Make every base hash its own origin, effectively.

2017-12-23 22:30:47 -08:00 · 2017-12-23 22:30:47 -08:00 · 04d2391f26
parent e6fc8a8b13
commit 04d2391f26
1 changed files with 30 additions and 7 deletions
--- a/src/fetcher.js
+++ b/src/fetcher.js
@ -64,32 +64,55 @@ function not_found_response() {
    )
 }

+function forbidden_response() {
+    return response(
+        403, 'Forbidden',
+        Buffer.from('<html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>403 Forbidden</h1></center><hr><center>Intergalactic</center></body></html>'),
+        {'Content-Type': 'text/html; charset=utf-8'}
+    )
+}
+
 self.addEventListener('fetch', (event) => {
    if (!event.request.url.startsWith(self.location.origin)) {
-        return console.log('Fetch not in scope:', event.request.url)
+        return console.log('fetch not in scope:', event.request.url)
    }

    console.log('handling fetch event:', event.request.url)

-    const url = new URL(event.request.url)
-    const multihash = url.pathname
+    const request_path = (new URL(event.request.url)).pathname

    // If this isn't an IPFS URL, bail.
-    if (!multihash.startsWith('/ipfs/')) {
-        console.log('not a valid IPFS hash:', multihash)
-        if (multihash != '/bundle.js' && multihash != '/fetcher.js') {
+    if (!request_path.startsWith('/ipfs/')) {
+        console.log('not a valid IPFS hash:', request_path)
+        if (request_path != '/bundle.js' && request_path != '/fetcher.js') {
            event.respondWith(not_found_response())
        }
        return
    }

+    // If this is a same-origin or CORS request, and it's not to a URL within the same base IPFS
+    // hash, then block it as forbidden. This in effect gives each base IPFS hash its own origin.
+    if (event.request.mode == 'same-origin' || event.request.mode == 'cors') {
+        let matches = /^(\/ipfs\/\w*)/.exec((new URL(event.request.referrer)).pathname)
+        let referrer_base_path = matches[1]
+        if (referrer_base_path && !request_path.startsWith(referrer_base_path)) {
+            console.log(
+                'denying ' + event.request.mode + ' request from referrer with different base hash:',
+                event.request.referrer
+            )
+            event.respondWith(forbidden_response())
+            return
+        }
+    }
+
+
    if (!ipfs_initialized) {
        ipfs_initialized = initialize_ipfs()
    }

    event.respondWith(
        ipfs_initialized.then(() => {
-            return node.files.get(multihash)
+            return node.files.get(request_path)
        }).then((files) => {
            // If there's just one result, return it.
            if (files.length == 1 && files[0].content) {