Jonathan Hodgson
4 years ago
parent
3f265a3c25
commit
3e59d66cd7
2 changed files with 131 additions and 0 deletions
@ -0,0 +1,68 @@ |
||||
#!/usr/bin/env bash |
||||
|
||||
if [ "$1" = "-h" ] || [ "$1" = "--help" ]; then |
||||
cat << 'EOF' |
||||
Usage: clickjacking url |
||||
|
||||
Will return a dataurl to open in a browser |
||||
EOF |
||||
exit 0 |
||||
fi |
||||
|
||||
die(){ |
||||
echo "$@" |
||||
exit 1 |
||||
} |
||||
|
||||
# Url of site to put in iframe |
||||
url="$1" |
||||
|
||||
# If no argument is given, get stdin |
||||
[ -z "$url" ] && url="$(cat -)" |
||||
|
||||
# If still no url, bail |
||||
[ -z "$url" ] && die "You need to provide a url" |
||||
|
||||
source=" |
||||
<!DOCTYPE html> |
||||
<html> |
||||
<head> |
||||
<meta charset='UTF-8' /> |
||||
<meta name='viewport' content='width=device-width' /> |
||||
<title>Clickjacking example</title> |
||||
<style type='text/css' media='screen'> |
||||
body{ |
||||
width: 100vw; |
||||
height: 100vh; |
||||
border: 2px solid black; |
||||
margin: 0; |
||||
} |
||||
|
||||
* { |
||||
scrollbar-width: none; |
||||
box-sizing: border-box; |
||||
} |
||||
|
||||
iframe{ |
||||
border: 3px solid black; |
||||
width: 80%; |
||||
height: 80%; |
||||
margin: 20px auto; |
||||
display: block; |
||||
} |
||||
h1, p{ |
||||
text-align: center; |
||||
} |
||||
</style> |
||||
</head> |
||||
<body> |
||||
<h1>Clickjacking example</h1> |
||||
<iframe src='$url'> |
||||
</iframe> |
||||
<p>If content is rendered above, the site is vulnerable to clickjacking</p> |
||||
</body> |
||||
</html> |
||||
" |
||||
|
||||
|
||||
echo "data:text/html;base64,$(echo "$source" | base64 -w 0)" |
||||
@ -0,0 +1,63 @@ |
||||
" Reset |
||||
" This resets all default settings |
||||
sanitize tridactyllocal tridactylsync |
||||
|
||||
""""""""""""""""""""" |
||||
" General Options " |
||||
""""""""""""""""""""" |
||||
colours dark |
||||
|
||||
set newtab about:blank |
||||
set browser firefox-developer-edition |
||||
set allowautofocus false |
||||
set editorcmd /usr/bin/st -e vim |
||||
|
||||
"""""""""""" |
||||
" Search " |
||||
"""""""""""" |
||||
|
||||
" Remove old search urls |
||||
jsb Object.keys(tri.config.get("searchurls")).reduce((prev, u) => prev.then(_ => tri.config.set("searchurls", u, null)), Promise.resolve()) |
||||
|
||||
set searchengine ddg |
||||
|
||||
set searchurls.alternativeto https://alternativeto.net/browse/search/?q=%s |
||||
set searchurls.ebay https://www.ebay.co.uk/sch/i.html?_nkw=%s |
||||
set searchurls.ddg https://duckduckgo.co.uk/?q=%s |
||||
set searchurls.aur https://aur.archlinux.org/packages/?O=0&K=%s |
||||
set searchurls.aw https://wiki.archlinux.org/?search=%s |
||||
set searchurls.gh https://github.com/search?q=%s |
||||
|
||||
"""""""""""""" |
||||
" Commands " |
||||
"""""""""""""" |
||||
|
||||
command withUrl composite get_current_url | |
||||
command openvid withUrl !s open-youtube |
||||
command openvidLink composite hint -pipe a[href]:not([display="none"]):not([href=""]) href | !s open-youtube |
||||
command testclickjacking withUrl !s $HOME/.config/tridactyl/scripts/clickjacking | nativeopen |
||||
|
||||
|
||||
|
||||
""""""""""" |
||||
" Binds " |
||||
""""""""""" |
||||
" |
||||
" Ctrl-F should use the browser's native 'find' functionality. |
||||
unbind <C-f> |
||||
|
||||
bind / fillcmdline find |
||||
bind ? fillcmdline find -? |
||||
bind n findnext 1 |
||||
bind N findnext -1 |
||||
|
||||
bind ; fillcmdline_notrail |
||||
|
||||
bind <space>y openvid |
||||
bind <space>Y openvidLink |
||||
|
||||
" Url Specific |
||||
bindurl ^https://duckduckgo.com f hint -Jc [class=result__a] |
||||
bindurl ^https://duckduckgo.com F hint -Jbc [class=result__a] |
||||
|
||||
|
||||
Loading…
Reference in new issue