From c29ea5340532919e5fab90e113054184b7256d1b Mon Sep 17 00:00:00 2001 From: n1474335 Date: Mon, 21 May 2018 19:08:24 +0000 Subject: [PATCH] ESM: Ported Punycode, HTTP and PRNG operations --- src/core/operations/FromPunycode.mjs | 52 +++++++ src/core/operations/HTTPRequest.mjs | 146 ++++++++++++++++++ src/core/operations/ParseUserAgent.mjs | 55 +++++++ .../PseudoRandomNumberGenerator.mjs | 80 ++++++++++ src/core/operations/StripHTTPHeaders.mjs | 42 +++++ src/core/operations/ToPunycode.mjs | 52 +++++++ 6 files changed, 427 insertions(+) create mode 100644 src/core/operations/FromPunycode.mjs create mode 100644 src/core/operations/HTTPRequest.mjs create mode 100644 src/core/operations/ParseUserAgent.mjs create mode 100644 src/core/operations/PseudoRandomNumberGenerator.mjs create mode 100644 src/core/operations/StripHTTPHeaders.mjs create mode 100644 src/core/operations/ToPunycode.mjs diff --git a/src/core/operations/FromPunycode.mjs b/src/core/operations/FromPunycode.mjs new file mode 100644 index 00000000..1a1cebbf --- /dev/null +++ b/src/core/operations/FromPunycode.mjs @@ -0,0 +1,52 @@ +/** + * @author n1474335 [n1474335@gmail.com] + * @copyright Crown Copyright 2016 + * @license Apache-2.0 + */ + +import Operation from "../Operation"; +import punycode from "punycode"; + +/** + * From Punycode operation + */ +class FromPunycode extends Operation { + + /** + * FromPunycode constructor + */ + constructor() { + super(); + + this.name = "From Punycode"; + this.module = "Encodings"; + this.description = "Punycode is a way to represent Unicode with the limited character subset of ASCII supported by the Domain Name System.

e.g. mnchen-3ya decodes to m\xfcnchen"; + this.inputType = "string"; + this.outputType = "string"; + this.args = [ + { + "name": "Internationalised domain name", + "type": "boolean", + "value": false + } + ]; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + const idn = args[0]; + + if (idn) { + return punycode.toUnicode(input); + } else { + return punycode.decode(input); + } + } + +} + +export default FromPunycode; diff --git a/src/core/operations/HTTPRequest.mjs b/src/core/operations/HTTPRequest.mjs new file mode 100644 index 00000000..6846f97a --- /dev/null +++ b/src/core/operations/HTTPRequest.mjs @@ -0,0 +1,146 @@ +/** + * @author tlwr [toby@toby.codes] + * @author n1474335 [n1474335@gmail.com] + * @copyright Crown Copyright 2016 + * @license Apache-2.0 + */ + +import Operation from "../Operation"; +import OperationError from "../errors/OperationError"; + +/** + * HTTP request operation + */ +class HTTPRequest extends Operation { + + /** + * HTTPRequest constructor + */ + constructor() { + super(); + + this.name = "HTTP request"; + this.module = "Default"; + this.description = [ + "Makes an HTTP request and returns the response.", + "

", + "This operation supports different HTTP verbs like GET, POST, PUT, etc.", + "

", + "You can add headers line by line in the format Key: Value", + "

", + "The status code of the response, along with a limited selection of exposed headers, can be viewed by checking the 'Show response metadata' option. Only a limited set of response headers are exposed by the browser for security reasons.", + ].join("\n"); + this.inputType = "string"; + this.outputType = "string"; + this.manualBake = true; + this.args = [ + { + "name": "Method", + "type": "option", + "value": [ + "GET", "POST", "HEAD", + "PUT", "PATCH", "DELETE", + "CONNECT", "TRACE", "OPTIONS" + ] + }, + { + "name": "URL", + "type": "string", + "value": "" + }, + { + "name": "Headers", + "type": "text", + "value": "" + }, + { + "name": "Mode", + "type": "option", + "value": [ + "Cross-Origin Resource Sharing", + "No CORS (limited to HEAD, GET or POST)", + ] + }, + { + "name": "Show response metadata", + "type": "boolean", + "value": false + } + ]; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + const [method, url, headersText, mode, showResponseMetadata] = args; + + if (url.length === 0) return ""; + + const headers = new Headers(); + headersText.split(/\r?\n/).forEach(line => { + line = line.trim(); + + if (line.length === 0) return; + + const split = line.split(":"); + if (split.length !== 2) throw `Could not parse header in line: ${line}`; + + headers.set(split[0].trim(), split[1].trim()); + }); + + const config = { + method: method, + headers: headers, + mode: modeLookup[mode], + cache: "no-cache", + }; + + if (method !== "GET" && method !== "HEAD") { + config.body = input; + } + + return fetch(url, config) + .then(r => { + if (r.status === 0 && r.type === "opaque") { + throw new OperationError("Error: Null response. Try setting the connection mode to CORS."); + } + + if (showResponseMetadata) { + let headers = ""; + for (const pair of r.headers.entries()) { + headers += " " + pair[0] + ": " + pair[1] + "\n"; + } + return r.text().then(b => { + return "####\n Status: " + r.status + " " + r.statusText + + "\n Exposed headers:\n" + headers + "####\n\n" + b; + }); + } + return r.text(); + }) + .catch(e => { + throw new OperationError(e.toString() + + "\n\nThis error could be caused by one of the following:\n" + + " - An invalid URL\n" + + " - Making a request to an insecure resource (HTTP) from a secure source (HTTPS)\n" + + " - Making a cross-origin request to a server which does not support CORS\n"); + }); + } + +} + + +/** + * Lookup table for HTTP modes + * + * @private + */ +const modeLookup = { + "Cross-Origin Resource Sharing": "cors", + "No CORS (limited to HEAD, GET or POST)": "no-cors", +}; + + +export default HTTPRequest; diff --git a/src/core/operations/ParseUserAgent.mjs b/src/core/operations/ParseUserAgent.mjs new file mode 100644 index 00000000..c1dda3cf --- /dev/null +++ b/src/core/operations/ParseUserAgent.mjs @@ -0,0 +1,55 @@ +/** + * @author n1474335 [n1474335@gmail.com] + * @copyright Crown Copyright 2016 + * @license Apache-2.0 + */ + +import Operation from "../Operation"; +import UAParser from "ua-parser-js"; + +/** + * Parse User Agent operation + */ +class ParseUserAgent extends Operation { + + /** + * ParseUserAgent constructor + */ + constructor() { + super(); + + this.name = "Parse User Agent"; + this.module = "UserAgent"; + this.description = "Attempts to identify and categorise information contained in a user-agent string."; + this.inputType = "string"; + this.outputType = "string"; + this.args = []; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + const ua = UAParser(input); + return `Browser + Name: ${ua.browser.name || "unknown"} + Version: ${ua.browser.version || "unknown"} +Device + Model: ${ua.device.model || "unknown"} + Type: ${ua.device.type || "unknown"} + Vendor: ${ua.device.vendor || "unknown"} +Engine + Name: ${ua.engine.name || "unknown"} + Version: ${ua.engine.version || "unknown"} +OS + Name: ${ua.os.name || "unknown"} + Version: ${ua.os.version || "unknown"} +CPU + Architecture: ${ua.cpu.architecture || "unknown"}`; + } + +} + +export default ParseUserAgent; diff --git a/src/core/operations/PseudoRandomNumberGenerator.mjs b/src/core/operations/PseudoRandomNumberGenerator.mjs new file mode 100644 index 00000000..0b5e45be --- /dev/null +++ b/src/core/operations/PseudoRandomNumberGenerator.mjs @@ -0,0 +1,80 @@ +/** + * @author n1474335 [n1474335@gmail.com] + * @copyright Crown Copyright 2016 + * @license Apache-2.0 + */ + +import Operation from "../Operation"; +import Utils from "../Utils"; +import forge from "node-forge/dist/forge.min.js"; +import BigNumber from "bignumber.js"; + +/** + * Pseudo-Random Number Generator operation + */ +class PseudoRandomNumberGenerator extends Operation { + + /** + * PseudoRandomNumberGenerator constructor + */ + constructor() { + super(); + + this.name = "Pseudo-Random Number Generator"; + this.module = "Ciphers"; + this.description = "A cryptographically-secure pseudo-random number generator (PRNG).

This operation uses the browser's built-in crypto.getRandomValues() method if available. If this cannot be found, it falls back to a Fortuna-based PRNG algorithm."; + this.inputType = "string"; + this.outputType = "string"; + this.args = [ + { + "name": "Number of bytes", + "type": "number", + "value": 32 + }, + { + "name": "Output as", + "type": "option", + "value": ["Hex", "Integer", "Byte array", "Raw"] + } + ]; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + const [numBytes, outputAs] = args; + + let bytes; + + if (ENVIRONMENT_IS_WORKER() && self.crypto) { + bytes = self.crypto.getRandomValues(new Uint8Array(numBytes)); + bytes = Utils.arrayBufferToStr(bytes.buffer); + } else { + bytes = forge.random.getBytesSync(numBytes); + } + + let value = new BigNumber(0), + i; + + switch (outputAs) { + case "Hex": + return forge.util.bytesToHex(bytes); + case "Integer": + for (i = bytes.length - 1; i >= 0; i--) { + value = value.times(256).plus(bytes.charCodeAt(i)); + } + return value.toFixed(); + case "Byte array": + return JSON.stringify(Utils.strToCharcode(bytes)); + case "Raw": + default: + return bytes; + } + } + +} + +export default PseudoRandomNumberGenerator; diff --git a/src/core/operations/StripHTTPHeaders.mjs b/src/core/operations/StripHTTPHeaders.mjs new file mode 100644 index 00000000..a46e675c --- /dev/null +++ b/src/core/operations/StripHTTPHeaders.mjs @@ -0,0 +1,42 @@ +/** + * @author n1474335 [n1474335@gmail.com] + * @copyright Crown Copyright 2016 + * @license Apache-2.0 + */ + +import Operation from "../Operation"; + +/** + * Strip HTTP headers operation + */ +class StripHTTPHeaders extends Operation { + + /** + * StripHTTPHeaders constructor + */ + constructor() { + super(); + + this.name = "Strip HTTP headers"; + this.module = "Default"; + this.description = "Removes HTTP headers from a request or response by looking for the first instance of a double newline."; + this.inputType = "string"; + this.outputType = "string"; + this.args = []; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + let headerEnd = input.indexOf("\r\n\r\n"); + headerEnd = (headerEnd < 0) ? input.indexOf("\n\n") + 2 : headerEnd + 4; + + return (headerEnd < 2) ? input : input.slice(headerEnd, input.length); + } + +} + +export default StripHTTPHeaders; diff --git a/src/core/operations/ToPunycode.mjs b/src/core/operations/ToPunycode.mjs new file mode 100644 index 00000000..8951cb5f --- /dev/null +++ b/src/core/operations/ToPunycode.mjs @@ -0,0 +1,52 @@ +/** + * @author n1474335 [n1474335@gmail.com] + * @copyright Crown Copyright 2016 + * @license Apache-2.0 + */ + +import Operation from "../Operation"; +import punycode from "punycode"; + +/** + * To Punycode operation + */ +class ToPunycode extends Operation { + + /** + * ToPunycode constructor + */ + constructor() { + super(); + + this.name = "To Punycode"; + this.module = "Encodings"; + this.description = "Punycode is a way to represent Unicode with the limited character subset of ASCII supported by the Domain Name System.

e.g. m\xfcnchen encodes to mnchen-3ya"; + this.inputType = "string"; + this.outputType = "string"; + this.args = [ + { + "name": "Internationalised domain name", + "type": "boolean", + "value": false + } + ]; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + const idn = args[0]; + + if (idn) { + return punycode.toASCII(input); + } else { + return punycode.encode(input); + } + } + +} + +export default ToPunycode;