@qr-bistro/devtools-guard 2.4.0

package/dist/chunk-OKFPKHFA.mjs

@@ -0,0 +1,608 @@
+// src/utils.ts
+function isBrowser() {
+  return typeof window !== "undefined";
+}
+function isTouchDevice() {
+  if (!isBrowser()) return false;
+  const coarsePointer = typeof window.matchMedia === "function" && window.matchMedia("(pointer: coarse)").matches;
+  const hasTouch = "ontouchstart" in window || typeof navigator !== "undefined" && navigator.maxTouchPoints > 0;
+  return coarsePointer || hasTouch;
+}
+function resolvePrefix(prefix) {
+  return prefix.toLowerCase();
+}
+function prefixKey(prefix, base) {
+  return `${resolvePrefix(prefix)}${base}`;
+}
+function styleObjectToCss(style) {
+  return Object.entries(style).map(([key, value]) => {
+    const cssKey = key.replace(/([A-Z])/g, "-$1").toLowerCase();
+    return `${cssKey}:${value}`;
+  }).join(";");
+}
+function randomMinorVersion() {
+  const major = Math.floor(Math.random() * 4) + 1;
+  const minor = Math.floor(Math.random() * 10);
+  const patch = Math.floor(Math.random() * 20);
+  return `${major}.${minor}.${patch}`;
+}
+var DEFAULT_DURATION = {
+  soft: 12 * 60 * 60 * 1e3,
+  // 12 hours
+  hard: 7 * 24 * 60 * 60 * 1e3
+  // 7 days
+};
+var DETECTION_INTERVAL = 3e3;
+var VALIDATION_INTERVAL = 5e3;
+var DECOY_REFRESH_INTERVAL = 6e4;
+var WINDOW_SIZE_THRESHOLD = 160;
+var DEBUGGER_THRESHOLD = 100;
+
+// src/hash.ts
+var SALT = "dtg_v2_salt_2026";
+function cyrb53(str, seed = 0) {
+  let h1 = 3735928559 ^ seed;
+  let h2 = 1103547991 ^ seed;
+  for (let i = 0; i < str.length; i++) {
+    const ch = str.charCodeAt(i);
+    h1 = Math.imul(h1 ^ ch, 2654435761);
+    h2 = Math.imul(h2 ^ ch, 1597334677);
+  }
+  h1 = Math.imul(h1 ^ h1 >>> 16, 2246822507);
+  h1 ^= Math.imul(h2 ^ h2 >>> 13, 3266489909);
+  h2 = Math.imul(h2 ^ h2 >>> 16, 2246822507);
+  h2 ^= Math.imul(h1 ^ h1 >>> 13, 3266489909);
+  return (4294967296 * (2097151 & h2) + (h1 >>> 0)).toString(16);
+}
+function generateTrapHash(keyName, secret) {
+  return cyrb53(`${keyName}:${secret}:${SALT}`);
+}
+function generateSecretHash(secret) {
+  return cyrb53(`${secret}:${SALT}:verify`, 42);
+}
+function disguiseValue(keyName, hash) {
+  const base = keyName.split("_").pop() || keyName;
+  switch (base) {
+    case "cache": {
+      const major = parseInt(hash.slice(0, 2), 16) % 5 + 1;
+      const minor = parseInt(hash.slice(2, 4), 16) % 10;
+      const patch = parseInt(hash.slice(4, 6), 16) % 20;
+      return `${major}.${minor}.${patch}-${hash.slice(0, 8)}`;
+    }
+    case "pref": {
+      const fakeJson = JSON.stringify({ theme: "default", lang: "en", v: hash.slice(0, 8) });
+      return btoa(fakeJson);
+    }
+    case "meta": {
+      const fakeTsBase = parseInt(hash.slice(0, 8), 16) % 1e12 + 17e11;
+      return `${fakeTsBase}|web|desktop|${hash.slice(0, 6)}`;
+    }
+    case "theme": {
+      return `dark|#1a1a2e|#e74c3c|${hash.slice(0, 6)}`;
+    }
+    case "tid": {
+      const n1 = parseInt(hash.slice(0, 4), 16) % 99999999;
+      const n2 = parseInt(hash.slice(4, 6), 16) % 9 + 1;
+      return `UA-${n1}-${n2}`;
+    }
+    default:
+      return hash;
+  }
+}
+
+// src/storage.ts
+function getLS(key) {
+  if (!isBrowser()) return null;
+  try {
+    return localStorage.getItem(key);
+  } catch {
+    return null;
+  }
+}
+function setLS(key, value) {
+  if (!isBrowser()) return;
+  try {
+    localStorage.setItem(key, value);
+  } catch {
+  }
+}
+function removeLS(key) {
+  if (!isBrowser()) return;
+  try {
+    localStorage.removeItem(key);
+  } catch {
+  }
+}
+function setSS(key, value) {
+  if (!isBrowser()) return;
+  try {
+    sessionStorage.setItem(key, value);
+  } catch {
+  }
+}
+function removeSS(key) {
+  if (!isBrowser()) return;
+  try {
+    sessionStorage.removeItem(key);
+  } catch {
+  }
+}
+function setCookie(name, value, days = 365) {
+  if (!isBrowser()) return;
+  try {
+    const expires = new Date(Date.now() + days * 864e5).toUTCString();
+    document.cookie = `${name}=${encodeURIComponent(value)};expires=${expires};path=/;SameSite=Lax`;
+  } catch {
+  }
+}
+function removeCookie(name) {
+  if (!isBrowser()) return;
+  try {
+    document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/;SameSite=Lax`;
+  } catch {
+  }
+}
+var FP_SESSION_BASE = "_s_init";
+var FP_COOKIE_BASE = "_p_id";
+var FP_LOCAL_BASE = "_l_init";
+function setFingerprint(prefix, value) {
+  setSS(prefixKey(prefix, FP_SESSION_BASE), value);
+  setCookie(prefixKey(prefix, FP_COOKIE_BASE), value);
+  setLS(prefixKey(prefix, FP_LOCAL_BASE), value);
+}
+function hasLocalFingerprint(prefix) {
+  return getLS(prefixKey(prefix, FP_LOCAL_BASE)) !== null;
+}
+function clearFingerprint(prefix) {
+  removeSS(prefixKey(prefix, FP_SESSION_BASE));
+  removeCookie(prefixKey(prefix, FP_COOKIE_BASE));
+  removeLS(prefixKey(prefix, FP_LOCAL_BASE));
+}
+var BAN_STATE_BASE = "_ban_state";
+function saveBanState(prefix, state) {
+  setLS(prefixKey(prefix, BAN_STATE_BASE), btoa(JSON.stringify(state)));
+}
+function loadBanState(prefix) {
+  const raw = getLS(prefixKey(prefix, BAN_STATE_BASE));
+  if (!raw) return null;
+  try {
+    return JSON.parse(atob(raw));
+  } catch {
+    return null;
+  }
+}
+function clearBanState(prefix) {
+  removeLS(prefixKey(prefix, BAN_STATE_BASE));
+}
+
+// src/trapKeys.ts
+var TRAP_KEYS = [
+  { base: "_app_cache", valueTemplate: "cache", critical: true },
+  { base: "_usr_pref", valueTemplate: "pref", critical: true },
+  { base: "_sess_meta", valueTemplate: "meta", critical: true },
+  { base: "_ui_theme", valueTemplate: "theme", critical: true },
+  { base: "_ga_tid", valueTemplate: "tid", critical: true }
+];
+var DECOY_KEYS = [
+  { base: "_last_sync", valueTemplate: "iso_datetime", refresh: true },
+  { base: "_font_ver", valueTemplate: "semver", refresh: true },
+  { base: "_notif_read", valueTemplate: "boolean", refresh: false }
+];
+function fullKey(prefix, base) {
+  return prefixKey(prefix, base);
+}
+function generateTrapValue(prefix, base, secret) {
+  const key = fullKey(prefix, base);
+  const hash = generateTrapHash(key, secret);
+  return disguiseValue(base, hash);
+}
+function generateDecoyValue(template) {
+  switch (template) {
+    case "iso_datetime":
+      return (/* @__PURE__ */ new Date()).toISOString();
+    case "semver":
+      return `v${randomMinorVersion()}`;
+    case "boolean":
+      return "true";
+    default:
+      return (/* @__PURE__ */ new Date()).toISOString();
+  }
+}
+function installTrapKeys(prefix, secret) {
+  for (const trap of TRAP_KEYS) {
+    setLS(fullKey(prefix, trap.base), generateTrapValue(prefix, trap.base, secret));
+  }
+}
+function installDecoyKeys(prefix) {
+  for (const decoy of DECOY_KEYS) {
+    setLS(fullKey(prefix, decoy.base), generateDecoyValue(decoy.valueTemplate));
+  }
+}
+function refreshDecoyKeys(prefix) {
+  for (const decoy of DECOY_KEYS) {
+    if (decoy.refresh) {
+      setLS(fullKey(prefix, decoy.base), generateDecoyValue(decoy.valueTemplate));
+    }
+  }
+}
+function validateTrapKeys(prefix, secret) {
+  let missingCritical = false;
+  let tampered = false;
+  for (const trap of TRAP_KEYS) {
+    const key = fullKey(prefix, trap.base);
+    const stored = getLS(key);
+    if (stored === null) {
+      if (trap.critical) missingCritical = true;
+      continue;
+    }
+    const expected = generateTrapValue(prefix, trap.base, secret);
+    if (stored !== expected) tampered = true;
+  }
+  return { valid: !missingCritical && !tampered, missingCritical, tampered };
+}
+function hasTrapKeys(prefix) {
+  return TRAP_KEYS.some((t) => getLS(fullKey(prefix, t.base)) !== null);
+}
+function clearTrapKeys(prefix) {
+  for (const trap of TRAP_KEYS) removeLS(fullKey(prefix, trap.base));
+  for (const decoy of DECOY_KEYS) removeLS(fullKey(prefix, decoy.base));
+}
+
+// src/ban.ts
+var storedPrefix = null;
+function setStoredPrefix(prefix) {
+  storedPrefix = prefix;
+}
+function triggerBan(prefix, secret, level, redirectBan, duration = DEFAULT_DURATION) {
+  if (!isBrowser()) return;
+  const now = Date.now();
+  const currentState = loadBanState(prefix);
+  if (currentState && currentState.banLevel === "hard" && level === "soft") {
+    if (now < currentState.expiresAt) {
+      window.location.href = redirectBan;
+      return;
+    }
+  }
+  const bannedFromPath = window.location.pathname;
+  saveBanState(prefix, {
+    bannedAt: now,
+    expiresAt: now + duration[level],
+    bannedFromPath,
+    banLevel: level,
+    secretHash: generateSecretHash(secret)
+  });
+  window.location.href = redirectBan;
+}
+function checkBanned(prefix) {
+  if (!isBrowser()) return false;
+  const state = loadBanState(prefix);
+  if (!state) return false;
+  if (Date.now() >= state.expiresAt) {
+    clearBanState(prefix);
+    return false;
+  }
+  return true;
+}
+function getDevtoolsGuardBanStatus() {
+  const notBanned = {
+    isBanned: false,
+    bannedAt: null,
+    expiresAt: null,
+    bannedFromPath: null,
+    banLevel: null
+  };
+  if (!isBrowser() || !storedPrefix) return notBanned;
+  const state = loadBanState(storedPrefix);
+  if (!state) return notBanned;
+  if (Date.now() >= state.expiresAt) {
+    clearBanState(storedPrefix);
+    return notBanned;
+  }
+  return {
+    isBanned: true,
+    bannedAt: state.bannedAt,
+    expiresAt: state.expiresAt,
+    bannedFromPath: state.bannedFromPath,
+    banLevel: state.banLevel
+  };
+}
+function handleDevtoolsGuardUnlock(params) {
+  if (!isBrowser() || !storedPrefix) {
+    return { success: false, result: null, message: "client_only" };
+  }
+  const state = loadBanState(storedPrefix);
+  if (!state) {
+    return { success: false, result: null, message: "not_banned" };
+  }
+  const inputHash = generateSecretHash(params.hashSecret);
+  if (inputHash !== state.secretHash) {
+    return { success: false, result: null, message: "invalid_secret" };
+  }
+  const bannedFromPath = state.bannedFromPath;
+  clearBanState(storedPrefix);
+  clearTrapKeys(storedPrefix);
+  clearFingerprint(storedPrefix);
+  installTrapKeys(storedPrefix, params.hashSecret);
+  installDecoyKeys(storedPrefix);
+  setFingerprint(storedPrefix, generateSecretHash(params.hashSecret));
+  return {
+    success: true,
+    result: { path: bannedFromPath, message: "Unlocked successfully" }
+  };
+}
+
+// src/pathMatch.ts
+var MATCH_ALL_TOKENS = ["all", "*"];
+function escapeRegex(literal) {
+  return literal.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
+}
+function normalizePath(path) {
+  let p = path;
+  const q = p.indexOf("?");
+  if (q !== -1) p = p.slice(0, q);
+  const h = p.indexOf("#");
+  if (h !== -1) p = p.slice(0, h);
+  if (p.length > 1 && p.endsWith("/")) p = p.slice(0, -1);
+  return p || "/";
+}
+function patternToRegex(pattern) {
+  const segments = normalizePath(pattern).split("/").filter((s) => s !== "");
+  let source = "^";
+  if (segments.length === 0) {
+    source += "/?";
+  } else {
+    for (const seg of segments) {
+      if (/^\[\[\.\.\..+\]\]$/.test(seg)) {
+        source += "(?:/[^/]+)*";
+      } else if (/^\[\.\.\..+\]$/.test(seg)) {
+        source += "(?:/[^/]+)+";
+      } else if (/^\[.+\]$/.test(seg)) {
+        source += "/[^/]+";
+      } else {
+        source += "/" + escapeRegex(seg);
+      }
+    }
+  }
+  source += "/?$";
+  return new RegExp(source);
+}
+function compileProtectPaths(protectPaths) {
+  if (protectPaths === void 0 || protectPaths === "all") {
+    return () => true;
+  }
+  if (!Array.isArray(protectPaths) || protectPaths.length === 0) {
+    return () => true;
+  }
+  if (protectPaths.some((p) => MATCH_ALL_TOKENS.includes(String(p).toLowerCase()))) {
+    return () => true;
+  }
+  const regexes = protectPaths.map((p) => patternToRegex(p));
+  return (pathname) => {
+    const path = normalizePath(pathname);
+    return regexes.some((re) => re.test(path));
+  };
+}
+function isPathProtected(pathname, protectPaths) {
+  return compileProtectPaths(protectPaths)(pathname);
+}
+
+// src/detection.ts
+var detectionTimer = null;
+function handleKeydown(e, onBan) {
+  if (e.key === "F12" || e.keyCode === 123) {
+    e.preventDefault();
+    onBan();
+    return;
+  }
+  const ctrlOrMeta = e.ctrlKey || e.metaKey;
+  if (ctrlOrMeta && e.shiftKey && ["I", "i", "J", "j", "C", "c"].includes(e.key)) {
+    e.preventDefault();
+    onBan();
+    return;
+  }
+  if (ctrlOrMeta && (e.key === "u" || e.key === "U") && !e.shiftKey) {
+    e.preventDefault();
+    onBan();
+    return;
+  }
+}
+function handleContextMenu(e, onBan) {
+  e.preventDefault();
+  onBan();
+}
+function checkWindowSizeDiff() {
+  const widthDiff = window.outerWidth - window.innerWidth;
+  const heightDiff = window.outerHeight - window.innerHeight;
+  return widthDiff > WINDOW_SIZE_THRESHOLD || heightDiff > WINDOW_SIZE_THRESHOLD;
+}
+function checkDebuggerTiming() {
+  const start = performance.now();
+  debugger;
+  const end = performance.now();
+  return end - start > DEBUGGER_THRESHOLD;
+}
+function checkElementIdTrap() {
+  let detected = false;
+  const el = document.createElement("div");
+  Object.defineProperty(el, "id", {
+    get: () => {
+      detected = true;
+      return "";
+    }
+  });
+  console.debug(el);
+  return detected;
+}
+function checkConsoleLogTrap() {
+  let detected = false;
+  const obj = {
+    toString: () => {
+      detected = true;
+      return "";
+    }
+  };
+  console.debug(obj);
+  return detected;
+}
+function runDetectionCycle(onBan) {
+  if (checkWindowSizeDiff()) {
+    onBan();
+    return;
+  }
+  if (checkDebuggerTiming()) {
+    onBan();
+    return;
+  }
+  if (checkElementIdTrap()) {
+    onBan();
+    return;
+  }
+  if (checkConsoleLogTrap()) {
+    onBan();
+    return;
+  }
+}
+function startDetection(onSoftBan, shouldEnforce = () => true) {
+  const keyHandler = (e) => {
+    if (!shouldEnforce()) return;
+    handleKeydown(e, onSoftBan);
+  };
+  const ctxHandler = (e) => {
+    if (!shouldEnforce()) return;
+    handleContextMenu(e, onSoftBan);
+  };
+  document.addEventListener("keydown", keyHandler, true);
+  document.addEventListener("contextmenu", ctxHandler, true);
+  detectionTimer = setInterval(() => {
+    if (!shouldEnforce()) return;
+    runDetectionCycle(onSoftBan);
+  }, DETECTION_INTERVAL);
+  return () => {
+    document.removeEventListener("keydown", keyHandler, true);
+    document.removeEventListener("contextmenu", ctxHandler, true);
+    if (detectionTimer) {
+      clearInterval(detectionTimer);
+      detectionTimer = null;
+    }
+  };
+}
+
+// src/core.ts
+var validationTimer = null;
+var decoyTimer = null;
+var cleanupDetection = null;
+function showConsoleWarning(config) {
+  if (!config.consoleWarning) return;
+  const { title, description } = config.consoleWarning;
+  console.log(`%c${title.text}`, styleObjectToCss(title.style));
+  if (description) {
+    console.log(`%c${description.text}`, styleObjectToCss(description.style));
+  }
+}
+var SUPPRESS_METHODS = ["log", "info", "debug"];
+function activateLogsGuard() {
+  for (const method of SUPPRESS_METHODS) {
+    const original = console[method];
+    console[method] = function(..._args) {
+      void original;
+    };
+  }
+}
+function makeEnforceGate(config) {
+  const { redirectBan, excludePaths = [], protectPaths } = config;
+  const isProtected = compileProtectPaths(protectPaths);
+  return () => {
+    const path = window.location.pathname;
+    if (path === redirectBan) return false;
+    if (excludePaths.some((p) => path.startsWith(p))) return false;
+    return isProtected(path);
+  };
+}
+function evaluateTrapState(prefix, secret) {
+  if (hasTrapKeys(prefix)) {
+    const result = validateTrapKeys(prefix, secret);
+    if (!result.valid) return "ban";
+    if (!hasLocalFingerprint(prefix)) {
+      setFingerprint(prefix, generateSecretHash(secret));
+    }
+    return "ok";
+  }
+  if (hasLocalFingerprint(prefix)) {
+    return "ban";
+  }
+  installTrapKeys(prefix, secret);
+  installDecoyKeys(prefix);
+  setFingerprint(prefix, generateSecretHash(secret));
+  return "ok";
+}
+function startTrapValidation(prefix, secret, redirectBan, config, shouldEnforce) {
+  const duration = config.duration || DEFAULT_DURATION;
+  if (validationTimer) clearInterval(validationTimer);
+  if (decoyTimer) clearInterval(decoyTimer);
+  validationTimer = setInterval(() => {
+    if (!shouldEnforce()) return;
+    if (checkBanned(prefix)) {
+      window.location.href = redirectBan;
+      return;
+    }
+    if (evaluateTrapState(prefix, secret) === "ban") {
+      triggerBan(prefix, secret, "hard", redirectBan, duration);
+    }
+  }, VALIDATION_INTERVAL);
+  decoyTimer = setInterval(() => {
+    refreshDecoyKeys(prefix);
+  }, DECOY_REFRESH_INTERVAL);
+}
+function boot(config) {
+  const {
+    prefix,
+    currentEnv,
+    excludeEnvs,
+    redirectBan,
+    hashSecret,
+    duration = DEFAULT_DURATION
+  } = config;
+  setStoredPrefix(prefix);
+  if (excludeEnvs.includes(currentEnv)) return;
+  const currentPath = window.location.pathname;
+  const shouldEnforce = makeEnforceGate(config);
+  const enforceEntry = shouldEnforce();
+  const onBanPage = currentPath === redirectBan;
+  if (enforceEntry || onBanPage) {
+    showConsoleWarning(config);
+    activateLogsGuard();
+  }
+  if (onBanPage) return;
+  if (enforceEntry && checkBanned(prefix)) {
+    window.location.href = redirectBan;
+    return;
+  }
+  if (evaluateTrapState(prefix, hashSecret) === "ban" && enforceEntry) {
+    triggerBan(prefix, hashSecret, "hard", redirectBan, duration);
+    return;
+  }
+  const disableOnTouch = config.disableOnTouchDevice !== false;
+  if (!(disableOnTouch && isTouchDevice())) {
+    cleanupDetection = startDetection(() => {
+      triggerBan(prefix, hashSecret, "soft", redirectBan, duration);
+    }, shouldEnforce);
+  }
+  startTrapValidation(prefix, hashSecret, redirectBan, config, shouldEnforce);
+}
+function initDevtoolsGuard(config) {
+  if (!isBrowser()) return;
+  setStoredPrefix(config.prefix);
+  if (document.readyState === "loading") {
+    document.addEventListener("DOMContentLoaded", () => boot(config));
+  } else {
+    boot(config);
+  }
+}
+
+export {
+  getDevtoolsGuardBanStatus,
+  handleDevtoolsGuardUnlock,
+  patternToRegex,
+  isPathProtected,
+  initDevtoolsGuard
+};

package/dist/index.d.mts

@@ -0,0 +1,14 @@
+import { D as DevtoolsGuardConfig, B as BanStatus, U as UnlockResult, P as ProtectPaths } from './types-Db38Wwbv.mjs';
+export { a as BanLevel, C as ConsoleWarningConfig, b as ConsoleWarningTextConfig, c as DurationConfig } from './types-Db38Wwbv.mjs';
+
+declare function initDevtoolsGuard(config: DevtoolsGuardConfig): void;
+
+declare function getDevtoolsGuardBanStatus(): BanStatus;
+declare function handleDevtoolsGuardUnlock(params: {
+    hashSecret: string;
+}): UnlockResult;
+
+declare function patternToRegex(pattern: string): RegExp;
+declare function isPathProtected(pathname: string, protectPaths: ProtectPaths | undefined): boolean;
+
+export { BanStatus, DevtoolsGuardConfig, ProtectPaths, UnlockResult, getDevtoolsGuardBanStatus, handleDevtoolsGuardUnlock, initDevtoolsGuard, isPathProtected, patternToRegex };

package/dist/index.d.ts

@@ -0,0 +1,14 @@
+import { D as DevtoolsGuardConfig, B as BanStatus, U as UnlockResult, P as ProtectPaths } from './types-Db38Wwbv.js';
+export { a as BanLevel, C as ConsoleWarningConfig, b as ConsoleWarningTextConfig, c as DurationConfig } from './types-Db38Wwbv.js';
+
+declare function initDevtoolsGuard(config: DevtoolsGuardConfig): void;
+
+declare function getDevtoolsGuardBanStatus(): BanStatus;
+declare function handleDevtoolsGuardUnlock(params: {
+    hashSecret: string;
+}): UnlockResult;
+
+declare function patternToRegex(pattern: string): RegExp;
+declare function isPathProtected(pathname: string, protectPaths: ProtectPaths | undefined): boolean;
+
+export { BanStatus, DevtoolsGuardConfig, ProtectPaths, UnlockResult, getDevtoolsGuardBanStatus, handleDevtoolsGuardUnlock, initDevtoolsGuard, isPathProtected, patternToRegex };