@gxp-dev/tools 2.0.6 → 2.0.7

package/browser-extensions/chrome/test-mixed-content.html

@@ -0,0 +1,190 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Mixed Content Proxy Test</title>
+    <style>
+        body { font-family: Arial, sans-serif; padding: 20px; max-width: 800px; }
+        .test-section { margin: 20px 0; padding: 20px; border: 2px solid #ddd; border-radius: 8px; }
+        .error { border-color: #dc3545; background: #fff5f5; }
+        .success { border-color: #28a745; background: #f8fff8; }
+        .warning { border-color: #ffc107; background: #fffbf0; }
+        .info { border-color: #17a2b8; background: #f0f9ff; }
+        .code { background: #e9ecef; padding: 8px; font-family: monospace; margin: 8px 0; word-break: break-all; }
+        .results { background: #f5f5f5; padding: 10px; margin: 10px 0; border-radius: 4px; max-height: 300px; overflow-y: auto; }
+        button { padding: 10px 15px; margin: 5px; cursor: pointer; background: #007bff; color: white; border: none; border-radius: 4px; }
+        .status-indicator { display: inline-block; width: 12px; height: 12px; border-radius: 50%; margin-right: 8px; }
+        .blocked { background: #dc3545; }
+        .allowed { background: #28a745; }
+        .warning-icon { background: #ffc107; }
+    </style>
+</head>
+<body>
+    <h1>🔒 Mixed Content Proxy Test</h1>
+    
+    <div class="test-section info">
+        <h2>🌐 Current Page Security</h2>
+        <div id="pageInfo"></div>
+        <div class="code" id="currentUrl"></div>
+    </div>
+
+    <div class="test-section warning">
+        <h2>⚠️ Mixed Content Policy</h2>
+        <p><strong>Browser Security Rule:</strong> HTTPS pages cannot make requests to HTTP endpoints</p>
+        <ul>
+            <li><span class="status-indicator blocked"></span><strong>BLOCKED:</strong> HTTPS → HTTP (Subresources)</li>
+            <li><span class="status-indicator warning-icon"></span><strong>WARNING:</strong> HTTPS → HTTP (Navigation)</li>
+            <li><span class="status-indicator allowed"></span><strong>ALLOWED:</strong> HTTPS → HTTPS</li>
+            <li><span class="status-indicator allowed"></span><strong>ALLOWED:</strong> HTTP → HTTP</li>
+        </ul>
+    </div>
+
+    <div class="test-section">
+        <h2>🧪 Mixed Content Tests</h2>
+        <button onclick="testHttpsToHttp()">Test HTTPS → HTTP Fetch</button>
+        <button onclick="testHttpsToHttps()">Test HTTPS → HTTPS Fetch</button>
+        <button onclick="testImageLoad()">Test HTTP Image Load</button>
+        <button onclick="testScriptLoad()">Test HTTP Script Load</button>
+        <div id="testResults" class="results"></div>
+    </div>
+
+    <div class="test-section error">
+        <h2>❌ Common Scenarios That Fail</h2>
+        <div class="code">
+            # Page: https://example.com<br>
+            # Proxy rule: api.service.com → http://my-proxy.local:8080<br>
+            # Result: ❌ BLOCKED - Mixed content violation
+        </div>
+    </div>
+
+    <div class="test-section success">
+        <h2>✅ Working Solutions</h2>
+        <h3>Option 1: Use HTTPS for Proxy Target</h3>
+        <div class="code">
+            # Proxy rule: api.service.com → https://my-proxy.com<br>
+            # Result: ✅ WORKS - Both HTTPS
+        </div>
+        
+        <h3>Option 2: Setup HTTPS on Local Proxy</h3>
+        <div class="code">
+            # Use mkcert or similar to create local HTTPS<br>
+            # Proxy rule: api.service.com → https://localhost:8443<br>
+            # Result: ✅ WORKS - HTTPS to HTTPS
+        </div>
+
+        <h3>Option 3: Browser Flags (Development Only)</h3>
+        <div class="code">
+            # Chrome: --disable-web-security --disable-features=VizDisplayCompositor<br>
+            # Firefox: security.mixed_content.block_active_content = false<br>
+            # Result: ⚠️ WORKS but INSECURE
+        </div>
+    </div>
+
+    <div class="test-section info">
+        <h2>🔧 Extension Capabilities</h2>
+        <table style="width: 100%; border-collapse: collapse;">
+            <tr style="background: #f8f9fa;">
+                <th style="border: 1px solid #ddd; padding: 8px;">Request Type</th>
+                <th style="border: 1px solid #ddd; padding: 8px;">HTTPS → HTTP</th>
+                <th style="border: 1px solid #ddd; padding: 8px;">Extension Override</th>
+            </tr>
+            <tr>
+                <td style="border: 1px solid #ddd; padding: 8px;">Main Frame Navigation</td>
+                <td style="border: 1px solid #ddd; padding: 8px;">⚠️ Warning shown</td>
+                <td style="border: 1px solid #ddd; padding: 8px;">✅ Can redirect</td>
+            </tr>
+            <tr>
+                <td style="border: 1px solid #ddd; padding: 8px;">fetch() / XHR</td>
+                <td style="border: 1px solid #ddd; padding: 8px;">❌ Blocked</td>
+                <td style="border: 1px solid #ddd; padding: 8px;">❌ Still blocked</td>
+            </tr>
+            <tr>
+                <td style="border: 1px solid #ddd; padding: 8px;">Images / CSS</td>
+                <td style="border: 1px solid #ddd; padding: 8px;">❌ Blocked</td>
+                <td style="border: 1px solid #ddd; padding: 8px;">❌ Still blocked</td>
+            </tr>
+            <tr>
+                <td style="border: 1px solid #ddd; padding: 8px;">Scripts / Modules</td>
+                <td style="border: 1px solid #ddd; padding: 8px;">❌ Blocked</td>
+                <td style="border: 1px solid #ddd; padding: 8px;">❌ Still blocked</td>
+            </tr>
+        </table>
+    </div>
+
+    <script>
+        function log(message, type = 'info') {
+            const results = document.getElementById('testResults');
+            const timestamp = new Date().toLocaleTimeString();
+            const icon = type === 'error' ? '❌' : type === 'success' ? '✅' : type === 'warning' ? '⚠️' : 'ℹ️';
+            results.innerHTML += `<div>${timestamp} ${icon} ${message}</div>`;
+        }
+
+        function updatePageInfo() {
+            const protocol = window.location.protocol;
+            const isHttps = protocol === 'https:';
+            const pageInfo = document.getElementById('pageInfo');
+            const currentUrl = document.getElementById('currentUrl');
+            
+            pageInfo.innerHTML = `
+                <strong>Protocol:</strong> ${protocol} ${isHttps ? '🔒 Secure' : '🔓 Insecure'}<br>
+                <strong>Mixed Content Policy:</strong> ${isHttps ? '✅ Active' : '➖ Not applicable'}
+            `;
+            currentUrl.textContent = window.location.href;
+        }
+
+        async function testHttpsToHttp() {
+            log('Testing HTTPS page → HTTP endpoint...');
+            
+            try {
+                const response = await fetch('http://httpbin.org/get?test=mixed-content');
+                log(`✅ Request succeeded: ${response.status}`, 'success');
+            } catch (error) {
+                if (error.message.includes('mixed content')) {
+                    log(`❌ Mixed content blocked: ${error.message}`, 'error');
+                } else {
+                    log(`❌ Request failed: ${error.message}`, 'error');
+                }
+            }
+        }
+
+        async function testHttpsToHttps() {
+            log('Testing HTTPS page → HTTPS endpoint...');
+            
+            try {
+                const response = await fetch('https://httpbin.org/get?test=secure');
+                log(`✅ Request succeeded: ${response.status}`, 'success');
+            } catch (error) {
+                log(`❌ Request failed: ${error.message}`, 'error');
+            }
+        }
+
+        function testImageLoad() {
+            log('Testing HTTP image load...');
+            
+            const img = new Image();
+            img.onload = () => log('✅ HTTP image loaded successfully', 'success');
+            img.onerror = () => log('❌ HTTP image blocked by mixed content policy', 'error');
+            img.src = 'http://httpbin.org/image/png?test=image';
+        }
+
+        function testScriptLoad() {
+            log('Testing HTTP script load...');
+            
+            const script = document.createElement('script');
+            script.onload = () => log('✅ HTTP script loaded successfully', 'success');
+            script.onerror = () => log('❌ HTTP script blocked by mixed content policy', 'error');
+            script.src = 'http://httpbin.org/base64/Y29uc29sZS5sb2coJ0hUVFAgc2NyaXB0IGxvYWRlZCcpOw==';
+            document.head.appendChild(script);
+        }
+
+        // Initialize page
+        updatePageInfo();
+        
+        // Show initial warning if on HTTPS
+        if (window.location.protocol === 'https:') {
+            log('⚠️ This is an HTTPS page. HTTP requests will be blocked by mixed content policy.', 'warning');
+        } else {
+            log('ℹ️ This is an HTTP page. No mixed content restrictions apply.', 'info');
+        }
+    </script>
+</body>
+</html> 

package/browser-extensions/chrome/test-uri-pattern.html

@@ -0,0 +1,199 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>JavaScript Proxy URI Pattern Test</title>
+    <style>
+        body {
+            font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif;
+            max-width: 800px;
+            margin: 0 auto;
+            padding: 20px;
+            background: #f8f9fa;
+        }
+        .container {
+            background: white;
+            padding: 30px;
+            border-radius: 8px;
+            box-shadow: 0 2px 10px rgba(0,0,0,0.1);
+        }
+        h1 {
+            color: #333;
+            margin-bottom: 30px;
+        }
+        .test-section {
+            margin-bottom: 30px;
+            padding: 20px;
+            border: 1px solid #e9ecef;
+            border-radius: 6px;
+        }
+        .test-section h3 {
+            margin-top: 0;
+            color: #495057;
+        }
+        .url-test {
+            margin: 10px 0;
+            padding: 10px;
+            background: #f8f9fa;
+            border-left: 4px solid #007bff;
+            font-family: 'Monaco', 'Menlo', 'Ubuntu Mono', monospace;
+            font-size: 13px;
+            word-break: break-all;
+        }
+        .should-match {
+            border-left-color: #28a745;
+        }
+        .should-not-match {
+            border-left-color: #dc3545;
+        }
+        button {
+            background: #007bff;
+            color: white;
+            border: none;
+            padding: 10px 20px;
+            border-radius: 4px;
+            cursor: pointer;
+            margin: 5px;
+        }
+        button:hover {
+            background: #0056b3;
+        }
+        .status {
+            margin-top: 20px;
+            padding: 15px;
+            border-radius: 4px;
+            font-weight: bold;
+        }
+        .success {
+            background: #d4edda;
+            color: #155724;
+            border: 1px solid #c3e6cb;
+        }
+        .error {
+            background: #f8d7da;
+            color: #721c24;
+            border: 1px solid #f5c6cb;
+        }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <h1>JavaScript Proxy URI Pattern Test</h1>
+        
+        <div class="test-section">
+            <h3>Default Pattern</h3>
+            <p>Default pattern: <code>uploads\/plugin-version\/\d+\/file_name\/.*\.js(\?.*)?</code></p>
+            <p>This should match JavaScript files in the uploads/plugin-version/* path on any domain.</p>
+        </div>
+
+        <div class="test-section">
+            <h3>URLs That Should Match (Will Redirect)</h3>
+            
+            <div class="url-test should-match">
+                https://example.com/uploads/plugin-version/123/file_name/script.js
+            </div>
+            
+            <div class="url-test should-match">
+                https://westernightwall.zenith-develop.env.eventfinity.app/uploads/plugin-version/3/file_name/T9OvqS1727804478.js
+            </div>
+            
+            <div class="url-test should-match">
+                https://different-domain.com/uploads/plugin-version/456/file_name/myfile.js?signature=abc123&expires=789
+            </div>
+            
+            <div class="url-test should-match">
+                https://api.staging.example.org/uploads/plugin-version/999/file_name/component.js?token=xyz
+            </div>
+        </div>
+
+        <div class="test-section">
+            <h3>URLs That Should NOT Match (No Redirect)</h3>
+            
+            <div class="url-test should-not-match">
+                https://example.com/uploads/versions/123/file_name/script.js
+                <small>(different path: versions instead of plugin-version)</small>
+            </div>
+            
+            <div class="url-test should-not-match">
+                https://example.com/uploads/plugin-version/123/file_name/style.css
+                <small>(not a .js file)</small>
+            </div>
+            
+            <div class="url-test should-not-match">
+                https://example.com/other-path/plugin-version/123/file_name/script.js
+                <small>(wrong base path)</small>
+            </div>
+            
+            <div class="url-test should-not-match">
+                https://localhost:3060/src/Plugin.vue
+                <small>(localhost - prevent redirect loops)</small>
+            </div>
+        </div>
+
+        <div class="test-section">
+            <h3>Test Actions</h3>
+            <p>Click the buttons below to test loading JavaScript files:</p>
+            
+            <button onclick="testUrl('https://example.com/uploads/plugin-version/123/file_name/test.js')">
+                Test Matching URL
+            </button>
+            
+            <button onclick="testUrl('https://example.com/uploads/plugin-version/456/file_name/test.js?signed=true')">
+                Test Matching URL with Query
+            </button>
+            
+            <button onclick="testUrl('https://example.com/other-path/test.js')">
+                Test Non-Matching URL
+            </button>
+            
+            <div id="status"></div>
+        </div>
+
+        <div class="test-section">
+            <h3>Instructions</h3>
+            <ol>
+                <li>Install and enable the JavaScript Proxy extension</li>
+                <li>Configure it to redirect to your local development server</li>
+                <li>Open browser developer tools to see network requests</li>
+                <li>Click the test buttons above to see which URLs get redirected</li>
+                <li>URLs matching the pattern should redirect to your local server</li>
+                <li>URLs not matching should load normally (and probably fail)</li>
+            </ol>
+        </div>
+    </div>
+
+    <script>
+        function testUrl(url) {
+            const status = document.getElementById('status');
+            status.innerHTML = `<div class="status">Testing: ${url}</div>`;
+            
+            // Create a script element to test the URL
+            const script = document.createElement('script');
+            script.src = url;
+            
+            script.onload = function() {
+                status.innerHTML = `<div class="status success">✅ Successfully loaded: ${url}</div>`;
+            };
+            
+            script.onerror = function() {
+                status.innerHTML = `<div class="status error">❌ Failed to load: ${url}<br><small>This is expected for test URLs that don't exist</small></div>`;
+            };
+            
+            // Add to page to trigger the request
+            document.head.appendChild(script);
+            
+            // Remove after a short delay
+            setTimeout(() => {
+                if (script.parentNode) {
+                    script.parentNode.removeChild(script);
+                }
+            }, 5000);
+        }
+
+        // Log current page URL for reference
+        console.log('Test page URL:', window.location.href);
+        console.log('Use browser dev tools to monitor network requests and see proxy behavior');
+    </script>
+</body>
+</html> 

package/browser-extensions/firefox/README.md

@@ -0,0 +1,134 @@
+# Traffic Proxy Firefox Extension
+
+A Firefox extension that intercepts and redirects web traffic to alternative domains based on configurable regex patterns.
+
+## Features
+
+- 🔄 **Traffic Interception**: Intercepts fetch calls and XMLHttpRequests
+- 🎯 **Regex Pattern Matching**: Flexible domain matching using regular expressions
+- 🔴🟢 **Visual Toggle**: Red/green toolbar button indicating proxy status
+- ⚙️ **Settings Panel**: Easy-to-use interface for managing proxy rules
+- 🔔 **Notifications**: Real-time notifications when traffic is being proxied
+- 💾 **Persistent Storage**: Rules and settings are saved between browser sessions
+
+## Installation
+
+### Method 1: Temporary Installation (Development)
+
+1. Open Firefox and navigate to `about:debugging`
+2. Click "This Firefox" on the left sidebar
+3. Click "Load Temporary Add-on"
+4. Navigate to the extension folder and select `manifest.json`
+
+### Method 2: Creating an XPI Package
+
+1. Zip all extension files:
+   ```bash
+   zip -r traffic-proxy-extension.xpi manifest.json background.js content.js popup.html popup.js icons/
+   ```
+2. Install the XPI file through Firefox's Add-ons manager
+
+## Icon Setup
+
+The extension includes SVG icon files that need to be converted to PNG format:
+
+1. Open `icons/create_icons.html` in your browser
+2. Click the download buttons to get PNG files
+3. Save them in the `icons/` directory with the correct names
+
+Alternatively, use an online SVG to PNG converter for the files in `icons/`.
+
+## Usage
+
+### Enabling the Proxy
+
+1. Look for the Traffic Proxy button in your Firefox toolbar
+2. Click the button to open the settings panel
+3. Click the toggle button to enable/disable the proxy
+   - 🔴 Red = OFF
+   - 🟢 Green = ON
+
+### Adding Proxy Rules
+
+1. Open the extension settings panel
+2. Click "+ Add Rule"
+3. Enter a regex pattern for the domain to intercept (e.g., `api\.example\.com`)
+4. Enter the redirect domain (e.g., `api.alternative.com`)
+5. Click "Save Changes"
+
+### Example Rules
+
+| Pattern | Redirect To | Description |
+|---------|-------------|-------------|
+| `api\.example\.com` | `api.alternative.com` | Redirect all API calls from example.com to alternative.com |
+| `.*\.googleapis\.com` | `api.myproxy.com` | Redirect all Google API calls to your proxy server |
+| `cdn\.jsdelivr\.net` | `my-cdn.example.com` | Redirect CDN requests to your own server |
+
+## How It Works
+
+1. **Background Script**: Handles webRequest interception and manages extension state
+2. **Content Script**: Intercepts JavaScript fetch() and XMLHttpRequest calls
+3. **Popup Interface**: Provides user interface for configuration
+4. **Storage**: Saves rules and settings using Firefox's local storage API
+
+## Permissions
+
+The extension requires the following permissions:
+
+- `webRequest` & `webRequestBlocking`: To intercept and modify network requests
+- `<all_urls>`: To intercept requests from any website
+- `storage`: To save proxy rules and settings
+- `notifications`: To show proxy activity notifications
+- `activeTab`: To access the current tab information
+
+## Development
+
+### File Structure
+
+```
+├── manifest.json          # Extension manifest
+├── background.js          # Background script (main logic)
+├── content.js            # Content script (fetch/XHR interception)
+├── popup.html            # Settings panel HTML
+├── popup.js              # Settings panel JavaScript
+├── icons/                # Extension icons
+│   ├── icon-off-*.png    # Red icons (proxy disabled)
+│   └── icon-on-*.png     # Green icons (proxy enabled)
+└── README.md             # This file
+```
+
+### Testing
+
+1. Enable the extension
+2. Add a test rule (e.g., `httpbin\.org` → `postman-echo.com`)
+3. Visit a website that makes requests to the target domain
+4. Check the browser's Network tab to verify redirections
+5. Verify notifications appear when traffic is proxied
+
+## Security Considerations
+
+- This extension can intercept ALL network traffic when enabled
+- Only install from trusted sources
+- Review proxy rules carefully before enabling
+- Be aware that redirected traffic may be logged by the target servers
+
+## Troubleshooting
+
+### Extension Not Working
+- Check that the extension is enabled in `about:addons`
+- Verify permissions are granted
+- Check browser console for errors
+
+### Icons Not Showing
+- Ensure PNG icon files exist in the `icons/` directory
+- Convert SVG files to PNG if needed
+- Check file permissions
+
+### Rules Not Matching
+- Test regex patterns using online regex testers
+- Ensure domains are properly escaped (use `\.` for literal dots)
+- Check that the proxy is enabled (green button)
+
+## License
+
+This extension is provided as-is for educational and development purposes.