blob: 0df541af29b27f13198a1b52c1e7741e98275719 (
plain) (
tree)
|
|
// Based on https://github.com/mdn/webextensions-examples/blob/main/root-cert-stats/background.js
let certs = [];
// On header receive, inspect cert and update app icon as required
async function onHeaderReceive(details) {
try {
await certInspectUpdate(details.requestId);
} catch(error) {
console.error(error);
}
}
async function certInspectUpdate(requestId) {
let securityInfo = await browser.webRequest.getSecurityInfo(
requestId,
{
"certificateChain": true
}
);
if (securityInfo.state !== "secure" || securityInfo.isUntrusted) {
setIcon("nope");
return;
}
// Flagged as "secure" - check if CA is against any of our flagged CAs
// root is last in the array cert chain
let rootCA = securityInfo.certificates[securityInfo.certificates.length - 1];
for (let cert of certs) {
if (rootCA.subject.includes(cert)) {
setIcon("nope");
return;
}
}
setIcon("ok");
}
function setIcon(icon) {
browser.browserAction.setIcon({ path: "icons/" + icon + ".png" });
}
// Listen for all header receive events, which contain the cert details we want
browser.webRequest.onHeadersReceived.addListener(
onHeaderReceive,
{
urls: ["<all_urls>"]
},
[
"blocking"
]
);
function updateCerts() {
const getting = browser.storage.sync.get("certs");
getting.then(saved => {
certs = saved.certs;
console.log("certs=" + certs)
}, console.error)
}
// Listen to config change for certs list
browser.storage.local.onChanged.addListener(() => updateCerts());
// Initial config fetch
updateCerts();
|