UNPKG

page-integrity-js

Version:

A library for monitoring and controlling DOM mutations and script execution, essential for PCI DSS compliance and security audits

93 lines 4.05 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } step((generator = generator.apply(thisArg, _arguments || [])).next()); }); }; import { analyzeScript as analyzeScriptContent } from './script-analyzer'; import { createHash } from './hash'; export function checkCachedResponse(cacheManager, url, content) { return __awaiter(this, void 0, void 0, function* () { const hash = createHash(content); const cached = yield cacheManager.getCachedResponse(hash); if (cached && cached.analysis) { const score = typeof cached.analysis.score === 'number' ? cached.analysis.score : 0; const threats = Array.isArray(cached.analysis.threats) ? cached.analysis.threats : []; const isMalicious = score >= 3 || threats.length >= 2; return { blocked: isMalicious, reason: cached.reason || 'Cached block', analysis: cached.analysis }; } return { blocked: false }; }); } export function analyzeAndBlockScript(scriptBlocker, url, content) { return __awaiter(this, void 0, void 0, function* () { var _a; const analysis = analyzeScriptContent(content); const config = (_a = scriptBlocker['config']) === null || _a === void 0 ? void 0 : _a.analysisConfig; if (!config) { return { blocked: false, analysis }; } if (analysis.score >= config.minScore || analysis.threats.length >= config.maxThreats) { return { blocked: true, reason: 'Malicious script detected', analysis }; } return { blocked: false, analysis }; }); } export class ScriptBlocker { constructor(cacheManager, config) { this.cacheManager = cacheManager; this.blockedScripts = new Map(); this.config = config; } shouldBlockScript(url, content) { return __awaiter(this, void 0, void 0, function* () { var _a; // Check if script is blacklisted const isBlacklisted = (_a = this.config.blacklistedHosts) === null || _a === void 0 ? void 0 : _a.some(host => url.includes(host)); if (isBlacklisted) { this.blockedScripts.set(url, { url, reason: 'Blacklisted script' }); return { blocked: true, reason: 'Blacklisted script' }; } // Check cache first const cached = yield checkCachedResponse(this.cacheManager, url, content); if (cached.blocked) { this.blockedScripts.set(url, { url, reason: cached.reason || 'Cached block', analysis: cached.analysis }); return cached; } // Analyze script for monitoring const analysis = analyzeScriptContent(content); this.blockedScripts.set(url, { url, reason: 'Script analyzed', analysis }); return { blocked: false, analysis }; }); } isScriptBlocked(url) { return this.blockedScripts.has(url); } getBlockedScript(url) { return this.blockedScripts.get(url); } getAllBlockedScripts() { return Array.from(this.blockedScripts.values()); } clearBlockedScripts() { this.blockedScripts.clear(); } getBlockedScriptsCount() { return this.blockedScripts.size; } } //# sourceMappingURL=script-blocker.js.map