubblev.org/job/bubble-dev-kris/260/
jonathan запросил(а) изменения 4 лет назад
jonathan оставил комментарий

minor changes requested.

bubble-server/src/main/resources/models/defaults/bubblePlan.json
@@ -38,2 +38,3 @@
{"app": "UserBlocker"},
{"app": "TlsPassthru"}
{"app": "TlsPassthru"},
{"app": "RequestProtector"}
jonathan прокомментировал 4 лет назад

Let’s add RequestProtector app to all plans.

Let's add `RequestProtector` app to all plans.
bubble-server/src/main/resources/packer/roles/mitmproxy/files/bubble_api.py
@@ -452,0 +487,4 @@

def _replace_in_headers(headers: nheaders.Headers, modifiers_dict: dict) -> int:
"""
Taken from original mitmproxy's Header class implementation with sligh change to allow replacement with empty string
jonathan прокомментировал 4 лет назад

r/sligh/slight/

`r/sligh/slight/`
kris прокомментировал 4 лет назад

Actully, I’ll remove this second part completely as I did a larger changes here recently

Actully, I'll remove this second part completely as I did a larger changes here recently
jonathan упомянул эту задачу в коммите 4 лет назад
Add request protector app with cross-domain cookies filtering (#58) Add RequestProtector app to cheapest plan Update comment with typo Merge branch 'master' into kris/request_protector_app Merge branch 'master' into kris/request_protector_app Merge branch 'kris/request_protector_app' of git.bubblev.org:bubblev/bubble into kris/request_protector_app Extract method for updating requests host and port Fix header replacement Replace all cross-domain cookies with empty Add fqdn variable support in header replacements Merge branch 'master' into kris/request_protector_app Merge branch 'master' into kris/request_protector_app Merge branch 'master' into kris/request_protector_app Merge branch 'master' into kris/request_protector_app Add add header replacement button label Try to add initial header replacement for cross-domain cookies Merge branch 'master' into kris/request_protector_app Merge branch 'master' into kris/request_protector_app use special header replacement to skip emptied headers Set RequestProtector replacement optional again Fix replacement reference in RequestProtector app Update flex domains with empty set if needed Add back request heades modifiers as prime app Extract and refactor _primeApp method Merge branch 'master' into kris/request_protector_app # Conflicts - WIP: # bubble-server/src/main/java/bubble/service/stream/StandardAppPrimerService.java Use HeaderReplacement's id field in JSONs Make RequestProtector's replacement field required Add new app to some plans Set new app to have `app` presentation Add RuleDriver and AppMatcher for the new app Add request protector app Remove not used filter Merge branch 'master' into kris/request_protector_app Add full support for response header modification Merge branch 'master' into kris/request_protector_app # Conflicts: # utils/cobbzilla-utils Add RequestProtector app Co-authored-by: jonathan <jonathan@noreply.git.bubblev.org> Co-authored-by: Kristijan Mitrovic <kmitrovic@itekako.com> Reviewed-on: https://git.bubblev.org/bubblev/bubble/pulls/58
jonathan closed this pull request 4 лет назад
jonathan удалена ветка kris/request_protector_app 4 лет назад

Рецензенты

jonathan запросил(а) изменения 4 лет назад
Pull Request был объединен как %!с(string=237e90d126).
Войдите, чтобы присоединиться к обсуждению.
Рецензенты
Запросить отзыв
Нет рецензентов
 jonathan
Метки
Применить метки
Отчистить метки
Нет элементов
Нет меток
Этап
Установить этап
Очистить этап
Нет элементов
Нет этапа
Назначенные
Назначить пользователей
Убрать ответственных
Нет назначенных лиц
 jonathan
2 участников
Уведомления
Срок выполнения

Срок выполнения не установлен.

Зависимости

Этот запрос на слияние в настоящее время не имеет никаких зависимостей.

Редактирование Предпросмотр
Загрузка…
Отмена
Сохранить
Пока нет содержимого.
Удалить ветку 'kris/request_protector_app'

Удаление ветки НЕОБРАТИМО. Действие никак нельзя отменить.

Нет
Да