file-leak/popup/js/background.js

// function to scan the url the tab is on for hidden files

async function onTabUpdate(tabId, changeInfo, tab) {
  if (changeInfo.status !== "complete") return;

  const url = new URL(tab.url);
  const hostname = url.hostname;

  const stored = await browser.storage.local.get("entries");
  const existingEntries = stored.entries || [];

  const alreadyDone = existingEntries.some(e => e.domainField === hostname);
  if (alreadyDone) return;

  async function tryFetch(pathname) {
    const target = url.origin + pathname;
    let response;
    try {
      response = await fetch(target, { redirect: "manual" });
    } catch {
      return null;
    }
    return response.status === 200 ? target : null;
  }

  const results = {
    env: await tryFetch("/.env"),
    git: await tryFetch("/.git"),
    dsstore: await tryFetch("/.DS_Store"),
    config: await tryFetch("/.config"),
    svn: await tryFetch("/.svn"),
    npm: await tryFetch("/.npm"),
    hg: await tryFetch("/.hg"),
    docker: await tryFetch("/.docker"),
  };

  const newEntries = [...existingEntries];

  for (const [key, foundPath] of Object.entries(results)) {
    if (!foundPath) continue;

    const entry = {
      domainField: hostname,
      pathField: foundPath,
      type: key
    };

    newEntries.push(entry);

  }

  await browser.storage.local.set({ entries: newEntries });

}

// Enable, Idsable automatic listener and the message listener for it

function enableListener() {
  if (!browser.tabs.onUpdated.hasListener(onTabUpdate)) {
    browser.tabs.onUpdated.addListener(onTabUpdate);
  }
}

function disableListener() {
  if (browser.tabs.onUpdated.hasListener(onTabUpdate)) {
    browser.tabs.onUpdated.removeListener(onTabUpdate);
  }
}

browser.runtime.onMessage.addListener((msg) => {
  if (msg.type === "toggleListener") {
    if (msg.enabled) enableListener();
    else disableListener();
  }
});

// Singe run, can be merged with onTabUpdate function

async function runSingleScan() {
  const tabs = await browser.tabs.query({ active: true, currentWindow: true });
  if (!tabs.length) return;
  const tab = tabs[0];
  const url = new URL(tab.url);
  const hostname = url.hostname;

  async function tryFetch(path) {
    const target = url.origin + path;
    let response;
    try {
      response = await fetch(target, { redirect: "manual" });
    } catch {
      return null;
    }
    return response.status === 200 ? target : null;
  }

  const results = {
    env: await tryFetch("/.env"),
    git: await tryFetch("/.git"),
    dsstore: await tryFetch("/.DS_Store"),
    config: await tryFetch("/.config"),
    svn: await tryFetch("/.svn"),
    npm: await tryFetch("/.npm"),
    hg: await tryFetch("/.hg"),
    docker: await tryFetch("/.docker"),
  };

  const stored = await browser.storage.local.get("entries");
  const entries = stored.entries || [];

  for (const [key, foundPath] of Object.entries(results)) {
    if (!foundPath) continue;

    entries.push({
      domainField: hostname,
      pathField: foundPath,
      type: key
    });

  }

  await browser.storage.local.set({ entries });
}

browser.runtime.onMessage.addListener((msg) => {
  if (msg.type === "runOnce") {
    runSingleScan();
  }
});