Performance & Improvements

SmuggleShield/background.js

@@ -209,124 +209,6 @@ const memoizedAnalyzeURL = memoize((url) => {
   return {isSuspicious, timestamp: Date.now()};
 }, (url) => url);
 
-class ContentAnalyzer {
-  constructor(config) {
-    this.config = config;
-    this.analysisQueue = new Set();
-    this.isProcessing = false;
-    this.lastAnalysis = 0;
-    this.minAnalysisInterval = 300; 
-  }
-
-  queueForAnalysis(element) {
-    this.analysisQueue.add(element);
-    this.scheduleProcessing();
-  }
-
-  scheduleProcessing() {
-    if (this.isProcessing) return;
-
-    const timeSinceLastAnalysis = Date.now() - this.lastAnalysis;
-    const delay = Math.max(0, this.minAnalysisInterval - timeSinceLastAnalysis);
-
-    setTimeout(() => this.processQueue(), delay);
-  }
-
-  async processQueue() {
-    if (this.isProcessing || this.analysisQueue.size === 0) return;
-
-    this.isProcessing = true;
-    this.lastAnalysis = Date.now();
-
-    try {
-      const elements = Array.from(this.analysisQueue);
-      this.analysisQueue.clear();
-
-      for (const element of elements) {
-        if (element.isConnected) {
-          await this.analyzeElement(element);
-        }
-      }
-    } catch (error) {
-      console.error('Analysis error:', error);
-    } finally {
-      this.isProcessing = false;
-
-      if (this.analysisQueue.size > 0) {
-        this.scheduleProcessing();
-      }
-    }
-  }
-
-  async analyzeElement(element) {
-    if (element.textContent.length < 50) return;
-
-    const htmlContent = element.outerHTML;
-    const cacheKey = this.getCacheKey(htmlContent);
-
-    const cachedResult = urlCache.get(cacheKey);
-    if (cachedResult) {
-      if (cachedResult.isSuspicious) {
-        this.handleSuspiciousContent(element, cachedResult.patterns);
-      }
-      return;
-    }
-
-    const result = await this.analyzeContent(htmlContent);
-    urlCache.set(cacheKey, result);
-
-    if (result.isSuspicious) {
-      this.handleSuspiciousContent(element, result.patterns);
-    }
-  }
-
-  getCacheKey(content) {
-    let hash = 0;
-    for (let i = 0; i < content.length; i++) {
-      hash = ((hash << 5) - hash) + content.charCodeAt(i);
-      hash = hash & hash;
-    }
-    return `${hash}_${content.length}`;
-  }
-
-  async analyzeContent(content) {
-    const patterns = [];
-    let score = 0;
-
-    for (const pattern of this.config.suspiciousPatterns) {
-      if (pattern.test(content)) {
-        patterns.push(pattern.source);
-        score += pattern.weight || 1;
-
-        if (score >= this.config.blockThreshold) {
-          break;
-        }
-      }
-    }
-
-    return {
-      isSuspicious: score >= this.config.blockThreshold,
-      patterns,
-      timestamp: Date.now()
-    };
-  }
-
-  handleSuspiciousContent(element, patterns) {
-    chrome.runtime.sendMessage({
-      action: "logWarning",
-      message: `Suspicious content detected`,
-      patterns: patterns,
-      url: window.location.href
-    });
-
-    if (element.parentNode) {
-      element.parentNode.removeChild(element);
-    }
-  }
-}
-
-const contentAnalyzer = new ContentAnalyzer(config);
-
 function setupObserver() {
   const observer = new MutationObserver((mutations) => {
     for (const mutation of mutations) {

SmuggleShield/content.js

@@ -226,15 +226,156 @@ class HTMLSmugglingBlocker {
 
   setupObserver() {
     const observer = new MutationObserver((mutations) => {
-      if (mutations.some(mutation => mutation.addedNodes.length > 0)) {
-        this.analyzeContent();
+      if (this.isUrlWhitelisted) {
+        return;
+      }
+
+      let shouldAnalyze = false;
+      const nodesToAnalyze = [];
+
+      for (const mutation of mutations) {
+        if (mutation.addedNodes.length > 0) {
+          for (const node of mutation.addedNodes) {
+            if (node instanceof HTMLElement) {
+              nodesToAnalyze.push(node);
+              shouldAnalyze = true;
+            }
+          }
+        }
+
+        if (mutation.type === 'attributes' && 
+            ['src', 'href', 'download', 'data-*'].some(attr => 
+              mutation.attributeName === attr || 
+              mutation.attributeName?.startsWith('data-'))) {
+          if (mutation.target instanceof HTMLElement) {
+            nodesToAnalyze.push(mutation.target);
+            shouldAnalyze = true;
+          }
+        }
+      }
+
+      if (shouldAnalyze) {
+        this.analyzeNodes(nodesToAnalyze);
       }
     });
 
     observer.observe(document.documentElement, {
       childList: true,
-      subtree: true
+      subtree: true,
+      attributes: true,
+      attributeFilter: ['src', 'href', 'download', 'data-*']
     });
+
+    if (!this.isUrlWhitelisted) {
+      this.analyzeContent();
+    }
+  }
+
+  analyzeNodes(nodes) {
+    if (this.isUrlWhitelisted || nodes.length === 0) {
+      return;
+    }
+
+    for (const node of nodes) {
+      if (node.textContent && node.textContent.length < 50) {
+        continue;
+      }
+
+      const htmlContent = node.outerHTML;
+
+      const cacheKey = this.getCacheKey(htmlContent);
+      const cachedResult = this.cache.get(cacheKey);
+
+      if (cachedResult) {
+        this.metrics.cacheHits++;
+        if (cachedResult.score >= this.threshold) {
+          this.handleSuspiciousNode(node, cachedResult.detectedPatterns);
+        }
+        continue;
+      }
+
+      this.metrics.cacheMisses++;
+
+      const patternResult = this.analyzeWithPatterns(htmlContent);
+      let mlResult = null;
+
+      if (htmlContent.length > 1000 || patternResult.score > 1) {
+        mlResult = this.mlEnabled ? mlDetector.detect(htmlContent) : null;
+      }
+
+      const isSuspicious = patternResult.isSuspicious || (mlResult?.isSmuggling || false);
+
+      if (isSuspicious) {
+        this.handleSuspiciousNode(node, patternResult.detectedPatterns);
+
+        setTimeout(() => {
+          if (this.blocked) {
+            mlDetector.learn(htmlContent, true);
+          }
+        }, this.feedbackDelay);
+      } else {
+
+        if (htmlContent.length > 1000) {
+          mlDetector.learn(htmlContent, false);
+        }
+      }
+    }
+  }
+
+  handleSuspiciousNode(node, detectedPatterns) {
+    if (this.isUrlWhitelisted) {
+      return;
+    }
+
+    if (node.tagName === 'SCRIPT' && !node.src) {
+
+      if (this.isSuspiciousScript(node.textContent)) {
+        this.removeElement(node);
+        this.blocked = true;
+      }
+    } else if (node.tagName === 'A' && node.hasAttribute('download') && 
+              (node.href.startsWith('data:') || node.href.startsWith('blob:'))) {
+
+      this.removeElement(node);
+      this.blocked = true;
+    } else if (node.tagName === 'EMBED') {
+
+      this.removeElement(node);
+      this.blocked = true;
+    } else if (node.tagName === 'SVG' && node.querySelector('script')) {
+
+      const scripts = node.querySelectorAll('script');
+      scripts.forEach(script => this.removeElement(script));
+      this.blocked = true;
+    } else {
+
+      const suspiciousElements = node.querySelectorAll(
+        'a[download][href^="data:"], a[download][href^="blob:"], embed, svg script'
+      );
+      if (suspiciousElements.length > 0) {
+        suspiciousElements.forEach(el => this.removeElement(el));
+        this.blocked = true;
+      }
+
+
+      const inlineScripts = node.querySelectorAll('script:not([src])');
+      inlineScripts.forEach(script => {
+        if (this.isSuspiciousScript(script.textContent)) {
+          this.removeElement(script);
+          this.blocked = true;
+        }
+      });
+    }
+
+    if (this.blocked) {
+      this.logWarning(
+        1,
+        0,
+        0,
+        0,
+        detectedPatterns
+      );
+    }
   }
 
   async analyzeContent() {
@@ -325,33 +466,69 @@ class HTMLSmugglingBlocker {
     let score = 0;
     const detectedPatterns = [];
 
-    const weights = Object.keys(this.patternsByWeight).sort((a, b) => b - a);
+    if (content.length < 50) {
+      return {
+        isSuspicious: false,
+        detectedPatterns: [],
+        score: 0
+      };
+    }
 
-    let shouldTerminate = false;
-
-    for (const weight of weights) {
-      if (shouldTerminate || score >= this.threshold) {
-        break;
+    const quickCheck = /blob|atob|download|base64|arraybuffer|uint8array|createobjecturl|fromcharcode/i;
+    if (!quickCheck.test(content)) {
+      return {
+        isSuspicious: false,
+        detectedPatterns: [],
+        score: 0
+      };
+    }
+
+    const highWeightPatterns = Object.keys(this.patternsByWeight)
+      .filter(weight => parseInt(weight) >= 3)
+      .flatMap(weight => this.patternsByWeight[weight]);
+
+    for (const {pattern, weight} of highWeightPatterns) {
+      if (pattern.test(content)) {
+        score += weight;
+        detectedPatterns.push(pattern.toString());
+        this.metrics.matchCount++;
+
+        if (score >= this.threshold) {
+          return {
+            isSuspicious: true,
+            detectedPatterns,
+            score
+          };
+        }
       }
-
-      const patterns = this.patternsByWeight[weight];
-      for (const {pattern, weight: patternWeight} of patterns) {
+    }
+
+    if (score >= this.threshold - 2) {
+      const lowWeightPatterns = Object.keys(this.patternsByWeight)
+        .filter(weight => parseInt(weight) < 3)
+        .flatMap(weight => this.patternsByWeight[weight]);
+
+      for (const {pattern, weight} of lowWeightPatterns) {
         if (pattern.test(content)) {
-          score += patternWeight;
+          score += weight;
           detectedPatterns.push(pattern.toString());
           this.metrics.matchCount++;
 
           if (score >= this.threshold) {
-            shouldTerminate = true;
-            break;
+            return {
+              isSuspicious: true,
+              detectedPatterns,
+              score
+            };
           }
         }
       }
     }
 
     return {
       isSuspicious: score >= this.threshold,
-      detectedPatterns
+      detectedPatterns,
+      score
     };
   }