forked from dimdenGD/OldTwitter
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsandbox.html
More file actions
150 lines (139 loc) · 7.42 KB
/
sandbox.html
File metadata and controls
150 lines (139 loc) · 7.42 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Sandbox</title>
<meta name="twitter-site-verification" content="loading" />
</head>
<body>
<div id="anims"></div>
<script>
function sleep(ms) {
return new Promise(resolve => setTimeout(resolve, ms));
}
let initError = false, solver;
window.addEventListener('message', async function (event) {
if (event.origin !== 'https://twitter.com' && event.origin !== 'https://x.com') {
return;
}
let data = event.data;
if (data.action === 'init') {
try {
window.__SCRIPTS_LOADED__ = {
runtime: true
};
const [vendorData, challengeData] = await Promise.all([
fetch(`https://abs.twimg.com/responsive-web/client-web/vendor.${data.vendorCode}.js`).then(res => res.text()),
fetch(`https://abs.twimg.com/responsive-web/client-web/ondemand.s.${data.challengeCode}a.js`).then(res => res.text())
]);
eval(vendorData);
let animsDiv = document.getElementById('anims');
for (let anim of data.anims) {
animsDiv.innerHTML += `\n${anim}`;
}
let verif = document.querySelector('meta[name="twitter-site-verification"]');
verif.content = data.verificationCode;
let headerRegex = /(\d+):(.+)=>.+default:\(\)=>(\w)}\);/;
let headerMatch = challengeData.match(headerRegex);
if (!headerMatch) {
console.error('Uh oh, header not found!! Report to https://github.com/dimdenGD/OldTwitter/issues');
event.source.postMessage({ action: 'initError', error: `Header not found at ${data.challengeCode} (${String(challengeData).slice(0, 500)}...)` }, event.origin);
initError = true;
return;
}
// TO EXTENSION REVIEWERS (mostly Mozilla):
// This script is part of Twitter's security challenge, before mindlessly rejecting extension actually review what code does please! It's in sandbox for a reason.
// It only ever executes code from trusted Twitter domain, abs.twimg.com (specifically their script that generates security headers)
// It's impossible to have it contained in extension itself, since it's generated dynamically
// you can see where script is loaded in scripts/twchallenge.js
// it also can't use any extension APIs, since it's contained in object url iframe
const patchedChallengeData = challengeData
.replace(headerRegex, '$1:$2=>{window._CHALLENGE=()=>$3;');
eval(patchedChallengeData);
let id = headerMatch[1];
// 1) Collect all module factories that have already been pushed
const chunks = self.webpackChunk_twitter_responsive_web || [];
const registry = {};
for (const payload of chunks) {
// Each payload looks like: [chunkIds, moreModules, runtime]
// where moreModules is an object: { [moduleId]: factory }
if (payload && payload[1]) Object.assign(registry, payload[1]);
}
// 2) A minimal __webpack_require__ with a cache and a few helpers
const cache = {};
function wreq(id) {
if (cache[id]) return cache[id].exports;
const factory = registry[id];
if (!factory) throw new Error("No module with id " + id);
const module = { id, loaded: false, exports: {} };
cache[id] = module;
// Minimal helpers used by many bundles
wreq.d = (exports, definition) => {
for (const key in definition) {
Object.defineProperty(exports, key, { enumerable: true, get: definition[key] });
}
};
wreq.r = (exports) => {
if (typeof Symbol !== "undefined" && Symbol.toStringTag) {
Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
}
Object.defineProperty(exports, "__esModule", { value: true });
};
wreq.n = (mod) => {
const getter = mod && mod.__esModule ? () => mod.default : () => mod;
wreq.d(getter, { a: getter });
return getter;
};
wreq.o = (obj, prop) => Object.prototype.hasOwnProperty.call(obj, prop);
// 3) Execute the module factory: (module, exports, __webpack_require__)
factory(module, module.exports, wreq);
module.loaded = true;
return module.exports;
}
webpackChunk_twitter_responsive_web[1][1][id](chunks, cache, wreq);
solver = window._CHALLENGE()();
event.source.postMessage({ action: 'ready' }, event.origin);
} catch (e) {
console.error(e);
event.source.postMessage({ action: 'initError', error: String(e) }, event.origin);
initError = true;
}
} else if (data.action === 'solve') {
if (initError) {
console.error('Initialization error');
event.source.postMessage({ action: 'error', error: 'Initialization error', id: data.id }, event.origin);
return;
}
if (!solver) {
await sleep(50);
if (!solver) {
await sleep(100);
}
if (!solver) {
await sleep(500);
}
if (!solver) {
await sleep(1000);
}
if (!solver) {
await sleep(2500);
}
if (initError || !solver) {
console.error('Solver not initialized');
event.source.postMessage({ action: 'error', error: 'Solver timed out', id: data.id }, event.origin);
return;
}
}
try {
let result = await solver(data.path, data.method);
event.source.postMessage({ action: 'solved', result, id: data.id }, event.origin);
} catch (e) {
console.error('Solver error:', e);
event.source.postMessage({ action: 'error', error: `${e.message}\n${e.stack}`, id: data.id }, event.origin);
}
}
});
</script>
</body>
</html>