Skip to content

Decode Rule

Kain edited this page Mar 1, 2024 · 3 revisions

Decode Basics

Commit 4ee6eb7 (1.3.5) introduced the decode option to rules. This is used to bypass base64 encoded click-jacking links such as:

https://www.emjcd.com/links-i/?d=eyJzdXJmZXIiOiIwMDAwMDpWUFNsWVQ3ckF4emwiLCJsYXN0Q2xpY2tOYW1lIjoiTENMSyIsImxhc3RDbGlja1ZhbHVlIjoiY2pvIXhpNTktMDAwMDAiLCJkZXN0aW5hdGlvblVybCI6Imh0dHBzOi8vd3d3LnZ1ZHUuY29tL2NvbnRlbnQvbW92aWVzL2RldGFpbHMvTW9vbmxpZ2h0LVNlYXNvbi0xLzEzMzEyMCIsInNpZCI6IltzdWJpZF92YWx1ZV0iLCJ0eXBlIjoiZGxnIiwicGlkIjo5MDExNjczLCJldmVudElkIjoiMGFjZGE1ZDBmNzNlMTFlYzAyYWM3NDliMGExYzBlMGUiLCJjalNlc3Npb24iOiIyZjBjMGNjYi1lMGVmLTA0YzItYjIzYy02NzNjZjA2MTZlMTYiLCJsb3lhbHR5RXhwaXJhdGlvbiI6MCwicmVkaXJlY3RlZFRvTGl2ZXJhbXAiOmZhbHNlLCJjakNvbnNlbnRFbnVtIjoiTkVWRVJfQVNLRUQifQ%3D%3D

The decoded result for the d parameter results in the following json object:

{
    "surfer": "00000:VPSlYT7rAxzl",
    "lastClickName": "LCLK",
    "lastClickValue": "cjo!xi59-00000",
    "destinationUrl": "https://www.vudu.com/content/movies/details/Moonlight-Season-1/133120",
    "sid": "[subid_value]",
    "type": "dlg",
    "pid": 9011673,
    "eventId": "0acda5d0f73e11ec02ac749b0a1c0e0e",
    "cjSession": "2f0c0ccb-e0ef-04c2-b23c-673cf0616e16",
    "loyaltyExpiration": 0,
    "redirectedToLiveramp": false,
    "cjConsentEnum": "NEVER_ASKED"
}

Using this information we can create the decode rule:

{ "param": "d", "lookFor": "destinationUrl" }

When applied, tidy-url will attempt to decode, parse and extract the destinationUrl using the d parameter. If any part of this process fails the rule will be skipped and an error will be logged to the console (assuming silent is false).

If the decoded result is not a JSON object then the result will be considered a URL, ignoring the lookFor param.
The URL must be valid for this rule to pass.

Input: https://website.com/tracker?d=aHR0cHM6Ly9naXRodWIuY29tLwQ%3D%3D
Result: https://github.com

If the string was successfully decoded and parsed it will be stored in the response data.info.decoded, even if the destinationUrl key was not located. This is helpful for debugging.

Example

The following is a working rule for the link at the top of this page.

const rule = {
    name: 'emjcd.com',
    match: /^www.emjcd.com/i,
    decode: { param: 'd', lookFor: 'destinationUrl' }
};

Clone this wiki locally