From db5538dd877a504d185401fc29864a1d9569379a Mon Sep 17 00:00:00 2001
From: Jacob Torrey <jacob@thinkst.com>
Date: Fri, 26 Jan 2024 10:21:45 -0700
Subject: [PATCH] Update the CF Function to log missing Referer headers, and
 further defanging of the phishing URLs

Signed-off-by: Jacob Torrey <jacob@thinkst.com>
---
 aws-css-token-infra/CSSClonedSiteCFFunc/index.js | 12 +++++++++---
 templates/emails/notification.html               |  6 +++---
 2 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/aws-css-token-infra/CSSClonedSiteCFFunc/index.js b/aws-css-token-infra/CSSClonedSiteCFFunc/index.js
index 151f2447e..78e2acb2d 100644
--- a/aws-css-token-infra/CSSClonedSiteCFFunc/index.js
+++ b/aws-css-token-infra/CSSClonedSiteCFFunc/index.js
@@ -6,12 +6,18 @@ var token_server = 'https://canarytokens.com';
 
 function handler(event) {
     var uri = event.request.uri.split('/');
-    var expected_referrer = String.bytesFrom(uri[2], 'base64url');
+    var expected_referrer = '';
+    expected_referrer = String.bytesFrom(uri[2], 'base64url');
     var referer = '';
     if ('referer' in event.request.headers)
         referer = event.request.headers.referer.value;
-
-    if (referer == '' || referer.indexOf(expected_referrer) >= 0) { // Happy case where the referer matches
+    
+    if (expected_referrer == '')
+        console.log("Empty expected_referrer!");
+    if (referer == '')
+        console.log("Empty/missing Referer header for: " + expected_referrer);
+    
+    if (expected_referrer == '' || referer == '' || referer.indexOf(expected_referrer) >= 0) { // Happy case where the referer matches
         var response = {
             statusCode: 200,
             statusDescription: 'OK',
diff --git a/templates/emails/notification.html b/templates/emails/notification.html
index 3edc4c58f..6abaed4d5 100644
--- a/templates/emails/notification.html
+++ b/templates/emails/notification.html
@@ -110,19 +110,19 @@ <h2 style="font-size: 18px;">Basic Details:</h2></td>
                       {% if BasicDetails['referer'] %}
                                       <tr>
                                         <td class="label" style="background: #eeeeee; font-weight: bold; _border: none; width: 180px; border: 1px solid #cccccc; padding: 5px;">Referer</td>
-                                        <td style="border: 1px solid #cccccc; padding: 5px;"><code>{{ BasicDetails['referer'] | replace('http', 'hxxp', 1) | e}}</code></td>
+                                        <td style="border: 1px solid #cccccc; padding: 5px;"><a href="" style="text-decoration: none !important;"><code>{{ BasicDetails['referer'] | replace('http', 'hxxp', 1) | e}}</code></a></td>
                                       </tr>
                       {% endif %}
                       {% if BasicDetails['referrer'] %}
                                       <tr>
                                         <td class="label" style="background: #eeeeee; font-weight: bold; _border: none; width: 180px; border: 1px solid #cccccc; padding: 5px;">Referer</td>
-                                        <td style="border: 1px solid #cccccc; padding: 5px;"><code>{{ BasicDetails['referrer'] | replace('http', 'hxxp', 1) | e}}</code></td>
+                                        <td style="border: 1px solid #cccccc; padding: 5px;"><a href="" style="text-decoration: none !important;"><code>{{ BasicDetails['referrer'] | replace('http', 'hxxp', 1) | e}}</code></a></td>
                                       </tr>
                       {% endif %}
                       {% if BasicDetails['location'] %}
                                       <tr>
                                         <td class="label" style="background: #eeeeee; font-weight: bold; _border: none; width: 180px; border: 1px solid #cccccc; padding: 5px;">Location</td>
-                                        <td style="border: 1px solid #cccccc; padding: 5px;"><code>{{ BasicDetails['location'] | replace('http', 'hxxp', 1) | e}}</code></td>
+                                        <td style="border: 1px solid #cccccc; padding: 5px;"><a href="" style="text-decoration: none !important;"><code>{{ BasicDetails['location'] | replace('http', 'hxxp', 1) | e}}</code></a></td>
                                       </tr>
                       {% endif %}
                       {% if BasicDetails['request_args'] %}