Files
Pablo Fernandez Guerra (PFE) 1090ed59b7 feat(ui): replace D3+Dagre attack path graph with React Flow (#10686)
Co-authored-by: Pablo F.G <pablo.fernandez@prowler.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-authored-by: Alan Buscaglia <gentlemanprogramming@gmail.com>
2026-05-12 16:33:29 +02:00

94 lines
2.6 KiB
JavaScript

#!/usr/bin/env node
/**
* Post-install script for Prowler UI
*
* This script runs after npm install to:
* 1. Update dependency log (if the script exists)
* 2. Setup git hooks (if the script exists)
*/
const fs = require("fs");
const path = require("path");
function runScriptIfExists(scriptPath, scriptName) {
const fullPath = path.join(__dirname, scriptPath);
if (fs.existsSync(fullPath)) {
try {
require(fullPath);
} catch (error) {
console.warn(`⚠️ Error running ${scriptName}:`, error.message);
}
} else {
console.log(`Skip ${scriptName} (script missing)`);
}
}
function hardenMswServiceWorker() {
const workerPath = path.join(
__dirname,
"..",
"public",
"mockServiceWorker.js",
);
let workerFile;
try {
workerFile = fs.openSync(workerPath, "r+");
} catch (error) {
if (error.code === "ENOENT") {
console.log("Skip MSW service worker hardening (worker missing)");
return;
}
throw error;
}
try {
const workerSource = fs.readFileSync(workerFile, "utf8");
const originGuard = "event.origin !== self.location.origin";
if (workerSource.includes(originGuard)) {
return;
}
const messageHandlerStart =
"addEventListener('message', async function (event) {\n const clientId = Reflect.get(event.source || {}, 'id')\n";
const hardenedMessageHandlerStart =
"addEventListener('message', async function (event) {\n" +
" // Only accept messages from pages served from the same origin as this worker.\n" +
" if (event.origin !== self.location.origin) {\n" +
" return\n" +
" }\n\n" +
" const clientId = Reflect.get(event.source || {}, 'id')\n";
if (!workerSource.includes(messageHandlerStart)) {
console.warn(
"⚠️ Unable to harden MSW service worker: message handler changed",
);
return;
}
const hardenedWorkerSource = workerSource.replace(
messageHandlerStart,
hardenedMessageHandlerStart,
);
fs.ftruncateSync(workerFile, 0);
fs.writeSync(workerFile, hardenedWorkerSource, 0, "utf8");
console.log("Hardened MSW service worker message origin handling");
} finally {
fs.closeSync(workerFile);
}
}
// Run dependency log update
runScriptIfExists("./update-dependency-log.js", "deps:log");
// Re-apply local hardening after MSW regenerates the worker during install.
// Keep this before setup-git-hooks because that script can exit the process.
hardenMswServiceWorker();
// Run git hooks setup
runScriptIfExists("./setup-git-hooks.js", "setup-git-hooks");