-
Notifications
You must be signed in to change notification settings - Fork 42
/
Copy pathcsp2.pl
91 lines (89 loc) · 2.75 KB
/
csp2.pl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
use Digest::SHA qw(sha256_base64);
use File::Copy;
my $start = "Header set Content-Security-Policy \"default-src 'none'; base-uri 'none'; img-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com; connect-src 'self' *.google-analytics.com *.analytics.google.com; frame-ancestors 'self'; manifest-src 'self';";
open(my $htaccess, '>>', '.htaccess');
opendir($dir, "C:/pages");
while (readdir $dir)
{
my $dirEntry = $_;
next if (index($dirEntry, ".HTM") < 0);
next if (index($dirEntry, ".br") >= 0);
next if (index($dirEntry, ".gz") >= 0);
my $newstart = $start;
if (($dirEntry eq "BIGCALC.HTM") || ($dirEntry eq "GRANCALC.HTM"))
{
next;
}
if (($dirEntry eq "FORM.HTM") || ($dirEntry eq "FORMULAR.HTM"))
{
$newstart = $newstart."form-action 'self';";
}
elsif (($dirEntry eq "DONATION.HTM") || ($dirEntry eq "DONACIONES.HTM"))
{
$newstart = $newstart."form-action www.paypal.com;";
}
else
{
$newstart = $newstart."form-action 'none';";
}
open(my $filehandle, '<', "C:/pages/$dirEntry");
my $data = do { local $/; <$filehandle> };
my $extra = "";
print $htaccess "<Files ${dirEntry}>\n${newstart}";
getHashes($data, "style", $hash, "");
print $htaccess $hash;
getHashes($data, "script", $hash, $extra);
print $htaccess "${hash} report-uri https://alpertron23.report-uri.com/r/d/csp/enforce\"\n";
print $htaccess "</Files>\n\n";
close($filehandle);
}
closedir $dir;
$newstart = $start."form-action 'none';";
open(my $filehandle, '<', "C:/pages/index.htm");
my $data = do { local $/; <$filehandle> };
my $extra = "";
print $htaccess "<Files index.htm>\n${newstart}";
getHashes($data, "style", $hash, "");
print $htaccess $hash;
getHashes($data, "script", $hash, $extra);
print $htaccess "${hash} report-uri https://alpertron23.report-uri.com/r/d/csp/enforce\"\n";
print $htaccess "</Files>\n\n";
close($filehandle);
sub getHashes
{
my $data = $_[0];
my $tagname = $_[1];
my $extra = $_[3];
$_[2] = "";
for (;;)
{
my $firstIndex = index($data, "<${tagname}>");
if ($firstIndex == -1)
{
last;
}
my $lastIndex = index($data, "</${tagname}>", $firstIndex);
$firstIndex = $firstIndex + length($tagname) + 2;
my $substr = substr($data, $firstIndex, $lastIndex - $firstIndex);
my $hash = sha256_base64($substr);
while (length($hash) % 4)
{
$hash .= '=';
}
if ($_[2] eq "")
{
$_[2] = " ${tagname}-src 'unsafe-inline'${extra}";
}
$_[2] .= " 'sha256-${hash}'";
$data = substr($data, $lastIndex);
}
if ($tagname eq "script")
{
$_[2] .= " www.googletagmanager.com";
}
if ($_[2] ne "")
{
$_[2] .= ";";
}
close $fh;
}