Update the CF Function to log missing Referer headers, and further de…

…fanging of the phishing URLs Signed-off-by: Jacob Torrey <jacob@thinkst.com>
thinkst · Jan 26, 2024 · db5538d · db5538d
1 parent 4863be3
commit db5538d
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 6 deletions.
diff --git a/aws-css-token-infra/CSSClonedSiteCFFunc/index.js b/aws-css-token-infra/CSSClonedSiteCFFunc/index.js
@@ -6,12 +6,18 @@ var token_server = 'https://canarytokens.com';
 
 function handler(event) {
     var uri = event.request.uri.split('/');
-    var expected_referrer = String.bytesFrom(uri[2], 'base64url');
+    var expected_referrer = '';
+    expected_referrer = String.bytesFrom(uri[2], 'base64url');
     var referer = '';
     if ('referer' in event.request.headers)
         referer = event.request.headers.referer.value;
-
-    if (referer == '' || referer.indexOf(expected_referrer) >= 0) { // Happy case where the referer matches
+
+    if (expected_referrer == '')
+        console.log("Empty expected_referrer!");
+    if (referer == '')
+        console.log("Empty/missing Referer header for: " + expected_referrer);
+
+    if (expected_referrer == '' || referer == '' || referer.indexOf(expected_referrer) >= 0) { // Happy case where the referer matches
         var response = {
             statusCode: 200,
             statusDescription: 'OK',

diff --git a/templates/emails/notification.html b/templates/emails/notification.html
@@ -110,19 +110,19 @@ <h2 style="font-size: 18px;">Basic Details:</h2></td>
                       {% if BasicDetails['referer'] %}
                                       <tr>
                                         <td class="label" style="background: #eeeeee; font-weight: bold; _border: none; width: 180px; border: 1px solid #cccccc; padding: 5px;">Referer</td>
-                                        <td style="border: 1px solid #cccccc; padding: 5px;"><code>{{ BasicDetails['referer'] | replace('http', 'hxxp', 1) | e}}</code></td>
+                                        <td style="border: 1px solid #cccccc; padding: 5px;"><a href="" style="text-decoration: none !important;"><code>{{ BasicDetails['referer'] | replace('http', 'hxxp', 1) | e}}</code></a></td>
                                       </tr>
                       {% endif %}
                       {% if BasicDetails['referrer'] %}
                                       <tr>
                                         <td class="label" style="background: #eeeeee; font-weight: bold; _border: none; width: 180px; border: 1px solid #cccccc; padding: 5px;">Referer</td>
-                                        <td style="border: 1px solid #cccccc; padding: 5px;"><code>{{ BasicDetails['referrer'] | replace('http', 'hxxp', 1) | e}}</code></td>
+                                        <td style="border: 1px solid #cccccc; padding: 5px;"><a href="" style="text-decoration: none !important;"><code>{{ BasicDetails['referrer'] | replace('http', 'hxxp', 1) | e}}</code></a></td>
                                       </tr>
                       {% endif %}
                       {% if BasicDetails['location'] %}
                                       <tr>
                                         <td class="label" style="background: #eeeeee; font-weight: bold; _border: none; width: 180px; border: 1px solid #cccccc; padding: 5px;">Location</td>
-                                        <td style="border: 1px solid #cccccc; padding: 5px;"><code>{{ BasicDetails['location'] | replace('http', 'hxxp', 1) | e}}</code></td>
+                                        <td style="border: 1px solid #cccccc; padding: 5px;"><a href="" style="text-decoration: none !important;"><code>{{ BasicDetails['location'] | replace('http', 'hxxp', 1) | e}}</code></a></td>
                                       </tr>
                       {% endif %}
                       {% if BasicDetails['request_args'] %}