Initial MVP. Not optimal.

.gitignore

@@ -0,0 +1 @@
+**/.DS_Store

manifest.json

@@ -22,7 +22,8 @@
         "default_popup": "crowdtls.html"
     },
     "host_permissions": [
-        "https://crowdtls.mips.uk/api/*",
+        "https://crowdtls.mips.uk/api/v1/*",
+        "http://127.0.0.1:8000/api/v1/*",
         "https://*/*"
     ],
     "permissions": [

worker.js

@@ -7,7 +7,8 @@
 
 "use strict";
 
-const API_BASE = "https://crowdtls.mips.uk/api/v1";
+// const API_BASE = "https://crowdtls.mips.uk/api/v1";
+const API_BASE = "http://127.0.0.1:8000/api/v1";
 
 /**
  * Processes the given request details to extract and log security information.
@@ -21,6 +22,7 @@ const API_BASE = "https://crowdtls.mips.uk/api/v1";
  */
 async function process_request(details) {
     try {
+        let hostname = (new URL(details.url)).hostname;
         let securityInfo = await browser.webRequest.getSecurityInfo(details.requestId, { certificateChain: true, rawDER: true });
         if (securityInfo.state !== "insecure") {
             const fingerprint = securityInfo.certificates[0].fingerprint.sha256;
@@ -44,7 +46,7 @@ async function process_request(details) {
             fpData.lastCheck = currentTime;
             localStorage.setItem(fingerprint, JSON.stringify(fpData));
 
-            await check_fingerprint(securityInfo.certificates);
+            await check_fingerprint(hostname, securityInfo.certificates);
         }
     } catch (error) {
         console.error(error);
@@ -57,16 +59,17 @@ async function process_request(details) {
  *
  * @async
  * @function
+ * @param {string} hostname - The hostname of the website.
  * @param {Array} certificates - The list of certificates.
  */
-async function check_fingerprint(certificates) {
+async function check_fingerprint(hostname, certificates) {
     try {
         const fingerprints = certificates.map(cert => cert.fingerprint.sha256);
 
         const response = await fetch(`${API_BASE}/check`, {
             method: 'POST',
             headers: { 'Content-Type': 'application/json' },
-            body: JSON.stringify({ fps: fingerprints }),
+            body: JSON.stringify({ host: hostname, fps: fingerprints }),
             timeout: 5000
         });
 
@@ -79,7 +82,7 @@ async function check_fingerprint(certificates) {
 
         if (data) {
             if (data["send"] === true) {
-                send_certificate_chain(certificates);
+                send_certificate_chain(hostname, certificates);
             }
         }
     }
@@ -93,23 +96,23 @@ async function check_fingerprint(certificates) {
  * 
  * @async
  * @function
+ * @param {string} hostname - The hostname of the website.
  * @param {Array} certificates - The list of certificates.
  * @throws Will log an error to the console if the request fails.
  */
-async function send_certificate_chain(certificates) {
+async function send_certificate_chain(hostname, certificates) {
     try {
         let chain = {};
         certificates.forEach(cert => {
             chain[cert.fingerprint.sha256] = cert.rawDER;
         });
-        console.log(JSON.stringify(chain));
 
         const response = await fetch(`${API_BASE}/new`, {
             method: 'POST',
             headers: {
                 'Content-Type': 'application/json'
             },
-            body: JSON.stringify(chain),
+            body: JSON.stringify({ host: hostname, certs: chain }),
             timeout: 10000
         });