Improved search for distinct URLs & Added functionality to configure similarity threshold from the options page

devploit · devploit · commit 50a64434ed37 · 2023-04-11T18:48:49.000+02:00
diff --git a/LICENSE b/LICENSE
diff --git a/README.md b/README.md
@@ -45,6 +45,13 @@ It is recommended to pin the extension to the toolbar to check if a new modified
 4. Click on any URL in the list to open it in a new tab.
 5. To clear the list, click on the trash can icon in the top right corner of the popup.
 
+## Options/Customization
+
+To modify the similarity threshold using the options page of the extension, follow these steps:
+1. Click on the debugHunter extension icon in the Chrome toolbar.
+2. Click on the gear icon in the top right corner of the popup to open the options page.
+3. In the options page, use the slider to set the similarity threshold to the desired value (default 0.97)
+
 ## Contributing
 
 We welcome contributions! Please feel free to submit pull requests or open issues to improve debugHunter.
diff --git a/background.js b/background.js
@@ -99,7 +99,7 @@ function preprocessText(text) {
 }
 
 // Function to check if two responses are meaningfully different
-function isDifferentResponse(originalText, modifiedText) {
+function isDifferentResponse(originalText, modifiedText, similarityThreshold) {
   // Preprocess the texts before comparison
   const preprocessedOriginalText = preprocessText(originalText);
   const preprocessedModifiedText = preprocessText(modifiedText);
@@ -110,9 +110,6 @@ function isDifferentResponse(originalText, modifiedText) {
     preprocessedModifiedText
   );
 
-  // Set a threshold for similarity; responses with similarity below this threshold are considered different
-  const similarityThreshold = 0.90;
-
   // Return true if the similarity is below the threshold
   return similarity < similarityThreshold;
 }
@@ -127,7 +124,15 @@ async function binarySearch(url, includedParams, searchParams, originalText) {
     const modifiedUrl = appendQueryParam(url, searchParams[0]);
     const modifiedResponse = await fetch(modifiedUrl);
     const modifiedText = await modifiedResponse.text();
-    if (isDifferentResponse(originalText, modifiedText)) {
+
+    // Load similarityThreshold from storage
+    const storedSettings = await new Promise(resolve => {
+      chrome.storage.sync.get('similarityThreshold', resolve);
+    });
+
+    const similarityThreshold = storedSettings.similarityThreshold || 0.97;
+    
+    if (isDifferentResponse(originalText, modifiedText, similarityThreshold)) {
       addModifiedUrl(modifiedUrl);
     }
     return;
@@ -145,7 +150,14 @@ async function binarySearch(url, includedParams, searchParams, originalText) {
   const modifiedResponse = await fetch(modifiedUrl);
   const modifiedText = await modifiedResponse.text();
 
-  if (isDifferentResponse(originalText, modifiedText)) {
+  // Load similarityThreshold from storage
+  const storedSettings = await new Promise(resolve => {
+    chrome.storage.sync.get('similarityThreshold', resolve);
+  });
+
+  const similarityThreshold = storedSettings.similarityThreshold || 0.97;
+
+  if (isDifferentResponse(originalText, modifiedText, similarityThreshold)) {
     // If the response is different, add the modified URL and search for more modifications
     addModifiedUrl(modifiedUrl);
     await binarySearch(url, includedParams, searchParams.slice(0, middleIndex), originalText);
@@ -174,4 +186,4 @@ chrome.tabs.onUpdated.addListener(async (tabId, changeInfo, tab) => {
 
 // Expose getModifiedUrls and clearModifiedUrls functions to popup
 window.getModifiedUrls = getModifiedUrls;
-window.clearModifiedUrls = clearModifiedUrls;
+window.clearModifiedUrls = clearModifiedUrls;
diff --git a/manifest.json b/manifest.json
@@ -1,14 +1,16 @@
 {
   "manifest_version": 2,
   "name": "debugHunter",
-  "version": "1.0.2",
+  "version": "1.0.3",
   "description": "Discover hidden debugging parameters and uncover web application secrets",
+  "options_page": "options.html",
   "icons": {
     "48": "images/icon.png"
   },
   "permissions": [
     "webRequest",
     "webRequestBlocking",
+    "storage",
     "<all_urls>"
   ],
   "background": {
diff --git a/options.html b/options.html
@@ -0,0 +1,51 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <link href="https://fonts.googleapis.com/css2?family=Roboto:wght@300;400&display=swap" rel="stylesheet">
+  <style>
+    body {
+      font-family: 'Roboto';
+      margin: 30px;
+      max-width: 600px;
+      color: white;
+      background-color: #888888;
+    }
+
+    h1 {
+      font-size: 24px;
+      font-weight: 300;
+      margin-bottom: 20px;
+    }
+
+    label {
+      font-size: 16px;
+      font-weight: 400;
+      display: block;
+      margin-bottom: 5px;
+    }
+
+    input[type="range"] {
+      width: 100%;
+      margin-bottom: 20px;
+    }
+
+    p {
+      font-size: 14px;
+      font-weight: 300;
+      margin-top: 5px;
+    }
+  </style>
+  <title>Options</title>
+</head>
+<body>
+  <h1>Options</h1>
+  <label for="similarityThreshold">Similarity Threshold</label>
+  <input type="range" id="similarityThreshold" name="similarityThreshold" min="0" max="1" step="0.01" value="0.97">
+  <p>Current value: <span id="similarityThresholdValue">0.97</span></p>
+  <br><br><p>The similarity threshold determines the minimum similarity score required for a pair of URLs to be considered the same. The value ranges from 0 to 1, where 0 means that any pair of URLs is considered the same, and 1 means that only identical URLs are considered the same. The closer the value is to 1, the more similar the URLs need to be to be considered the same.</p>
+  <p><b>Default value is: 0.97</b></p>
+  <script src="options.js"></script>
+</body>
+</html>
diff --git a/options.js b/options.js
@@ -0,0 +1,27 @@
+document.addEventListener('DOMContentLoaded', () => {
+    // Get the similarity threshold slider and display elements
+    const similarityThresholdSlider = document.getElementById('similarityThreshold');
+    const similarityThresholdValue = document.getElementById('similarityThresholdValue');
+  
+    // Function to update the display value
+    function updateDisplayValue(value) {
+      similarityThresholdValue.textContent = value;
+    }
+  
+    // Load the saved similarity threshold value
+    chrome.storage.sync.get('similarityThreshold', (data) => {
+      const value = data.similarityThreshold || 0.97;
+      similarityThresholdSlider.value = value;
+      updateDisplayValue(value);
+    });
+  
+    // Save the similarity threshold value when the slider changes
+    similarityThresholdSlider.addEventListener('input', (e) => {
+      const value = e.target.value;
+      updateDisplayValue(value);
+      chrome.storage.sync.set({ similarityThreshold: value }, () => {
+        console.log('Similarity threshold saved:', value);
+      });
+    });
+  });
+  
diff --git a/popup.html b/popup.html
@@ -2,19 +2,19 @@
 <html>
   <head>
     <meta charset="UTF-8">
-    <link href="https://fonts.googleapis.com/css?family=Anonymous+Pro&display=swap" rel="stylesheet" />
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
     <style>
         body {
-          font-family: "Anonymous Pro", monospace;
-          background-color: #585858;
+          font-family: "SFMono-Medium";
+          background-color: #888888;
           color: white;
           width: 500px;
           max-height: 2000px;
           padding: 15px;
         }
     
         h2 {
-          font-size: 14px;
+          font-size: 12px;
           margin-bottom: 12px;
           margin-top: 50px;
         }
@@ -35,21 +35,22 @@
     
         li {
           background-color: #333;
+          font-size: 10px;
           margin-bottom: 5px;
           padding: 5px;
           border-radius: 3px;
         }
     
         button {
           background-color: rgb(130, 0, 0);
-          font-family: "Anonymous Pro", monospace;
+          font-family: "SFMono-Medium";
           border: none;
           color: white;
           padding: 5px 10px;
           text-align: center;
           text-decoration: none;
           display: inline-block;
-          font-size: 12px;
+          font-size: 11px;
           margin: 5px 2px;
           cursor: pointer;
           border-radius: 2px;
@@ -80,7 +81,11 @@
   </head>
   <body>
     <div class="banner"><img src="images/banner.png" width="150" height="40" ></div>
-    <div class="info-container"><a href="#" id="info-icon">ℹ️</a></div>
+    <div class="info-container">
+      <a href="#" id="options-link"><i class="fa fa-cog"></i></a>
+      <a href="#" id="info-icon">ℹ</i>
+      </a>
+    </div>
     <div class="window">
     <h2>Modified Response URLs</h2>
     <ul id="modifiedUrls"></ul>
diff --git a/popup.js b/popup.js
@@ -26,4 +26,8 @@ document.getElementById("clearUrls").addEventListener("click", () => {
 
 document.getElementById('info-icon').addEventListener('click', () => {
   chrome.tabs.create({ url: 'https://github.com/devploit/debugHunter' });
-});
+});
+
+document.getElementById('options-link').addEventListener('click', () => {
+  chrome.runtime.openOptionsPage();
+});
