Fix of privacy leaks caused by non-page requests

src/js/background/assignManager.js

@@ -118,8 +118,10 @@ const assignManager = {
   },
 
   async handleProxifiedRequest(requestInfo) {
+
+    // The following blocks potentially dangerous requests for privacy that come without a tabId
     if(requestInfo.tabId === -1)
-      return Utils.DEFAULT_PROXY;
+      return Utils.getBogusProxy();
 
     const tab = await browser.tabs.get(requestInfo.tabId);
     const proxy = await proxifiedContainers.retrieveFromBackground(tab.cookieStoreId);

src/js/utils.js

@@ -18,6 +18,22 @@ window.Utils = {
     imageElement.addEventListener("error", errorListener);
     imageElement.addEventListener("load", loadListener);
     return imageElement;
+  },
+
+  // See comment in PR #313 - so far the (hacky) method being used to block proxies is to produce a sufficiently long random address
+  getBogusProxy() {
+    const bogusFailover = 1;
+    if(typeof window.Utils.pregeneratedString !== 'undefined')
+    {
+      return {type:"socks4", host:"w.${window.Utils.pregeneratedString}.coo", port:9999, username:"foo", failoverTimeout:bogusFailover};
+    }
+    else
+    {
+      const bogusLength = 8;
+      let array = new Uint8Array(bogusLength);
+      window.crypto.getRandomValues(array);
+      window.Utils.pregeneratedString = array.toString('hex');
+    }
   }
 
 };