From cd1c9cf5b2a212ab51a40665dabb726d370dea03 Mon Sep 17 00:00:00 2001 From: iProgramInCpp Date: Sat, 25 May 2024 19:37:05 +0300 Subject: [PATCH] * Add option to toggle these off/on. --- src/discord/LocalSettings.cpp | 4 ++++ src/discord/LocalSettings.hpp | 7 +++++++ src/resource.h | 4 +++- src/resource.rc | 8 +++++--- src/windows/NetworkerThread.cpp | 21 +++++++++++++++------ src/windows/OptionsDialog.cpp | 11 +++++++++-- 6 files changed, 43 insertions(+), 12 deletions(-) diff --git a/src/discord/LocalSettings.cpp b/src/discord/LocalSettings.cpp index ad6b2eb..5c57fc2 100644 --- a/src/discord/LocalSettings.cpp +++ b/src/discord/LocalSettings.cpp @@ -98,6 +98,9 @@ bool LocalSettings::Load() if (j.contains("RemindUpdateCheckOn")) m_remindUpdatesOn = (time_t) (long long) j["RemindUpdateCheckOn"]; + + if (j.contains("AddExtraHeaders")) + m_bAddExtraHeaders = j["AddExtraHeaders"]; return true; } @@ -120,6 +123,7 @@ bool LocalSettings::Save() j["CheckUpdates"] = m_bCheckUpdates; j["EnableTLSVerification"] = m_bEnableTLSVerification; j["RemindUpdateCheckOn"] = (long long)(m_remindUpdatesOn); + j["AddExtraHeaders"] = m_bAddExtraHeaders; if (m_bSaveWindowSize) { j["WindowWidth"] = m_width; j["WindowHeight"] = m_height; diff --git a/src/discord/LocalSettings.hpp b/src/discord/LocalSettings.hpp index ebdec77..4d4c55a 100644 --- a/src/discord/LocalSettings.hpp +++ b/src/discord/LocalSettings.hpp @@ -91,6 +91,12 @@ class LocalSettings void SetEnableTLSVerification(bool b) { m_bEnableTLSVerification = b; } + bool AddExtraHeaders() const { + return m_bAddExtraHeaders; + } + void SetAddExtraHeaders(bool b) { + m_bAddExtraHeaders = b; + } void StopUpdateCheckTemporarily(); private: @@ -106,6 +112,7 @@ class LocalSettings bool m_bCheckUpdates = false; bool m_bAskToCheckUpdates = true; bool m_bEnableTLSVerification = true; + bool m_bAddExtraHeaders = true; time_t m_remindUpdatesOn = 0; int m_width = 1000; int m_height = 700; diff --git a/src/resource.h b/src/resource.h index c28f675..0225705 100644 --- a/src/resource.h +++ b/src/resource.h @@ -290,6 +290,8 @@ #define IDC_CHECK1 871 #define IDC_ENABLE_TLS_CHECKS 871 #define IDC_CHECK_UPDATES 872 +#define IDC_CHECK2 873 +#define IDC_TOGGLE_XSUPERPROPS 873 #define ID_FILE_PREFERENCES 1001 #define ID_FILE_STOPALLSPEECH 1002 #define ID_FILE_EXIT 1003 @@ -368,7 +370,7 @@ #ifndef APSTUDIO_READONLY_SYMBOLS #define _APS_NEXT_RESOURCE_VALUE 83 #define _APS_NEXT_COMMAND_VALUE 1069 -#define _APS_NEXT_CONTROL_VALUE 873 +#define _APS_NEXT_CONTROL_VALUE 874 #define _APS_NEXT_SYMED_VALUE 40000 #endif #endif diff --git a/src/resource.rc b/src/resource.rc index 687039d..84b1a05 100644 --- a/src/resource.rc +++ b/src/resource.rc @@ -563,9 +563,9 @@ BEGIN PUSHBUTTON "Revert to official Discord backend",IDC_REVERTTODEFAULT,11,116,118,14 PUSHBUTTON "Update",IDC_UPDATE,197,116,50,14 ICON IDI_WARNING_IC,IDC_ICON_WARN_CONNECT,11,55,20,20,SS_REALSIZEIMAGE - LTEXT "For security reasons, when you update the URLs that Discord Messenger uses to interface with Discord's backend, you will be logged out. (your token is forgotten but not revoked)",IDC_STATIC,30,54,214,31 - ICON IDI_WARNING_IC,IDC_ICON_WARN_WEBSOCKETSTUFF,12,87,20,20,SS_REALSIZEIMAGE - LTEXT "Wondering where the websocket gateway URL is located? Well, Discord Messenger issues a request to API_URL/gateway, which tells it the websocket URL to use.",IDC_STATIC,30,87,214,29 + LTEXT "For security reasons, when you update the URLs that Discord Messenger uses to interface with Discord's backend, you will be logged out. (your token is forgotten but not revoked)",IDC_STATIC,30,54,214,28 + ICON IDI_WARNING_IC,IDC_ICON_WARN_WEBSOCKETSTUFF,12,82,21,20,SS_REALSIZEIMAGE + LTEXT "NOTE: Discord Messenger automatically fetches the websocket gateway URL using the API_URL/gateway endpoint.",IDC_STATIC,30,82,214,19 GROUPBOX "Security Settings",IDC_STATIC,6,139,245,48 ICON IDI_WARNING_IC,IDC_ICON_WARN_WEBSOCKETSTUFF2,12,166,20,20,SS_REALSIZEIMAGE LTEXT "WARNING: Disabling TLS certificate verification could expose you to MITM (man-in-the-middle) attacks via certificate spoofing!",IDC_STATIC,30,165,214,19 @@ -575,6 +575,8 @@ BEGIN CONTROL "Check for updates using the GitHub API",IDC_CHECK_UPDATES, "Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,204,232,10 LTEXT "iProgramInCpp cannot see your IP address via the update service.",IDC_STATIC,12,219,231,10 + CONTROL "Add extra headers such as X-Super-Properties to HTTP requests.",IDC_TOGGLE_XSUPERPROPS, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,104,231,10 END diff --git a/src/windows/NetworkerThread.cpp b/src/windows/NetworkerThread.cpp index 45a760f..1be8d30 100644 --- a/src/windows/NetworkerThread.cpp +++ b/src/windows/NetworkerThread.cpp @@ -28,6 +28,11 @@ static bool g_bQuittingFromSSLError; int g_latestSSLError = 0; // HACK - used by httplib.h, to debug some weird issue +bool AddExtraHeaders() +{ + return GetLocalSettings()->AddExtraHeaders(); +} + int NetRequest::Priority() const { int prio = 0; @@ -169,12 +174,16 @@ void NetworkerThread::FulfillRequest(NetRequest& req) Headers headers; headers.insert(std::make_pair("User-Agent", GetClientConfig()->GetUserAgent())); - headers.insert(std::make_pair("X-Super-Properties", GetClientConfig()->GetSerializedBase64Blob())); - headers.insert(std::make_pair("X-Discord-Timezone", GetClientConfig()->GetTimezone())); - headers.insert(std::make_pair("X-Discord-Locale", GetClientConfig()->GetLocale())); - headers.insert(std::make_pair("Sec-Ch-Ua", GetClientConfig()->GetSecChUa())); - headers.insert(std::make_pair("Sec-Ch-Ua-Mobile", "?0")); - headers.insert(std::make_pair("Sec-Ch-Ua-Platform", GetClientConfig()->GetOS())); + + if (AddExtraHeaders()) + { + headers.insert(std::make_pair("X-Super-Properties", GetClientConfig()->GetSerializedBase64Blob())); + headers.insert(std::make_pair("X-Discord-Timezone", GetClientConfig()->GetTimezone())); + headers.insert(std::make_pair("X-Discord-Locale", GetClientConfig()->GetLocale())); + headers.insert(std::make_pair("Sec-Ch-Ua", GetClientConfig()->GetSecChUa())); + headers.insert(std::make_pair("Sec-Ch-Ua-Mobile", "?0")); + headers.insert(std::make_pair("Sec-Ch-Ua-Platform", GetClientConfig()->GetOS())); + } if (req.authorization.size()) { diff --git a/src/windows/OptionsDialog.cpp b/src/windows/OptionsDialog.cpp index 97a886f..d386d7c 100644 --- a/src/windows/OptionsDialog.cpp +++ b/src/windows/OptionsDialog.cpp @@ -174,8 +174,9 @@ void WINAPI OnChildDialogInit(HWND hwndDlg) SetDlgItemText(hwndDlg, IDC_EDIT_DISCORDAPI, tstrAPI); SetDlgItemText(hwndDlg, IDC_EDIT_DISCORDCDN, tstrCDN); - CheckDlgButton(hwndDlg, IDC_ENABLE_TLS_CHECKS, GetLocalSettings()->EnableTLSVerification() ? BST_CHECKED : BST_UNCHECKED); - CheckDlgButton(hwndDlg, IDC_CHECK_UPDATES, GetLocalSettings()->CheckUpdates() ? BST_CHECKED : BST_UNCHECKED); + CheckDlgButton(hwndDlg, IDC_ENABLE_TLS_CHECKS, GetLocalSettings()->EnableTLSVerification() ? BST_CHECKED : BST_UNCHECKED); + CheckDlgButton(hwndDlg, IDC_CHECK_UPDATES, GetLocalSettings()->CheckUpdates() ? BST_CHECKED : BST_UNCHECKED); + CheckDlgButton(hwndDlg, IDC_TOGGLE_XSUPERPROPS, GetLocalSettings()->AddExtraHeaders() ? BST_CHECKED : BST_UNCHECKED); free(tstrAPI); free(tstrCDN); @@ -331,6 +332,12 @@ INT_PTR CALLBACK ChildDialogProc(HWND hWnd, UINT uMsg, WPARAM wParam, LPARAM lPa break; } + case IDC_TOGGLE_XSUPERPROPS: + { + GetLocalSettings()->SetAddExtraHeaders(IsDlgButtonChecked(hWnd, IDC_TOGGLE_XSUPERPROPS)); + break; + } + case IDC_REVERTTODEFAULT: case IDC_UPDATE: {