From a1758a60d499fa37db7d26f8cd7496ae2e5b40e6 Mon Sep 17 00:00:00 2001 From: "tv0924@icloud.com" Date: Wed, 2 Jul 2025 11:40:29 +0900 Subject: [PATCH] =?UTF-8?q?[Update]=20=EA=B2=80=EC=A6=9D=20=EC=A7=84?= =?UTF-8?q?=ED=96=89=20=EB=A1=9C=EC=A7=81=20=EB=B3=80=EA=B2=BD=20=EB=B0=8F?= =?UTF-8?q?=20csrf=20=EB=A1=9C=EC=A7=81=20=EB=B3=80=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .env | 2 +- addon/csrf_check.py | 2 +- addon/init.py | 8 ++++++-- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/.env b/.env index ecef8e7..794cacd 100644 --- a/.env +++ b/.env @@ -1,2 +1,2 @@ # Google OAuth 설정 -GOOGLE_ID=whs.imnya.ng@gmail.com +GOOGLE_ID=oauth.j93es@gmail.com diff --git a/addon/csrf_check.py b/addon/csrf_check.py index 867191f..7ff3daa 100644 --- a/addon/csrf_check.py +++ b/addon/csrf_check.py @@ -9,7 +9,7 @@ from lib.utils.is_oauth_uri import is_oauth_uri class CsrfChecker: nonce_params = { - "state", "nonce", "as", "frame_id", "csrf_token", "csrf" + "state", "nonce", "csrf_token", "csrf" } def get_header(self, headers: http.Headers, name: str) -> Optional[str]: diff --git a/addon/init.py b/addon/init.py index 4ea8a18..632af8a 100644 --- a/addon/init.py +++ b/addon/init.py @@ -38,6 +38,8 @@ class AddonBase: ".googlesyndication.com", "cdn.jsdelivr.net", "update.googleapis.com", + ".google-analytics.com", + ".gstatic.com" ] # Ignore .googleapis.com domains for domain in ignore_domains: @@ -62,11 +64,13 @@ class AddonBase: async def request(self, flow: http.HTTPFlow): - if false_true_varifing_task.is_verifing_false_true() or self.should_ignore(flow): + if self.google_login_hint: + await try_catch(self.google_login_hint.request(flow)) + + if false_true_varifing_task.is_verifing_false_true(): return tasks = [ - try_catch(self.google_login_hint.request(flow)) if self.google_login_hint else None, try_catch(PKCEDowngradeChecker().test(flow)), ] await asyncio.gather(*tasks)