From b0e189f6449787fb823e8a58e5d5e74b96acd8f1 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Wed, 18 Jun 2025 22:14:49 -0400 Subject: Update the JShelter extension to 0.21. --- .../jsr@javascriptrestrictor/session_hash.js | 42 ++++++++++++++-------- 1 file changed, 28 insertions(+), 14 deletions(-) (limited to 'data/extensions/jsr@javascriptrestrictor/session_hash.js') diff --git a/data/extensions/jsr@javascriptrestrictor/session_hash.js b/data/extensions/jsr@javascriptrestrictor/session_hash.js index ce3445c..1a3938c 100644 --- a/data/extensions/jsr@javascriptrestrictor/session_hash.js +++ b/data/extensions/jsr@javascriptrestrictor/session_hash.js @@ -27,20 +27,34 @@ * * \note cached visited domains with related keys are only deleted after end of the session */ + +// depends on /nscl/common/CachedStorage.js + var Hashes = { - sessionHash : gen_random64().toString(), - visitedDomains : {}, - getFor(url){ + async getFor(url){ let site = getSiteForURL(url); - let domainHash = this.visitedDomains[site]; - if (!domainHash) { - let hmac = sha256.hmac.create(this.sessionHash); - hmac.update(site); - domainHash = hmac.hex(); - this.visitedDomains[site] = domainHash; - } - return { - domainHash - }; - } + let {sessionHash, visitedDomains} = await CachedStorage.init({ + sessionHash: null, + visitedDomains: {} + }, "Hashes"); + this.sessionHash = sessionHash ??= gen_random64().toString(); + let siteHashes = visitedDomains[site]; + if (!siteHashes) { + let hmac = sha256.hmac.create(this.sessionHash); + hmac.update(site); + const domainHash = hmac.hex(); + const hash = sha256.create(); + hash.update(JSON.stringify(domainHash)); + // Redefine the domainHash for incognito context: + // Compute the SHA256 hash of the original hash so that the incognito hash is: + // * significantly different to the original domainHash, + // * computationally difficult to revert, + // * the same for all incognito windows (for the same domain). + const incognitoHash = hash.hex(); + visitedDomains[site] = siteHashes = {domainHash, incognitoHash}; + await CachedStorage.save(this); + } + return siteHashes; + } }; + -- cgit v1.2.3