CCW-Code-Injection-Risk-Warning/CCW-Code-Injection-Risk-Warning.user.js at main · bddjr/CCW-Code-Injection-Risk-Warning · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
// ==UserScript==
// @name         CCW-Code-Injection-Risk-Warning
// @description  CCW代码注入风险警告，让你的账号更安全。
// @author       bddjr
// @version      20260127-1658
// @match        https://www.ccw.site/*
// @icon         https:/m.ccw.site/community/images/logo-ccw.png
// @grant        none
// @run-at       document-start
// @updateURL    https://bddjr.github.io/CCW-Code-Injection-Risk-Warning/CCW-Code-Injection-Risk-Warning.user.js
// @downloadURL  https://bddjr.github.io/CCW-Code-Injection-Risk-Warning/CCW-Code-Injection-Risk-Warning.user.js
// ==/UserScript==

// Source Code:
// https://github.com/bddjr/CCW-Code-Injection-Risk-Warning


//@ts-nocheck

const allowExtensionURLPrefix = "https://static.xiguacity.cn/h1t86b7fg6c7k36wnt0cb30m/static/js/"

// let hasCCWDataCodeInjectionFix = null
// /** 检测是否已安装 CCWData-Code-Injection-Fix.user.js */
// function checkHasCCWDataCodeInjectionFix() {
//     if (hasCCWDataCodeInjectionFix !== null) return hasCCWDataCodeInjectionFix
//     const head = document.createElement('head')
//     const script = document.createElement('script')
//     script.src = "https://static.xiguacity.cn/h1t86b7fg6c7k36wnt0cb30m/static/js/scratch3_ccw_data.cbf43b4e.js"
//     head.appendChild(script)
//     return hasCCWDataCodeInjectionFix = !!(!script.hasAttribute("src") && script.innerHTML?.includes('ccwdataExtensionSafeEval'))
// }

function checkHasExt(extensions, id) {
    id = id.toLowerCase()
    return extensions?.some(v => (String(v).toLowerCase() == id))
}

let acceptLoadExt = null

const { parse } = JSON

JSON.parse = function myParse() {
    const out = parse.apply(this, arguments)
    if (acceptLoadExt !== true && out?.targets?.[0]?.blocks) {
        if (acceptLoadExt === null) {
            const { targets, extensions, extensionURLs } = out
            const hasCCWData = checkHasExt(extensions, "CCWData")
            const hasWitCatJSSandBox = checkHasExt(extensions, "WitCatJSSandBox")
            let hasCustomExt = false
            let needWarn = false
            const msg = ['【脚本 CCW代码注入风险警告】']
            // CCWData
            if (hasCCWData) {
                // needWarn = true
                if (hasWitCatJSSandBox) {
                    needWarn = true
                    msg.push('漏洞链警告！作品可能会使用“白猫的JS沙箱”扩展调用“Gandi云数据”扩展的代码注入漏洞积木！')
                }
                // 检测代码注入漏洞积木
                let hasCodeInjectionBlock = false
                const codeInjectionBlocksCount = {
                    CCWData_getValueInJSON: 0,
                    CCWData_setValueInJSON: 0
                }
                for (const target of targets) {
                    const { blocks } = target
                    for (const id in blocks) {
                        const block = blocks[id]
                        const { opcode } = block
                        if (codeInjectionBlocksCount.hasOwnProperty(opcode)) {
                            hasCodeInjectionBlock = true
                            codeInjectionBlocksCount[opcode]++
                        }
                    }
                }
                // 生成警告消息
                const thisMsgPrefix = '作品试图加载“Gandi云数据”扩展，'
                if (hasCodeInjectionBlock) {
                    needWarn = true
                    const thisMsg = [thisMsgPrefix + '并使用以下代码注入漏洞积木：']
                    for (const opcode in codeInjectionBlocksCount) {
                        const count = codeInjectionBlocksCount[opcode]
                        if (count) thisMsg.push(JSON.stringify(opcode) + ' × ' + count + ' 块')
                    }
                    msg.push(thisMsg.join('\n'))
                } else {
                    // msg.push(thisMsgPrefix + '但未检测到代码注入漏洞积木。')
                }
            }
            // 自制扩展
            if (extensionURLs instanceof Object) {
                const customExtDisplayArray = ['作品试图加载自制扩展：']
                for (const key in extensionURLs) {
                    const url = new URL(extensionURLs[key], location).href;
                    if (!url.startsWith(allowExtensionURLPrefix)) {
                        hasCustomExt = true
                        customExtDisplayArray.push(JSON.stringify(key) + '\n' + url)
                    }
                }
                if (hasCustomExt) {
                    needWarn = true
                    msg.push(...customExtDisplayArray)
                }
            }
            // 警告
            if (needWarn) {
                console.warn(msg.join('\n\n'))
                if (hasCustomExt) msg.push('如果要复制链接，请打开DevTools，查看控制台(Console)。\n如果控制台没有内容，请刷新页面。')
                msg.push('如果要继续加载作品，请输入“继续加载”，然后点击“确定”，\n否则点击“取消”。')
                for (const message = msg.join('\n\n'); ;) {
                    let input = window.prompt(message)
                    if (input == null) {
                        acceptLoadExt = false
                        break
                    }
                    input = input.trim().toLowerCase()
                    if (["继续加载", "繼續加載", "jixujiazai"].includes(input)) {
                        acceptLoadExt = true
                        break
                    }
                }
            }
        }
        if (acceptLoadExt === false) throw Error("Reject by user script: CCW-Code-Injection-Risk-Warning")
    }
    if (acceptLoadExt === true && JSON.parse === myParse) {
        // 取消劫持
        JSON.parse = parse
    }
    return out
}