@dynamicu/chromedebug-mcp 2.2.0

package/src/firebase-privacy-guard.js

@@ -0,0 +1,397 @@
+/**
+ * Firebase Privacy Guard
+ *
+ * CRITICAL SECURITY MODULE - Prevents sensitive recording data from being sent to Firebase
+ *
+ * This module acts as a gatekeeper to ensure that ONLY licensing-related data
+ * is transmitted to Firebase. Any attempt to send recording data will be blocked
+ * and logged as a security violation.
+ *
+ * STRICT PRIVACY RULES:
+ * 1. Only whitelisted fields are allowed through
+ * 2. Any forbidden field triggers immediate rejection
+ * 3. All violations are logged for audit
+ * 4. No recording, frame, DOM, or network data ever leaves the local system
+ */
+
+/**
+ * Whitelist of allowed fields for Firebase transmission
+ * ONLY these fields are permitted in any Firebase operation
+ */
+const ALLOWED_FIELDS = new Set([
+  // User identification
+  'userId',
+  'email',
+  'displayName',
+
+  // License data
+  'licenseKey',
+  'tier',
+  'status',
+  'expiresAt',
+  'createdAt',
+  'updatedAt',
+
+  // Instance tracking (for anti-sharing)
+  'instanceId',
+  'deviceName',
+  'platform',
+  'lastSeen',
+
+  // Usage metrics (counts only, no content)
+  'count',
+  'timestamp',
+  'date',
+  'usageCount',
+  'dailyUsage',
+
+  // Metadata (generic container fields)
+  'id',
+  'type',
+  'version',
+  'metadata'
+]);
+
+/**
+ * Forbidden fields that indicate recording/sensitive data
+ * NEVER allowed in Firebase operations
+ */
+const FORBIDDEN_FIELDS = new Set([
+  // Recording data
+  'recordings',
+  'frames',
+  'frameData',
+  'imageData',
+  'screenshot',
+  'video',
+
+  // Console and logs
+  'consoleLogs',
+  'logs',
+  'errorLogs',
+  'debugLogs',
+
+  // DOM and page content
+  'domSnapshots',
+  'dom',
+  'html',
+  'content',
+  'pageContent',
+  'domMutations',
+
+  // Network data
+  'networkRequests',
+  'requests',
+  'responses',
+  'headers',
+  'body',
+  'payload',
+
+  // Browser state
+  'cookies',
+  'localStorage',
+  'sessionStorage',
+  'storage',
+
+  // User interactions
+  'interactions',
+  'clicks',
+  'inputs',
+  'keystrokes',
+
+  // Code and execution
+  'code',
+  'script',
+  'function',
+  'execution',
+  'trace',
+  'stack',
+
+  // Sensitive metadata
+  'url',
+  'path',
+  'query',
+  'params'
+]);
+
+/**
+ * Privacy violation tracker
+ */
+class PrivacyViolationLogger {
+  constructor() {
+    this.violations = [];
+  }
+
+  log(violation) {
+    const entry = {
+      timestamp: new Date().toISOString(),
+      ...violation
+    };
+    this.violations.push(entry);
+    console.error('[PRIVACY VIOLATION]', JSON.stringify(entry, null, 2));
+  }
+
+  getViolations() {
+    return this.violations;
+  }
+
+  clear() {
+    this.violations = [];
+  }
+}
+
+const violationLogger = new PrivacyViolationLogger();
+
+/**
+ * Firebase Privacy Guard Class
+ */
+export class FirebasePrivacyGuard {
+  /**
+   * Sanitize data before Firebase transmission
+   * Removes any non-whitelisted fields and validates against forbidden fields
+   *
+   * @param {Object} data - Data to sanitize
+   * @param {string} context - Context of the operation (for logging)
+   * @returns {Object} - Sanitized data with only allowed fields
+   * @throws {Error} - If forbidden fields are detected
+   */
+  static sanitize(data, context = 'unknown') {
+    if (!data || typeof data !== 'object') {
+      return data;
+    }
+
+    // Handle arrays
+    if (Array.isArray(data)) {
+      return data.map(item => this.sanitize(item, context));
+    }
+
+    const sanitized = {};
+    const violations = [];
+
+    // First pass: check for forbidden fields anywhere in the tree
+    const checkForbidden = (obj, path = '') => {
+      for (const [key, value] of Object.entries(obj)) {
+        const fullPath = path ? `${path}.${key}` : key;
+
+        if (FORBIDDEN_FIELDS.has(key)) {
+          violations.push({
+            field: fullPath,
+            type: 'FORBIDDEN_FIELD',
+            context,
+            severity: 'CRITICAL'
+          });
+        }
+
+        // Check nested objects
+        if (value && typeof value === 'object' && !Array.isArray(value)) {
+          checkForbidden(value, fullPath);
+        }
+
+        // Check arrays
+        if (Array.isArray(value)) {
+          value.forEach((item, index) => {
+            if (item && typeof item === 'object') {
+              checkForbidden(item, `${fullPath}[${index}]`);
+            }
+          });
+        }
+      }
+    };
+
+    checkForbidden(data);
+
+    // If forbidden fields found, throw immediately
+    const criticalViolations = violations.filter(v => v.severity === 'CRITICAL');
+    if (criticalViolations.length > 0) {
+      violationLogger.log({
+        operation: 'sanitize',
+        context,
+        violations,
+        originalFields: Object.keys(data),
+        sanitizedFields: []
+      });
+
+      throw new Error(
+        `Privacy violation: Forbidden fields detected in Firebase operation: ${
+          criticalViolations.map(v => v.field).join(', ')
+        }`
+      );
+    }
+
+    // Second pass: build sanitized object with only allowed fields
+    for (const [key, value] of Object.entries(data)) {
+      // Only include whitelisted fields
+      if (ALLOWED_FIELDS.has(key)) {
+        // Recursively sanitize nested objects
+        if (value && typeof value === 'object') {
+          sanitized[key] = this.sanitize(value, `${context}.${key}`);
+        } else {
+          sanitized[key] = value;
+        }
+      } else {
+        // Non-whitelisted field (not forbidden, just unknown)
+        violations.push({
+          field: key,
+          type: 'NON_WHITELISTED',
+          context,
+          severity: 'WARNING'
+        });
+      }
+    }
+
+    // Log violations
+    if (violations.length > 0) {
+      violationLogger.log({
+        operation: 'sanitize',
+        context,
+        violations,
+        originalFields: Object.keys(data),
+        sanitizedFields: Object.keys(sanitized)
+      });
+
+      // Throw error if critical violations detected
+      const criticalViolations = violations.filter(v => v.severity === 'CRITICAL');
+      if (criticalViolations.length > 0) {
+        throw new Error(
+          `Privacy violation: Forbidden fields detected in Firebase operation: ${
+            criticalViolations.map(v => v.field).join(', ')
+          }`
+        );
+      }
+    }
+
+    return sanitized;
+  }
+
+  /**
+   * Validate data before Firebase transmission
+   * Does NOT modify data, only validates
+   *
+   * @param {Object} data - Data to validate
+   * @param {string} context - Context of the operation
+   * @returns {Object} - Validation result
+   */
+  static validate(data, context = 'unknown') {
+    if (!data || typeof data !== 'object') {
+      return { valid: true, violations: [] };
+    }
+
+    const violations = [];
+    const checkObject = (obj, path = '') => {
+      for (const [key, value] of Object.entries(obj)) {
+        const fullPath = path ? `${path}.${key}` : key;
+
+        // Check for forbidden fields
+        if (FORBIDDEN_FIELDS.has(key)) {
+          violations.push({
+            field: fullPath,
+            type: 'FORBIDDEN_FIELD',
+            severity: 'CRITICAL'
+          });
+        }
+
+        // Check nested objects
+        if (value && typeof value === 'object' && !Array.isArray(value)) {
+          checkObject(value, fullPath);
+        }
+
+        // Check arrays
+        if (Array.isArray(value)) {
+          value.forEach((item, index) => {
+            if (item && typeof item === 'object') {
+              checkObject(item, `${fullPath}[${index}]`);
+            }
+          });
+        }
+      }
+    };
+
+    checkObject(data);
+
+    if (violations.length > 0) {
+      violationLogger.log({
+        operation: 'validate',
+        context,
+        violations
+      });
+    }
+
+    return {
+      valid: violations.filter(v => v.severity === 'CRITICAL').length === 0,
+      violations,
+      hasCriticalViolations: violations.some(v => v.severity === 'CRITICAL'),
+      hasWarnings: violations.some(v => v.severity === 'WARNING')
+    };
+  }
+
+  /**
+   * Assert that data is safe for Firebase
+   * Throws error if validation fails
+   *
+   * @param {Object} data - Data to check
+   * @param {string} context - Context of the operation
+   */
+  static assertSafe(data, context = 'unknown') {
+    const validation = this.validate(data, context);
+
+    if (!validation.valid) {
+      const criticalFields = validation.violations
+        .filter(v => v.severity === 'CRITICAL')
+        .map(v => v.field)
+        .join(', ');
+
+      throw new Error(
+        `Firebase Privacy Guard: Forbidden data detected in ${context}. ` +
+        `Attempted to send: ${criticalFields}. ` +
+        `This operation has been blocked for security.`
+      );
+    }
+
+    return true;
+  }
+
+  /**
+   * Get privacy violation history
+   */
+  static getViolations() {
+    return violationLogger.getViolations();
+  }
+
+  /**
+   * Clear violation history (for testing)
+   */
+  static clearViolations() {
+    violationLogger.clear();
+  }
+
+  /**
+   * Check if a field is allowed
+   */
+  static isAllowedField(fieldName) {
+    return ALLOWED_FIELDS.has(fieldName);
+  }
+
+  /**
+   * Check if a field is forbidden
+   */
+  static isForbiddenField(fieldName) {
+    return FORBIDDEN_FIELDS.has(fieldName);
+  }
+
+  /**
+   * Get list of allowed fields
+   */
+  static getAllowedFields() {
+    return Array.from(ALLOWED_FIELDS);
+  }
+
+  /**
+   * Get list of forbidden fields
+   */
+  static getForbiddenFields() {
+    return Array.from(FORBIDDEN_FIELDS);
+  }
+}
+
+// Export for testing
+export { ALLOWED_FIELDS, FORBIDDEN_FIELDS, violationLogger };