Hi, I am working on a new extension which goal is to detect some well known browser-based attacks. You can find more informations about this project here: http://blues.ath.cx/firekeeper
First important problem I'm trying to solve is how to intercept HTTP responses body. I created a code that replaces Mozilla HTTP protocol handler with my version of it. It is available here: http://blues.ath.cx/firekeeper/resources/http_tracer.html This new version passes all calls to the original handler but first, it is able to examine these calls. In this way it traces creation of HTTP channel and finally it captures a data transfered through this channel. This solution has following drawbacks: 1) I had to implement every call that HTTP protocol handler and HTTP channel implements. Implementation of most calls is just a single line that passes call to the original handler. Besides being long and ugly, there can also be problems with portability of this solution between different versions of Firefox. I had to implement some unfrozen interfaces that may change in a future. 2) This solution does not work with sites that are using Java Script XMLHttpRequest object to send requests to a server. I think that this problem is caused by some security policy that allows Java Script from a site to access original HTTP protocol handler but there is no policy that allows access to my version of it. Is there any way around it? Is there any better solution for this problem? I look forward to your help, any comments regarding project in general, not necessarily related to this problem are also very welcome. Best regards, Jan Wrobel _______________________________________________ dev-tech-network mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-network
