8585 ex [ 'chrome-extension' ] = mod [ 'chrome-extension' ] ;
8686 ex [ 'chrome-extension' ] . initmod ( { ext, $, menu, menumod, ace} ) ;
8787
88+ ex [ 'ws-server' ] = mod [ 'ws-server' ] ;
89+ ex [ 'ws-server' ] . initmod ( { ext, $, menu, menumod, ace} ) ;
90+ ex [ 'ws-client' ] = mod [ 'ws-client' ] ;
91+ ex [ 'ws-client' ] . initmod ( { ext, $, menu, menumod, ace} ) ;
92+
93+ ex [ 'proxy' ] = mod [ 'proxy' ] ;
94+ ex [ 'proxy' ] . initmod ( { ext, $, menu, menumod, ace} ) ;
95+ ex [ 'test' ] = mod [ 'test' ] ;
96+ ex [ 'test' ] . initmod ( { ext, $, menu, menumod, ace} ) ;
97+
8898
8999
90100 await Promise . all ( [
95105 ex [ 'firefox-extension' ] . init ( ) ,
96106 ex [ 'chrome-manifest' ] . init ( ) ,
97107 ex [ 'chrome-extension' ] . init ( ) ,
108+ ex [ 'ws-server' ] . init ( ) ,
109+ ex [ 'ws-client' ] . init ( ) ,
110+ ex [ 'proxy' ] . init ( ) ,
111+ ex [ 'test' ] . init ( ) ,
98112
99113 ] ) ;
100114
148162 {display : none}
149163
150164 .description
151- {max-width : 1000 px text-align : justify;border-left : 4px solid # 4a90e2padding : 1rem 2rem ;
165+ {max-width : 1200 px text-align : justify;border-left : 4px solid # 4a90e2padding : 1rem 2rem ;
152166 background-color : # f9f9f9font-family : system-ui, sans-serif;font-size : 1rem ;line-height : 1.6 ;color : # 333
153167 .description > p
154168 {margin : 0 }
211225 {font-family : pacifico}
212226
213227 .br
214- {margin-top : 1 em
228+ {margin-top : 0.8 em
215229
216230 </ style >
217231
@@ -318,7 +332,58 @@ <h3 class=bog-hdr>
318332 </ section >
319333
320334
335+ < section class =blog-text >
336+ < h3 >
337+ How to Tell if it Worked?
338+ </ h3 >
339+ < p >
340+ Well the test in question was on a webpage protected with a content-security-policy, create a websocket
341+ to a local server ( or other )< br >
342+ < div class =br > </ div >
343+ So i thought this would make for some interesting code< br >
344+ < div class =br > </ div >
345+ Its worth noting here that when a server uses a certificate not in the trsuted root store, self-signed or otherwise,
346+ it requires top-level navigation to get the browser to accept that certificate, any other form of navigation will
347+ fail silently< br >
348+ < div class =br > </ div >
349+ Here is a minimal websocket server, supports text only, upto 125 bytes
350+ </ p >
351+
352+ < snippet-editor id =ws-server src ='ws/websocket-server.js ' mode =js fullsize component > </ snippet-editor >
353+
354+ < p >
355+ And the code to connect onto it
356+ </ p >
321357
358+ < snippet-editor id =ws-client src ='ws/websocket-client.js ' mode =js fullsize component > </ snippet-editor >
359+ </ section >
360+
361+
362+ < section class =blog-text >
363+ < h3 >
364+ bypassing content-security policy with a mitm proxy
365+ </ h3 >
366+ < p >
367+ so we can bypass the content-security-protocol header with a mitm proxy and remove the header before sending it to the
368+ browser
369+ </ p >
370+
371+ < snippet-editor id =proxy src ='proxy/mitm-proxy.js ' mode =js fullsize component > </ snippet-editor >
372+ </ section >
373+
374+
375+ < section class =blog-text >
376+ < h3 >
377+ checking the input / output of the mitm proxy
378+ </ h3 >
379+ < p >
380+ by connecting onto the server below we can check the actual input and output of the mitm proxy, should you wish to adapt
381+ the code, its always good to be able to check exactly what is happening
382+ </ p >
383+
384+ < snippet-editor id =test src ='server/test-server.js ' mode =js fullsize component > </ snippet-editor >
385+ </ section >
386+
322387
323388
324389 < log-mod component > </ log-mod >
@@ -339,6 +404,11 @@ <h3 class=bog-hdr>
339404 ex [ 'firefox-extension' ] . initdom ( ) ;
340405 ex [ 'chrome-manifest' ] . initdom ( ) ;
341406 ex [ 'chrome-extension' ] . initdom ( ) ;
407+ ex [ 'ws-server' ] . initdom ( ) ;
408+ ex [ 'ws-client' ] . initdom ( ) ;
409+ ex [ 'proxy' ] . initdom ( ) ;
410+ ex [ 'test' ] . initdom ( ) ;
411+
342412
343413 } //initdom
344414
0 commit comments