diff --git a/sandbox.html b/sandbox.html index a9cbfc60..c31b36a4 100644 --- a/sandbox.html +++ b/sandbox.html @@ -22,6 +22,24 @@ let data = event.data; if (data.action === 'init') { try { + let url = `https://abs.twimg.com/responsive-web/client-web/ondemand.s.${data.challengeCode}a.js` + let challengeData; + try { + challengeData = await fetch(url).then(res => res.text()); + } catch(e) { + await sleep(500); + try { + challengeData = await fetch(url).then(res => res.text()); + } catch(e) { + await sleep(1000); + try { + challengeData = await fetch(url).then(res => res.text()); + } catch(e) { + throw new Error('Failed to fetch challenge data: ' + e); + } + } + } + let animsDiv = document.getElementById('anims'); for(let anim of data.anims) { animsDiv.innerHTML += `\n${anim}`; @@ -29,10 +47,10 @@ let verif = document.querySelector('meta[name="twitter-site-verification"]'); verif.content = data.verificationCode; let headerRegex = /(\d+):(.+)=>.+default:\(\)=>(\w).+,\w\(\d+\)\;/; - let headerMatch = data.code.match(headerRegex); + let headerMatch = challengeData.match(headerRegex); if(!headerMatch) { console.error('Uh oh, header not found!! Report to https://github.com/dimdenGD/OldTwitter/issues'); - event.source.postMessage({action: 'initError', error: `Header not found at ${data.challengeCode} (${String(data.code).slice(0, 500)}...)`}, event.origin); + event.source.postMessage({action: 'initError', error: `Header not found at ${data.challengeCode} (${String(challengeData).slice(0, 500)}...)`}, event.origin); initError = true; return; } @@ -41,7 +59,7 @@ // It only ever executes code from trusted Twitter domain, abs.twimg.com (specifically their script that generates security headers) // It's impossible to have it contained in extension itself, since it's generated dynamically // you can see where script is loaded in scripts/twchallenge.js - eval(data.code.replace(headerRegex, '$1:$2=>{window._CHALLENGE=()=>$3;')); + eval(challengeData.replace(headerRegex, '$1:$2=>{window._CHALLENGE=()=>$3;')); let id = headerMatch[1]; webpackChunk_twitter_responsive_web[0][1][id](); solver = window._CHALLENGE()(); @@ -85,4 +103,4 @@ }); - \ No newline at end of file + diff --git a/scripts/twchallenge.js b/scripts/twchallenge.js index 37898b8c..61f8a118 100644 --- a/scripts/twchallenge.js +++ b/scripts/twchallenge.js @@ -149,22 +149,6 @@ async function initChallenge() { let anims = Array.from(dom.querySelectorAll('svg[id^="loading-x"]')).map(svg => svg.outerHTML); let challengeCode = homepageData.match(/"ondemand.s":"(\w+)"/)[1]; - let challengeData; - try { - challengeData = await _fetch(`https://abs.twimg.com/responsive-web/client-web/ondemand.s.${challengeCode}a.js`).then(res => res.text()); - } catch(e) { - await sleep(500); - try { - challengeData = await _fetch(`https://abs.twimg.com/responsive-web/client-web/ondemand.s.${challengeCode}a.js`).then(res => res.text()); - } catch(e) { - await sleep(1000); - try { - challengeData = await _fetch(`https://abs.twimg.com/responsive-web/client-web/ondemand.s.${challengeCode}a.js`).then(res => res.text()); - } catch(e) { - throw new Error('Failed to fetch challenge data: ' + e); - } - } - } OLDTWITTER_CONFIG.verificationKey = verificationKey; @@ -173,7 +157,6 @@ async function initChallenge() { if(!solverIframe || !solverIframe.contentWindow) return setTimeout(sendInit, 50); solverIframe.contentWindow.postMessage({ action: 'init', - code: challengeData, challengeCode, anims, verificationCode: OLDTWITTER_CONFIG.verificationKey