Detect brave shield with JS and a REST API

Maxpnl
Maxpnl
Aug 13 · 2 min read
package mainimport (
"github.com/aws/aws-lambda-go/lambda"
"github.com/aws/aws-lambda-go/events"
"encoding/json"
"fmt"
"regexp"
)
type Response struct {
Status string `json:"status"`
Message string `json:"message"`
}
func CookieCheck(req events.APIGatewayProxyRequest)(events.APIGatewayProxyResponse, error){ header := make(map[string]string)
header["Access-Control-Allow-Origin"] = req.Headers["origin"]
header["Access-Control-Allow-Credentials"] = "true"
res := &Response{
Status : "success",
Message: "test",
}
response, _ := json.Marshal(res) if req.HTTPMethod == "GET" {
header["Set-Cookie"] = fmt.Sprintf("token=TEST; path=/")
} else {
re := regexp.MustCompile("token=([^;]+)")
regex := re.FindStringSubmatch(req.Headers["cookie"])
if len(regex) < 2 || regex[1] != "TEST" {
res.Status = "error"
resp2, _ := json.Marshal(res)
return events.APIGatewayProxyResponse{
Headers: header,
StatusCode: 403,
Body: string(resp2),
}, nil
}
}
return events.APIGatewayProxyResponse{
Headers: header,
StatusCode: 200,
Body: string(response),
}, nil
}
func main() {
lambda.Start(CookieCheck)
}
fetch(
"https://{restapi-id}.execute-api.{region}.amazonaws.com/{stageName}/{resourceName}",
{
method: "GET",
credentials: "include",
}
)
.then(res => res.json())
.then(result => {
if (result.status == "success") { // The get request was successfull and the cookie should be set
fetch(
"https://{restapi-id}.execute-api.{region}.amazonaws.com/{stageName}/{resourceName}",
{
method: "POST",
credentials: "include",
}
)
.then(res => res.json())
.then(result => { // Now we see if the cookie is actually set
if (result.status != "success") {

alert("BRAVE SHIELD"); // Brave shield is enabled
}
});
}
else {
alert("BRAVE SHIELD"); // This probably will never trigger, yet it's better safe than sorry
}
});
Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade