Waked - The Last bastion of decentralized web

1. //Waked - The Last bastion of decentralized web
2.  
3. /*use cors proxies to upload user content to various temporary file sharing services, like uploadpie, then archive the uploads to archive.org, use pastebins like this one and justpaste.it to help index the user uploads
4.  
5.  
6. Use example.com archives to find indexes:
7. for example I archived the url: "https://web.archive.org/save/https://www.example.com?waked_iurl=https://athleticgreatscientists--five-nine.repl.co/index.php/itall_ind.html&of=pastebin.com&scope=partial,incomplete&title=partial index of pastebin.com pastes saved to the wayback machine"
8. to make my partial index of pastebin.com pastes that are saved to the wayback machine accessible to the waked system.
9.  
10.  
11. The potential of this is so enormous, if anyone wants to save anything they've posted on any social media to the waked system, all it has to do is archive https://www.example.com?waked_url=[url of post]&type=postsave
12.  
13. Also, we can add &title= and &tags= parameters to the query string and we can add even more parameter to represent data if we want to, I've finally figured out how to use the Wayback Machine as an only-writeable-once SQL server.
14.  
15. Add the &of= parameter for what indexes are an index of.
16.  
17.  
18. But what can I do to prevent people from spamming this system with junk data that aren't actual posts?
19. (by spam I don't mean garbage social media posts I mean data that is meant to flood the waked system and slow it down like weird type of denial of service attack).
20.  
21.  
22. Because the wayback machine is inherently slow, it is strongly advised to make components of the waked system upload content to other servers like this one, streamable.com, ibb.co, and similar sites and then archive indexes of multiple uploads.
23.  
24. */
25.  
26. self.corsp_={"keys":["Service","url_prefix","cors_url_modify","SSL","status","Response Type","Allowed methods","Allowed headers","Exposed headers","Follow redirect","Streamable","WebSocket","Upload limit","Download limit","Country code","Comments"],
27.  
28.  
29. "values":[
30.  
31. ["CORS bridged","https://cors.bridged.cc/","none",true,"Mirrored",["raw"],"*","All but expect Forbidden headers","?","?","?","?","16mb/request","?","US (CA)","https://medium.com/bridgedxyz/cors-anywhere-for-everyone-free-reliable-cors-proxy-service-73507192714e  Blog for docs & Testing"],
32.  
33.  
34. /*
35. //don't abuse service
36.  
37. ["cors-anywhere","https://cors-anywhere.herokuapp.com/","none",true,"Mirrored",["raw"],"*","*","*","Up to 5x","?","?","?","?","US","Require Origin header"],
38.  
39. ["<a href=\"https://github.com/Rob--W/cors-anywhere\">cors-anywhere @ glitch</a>","https://cors-anywhere.herokuapp.com/","none",true,"Mirrored",["raw"],"?","?","?","?","?","?","?","?","?","<a href=\"https://glitch.com/~cors-anywhere\" rel=\"nofollow\">source</a>"],
40. */
41.  
42. ["thingproxy","https://thingproxy.freeboard.io/fetch/","none",true,"?",["?"],"*","?","?","?","?","?","100kb","100kb","US","Max 10 req/sec"],
43.  
44. ["Whatever Origin","'http://www.whateverorigin.org/get?url=","encodeURIComponent",false,false,["jsonp"],"GET","None","None","?",false,false,"?","?","US",""],
45.  
46. ["Go Between","?isdead?","?",true,"?",["?"],"?","?","?","?","?","?","?","?","?",""],
47.  
48. ["goxcors","https://goxcors.appspot.com/","?",true,"Allways 200",["raw"],"*","*","None",true,"?","?","?","?","US","\n                                   POST type is limited to x-www-form-urlencoded<br>\n                                   Have a werd api<br>\n                                   Response Type is Allways text/html\n                                 "],
49.  
50. ["YaCDN","https://yacdn.org/proxy/","none",true,"Not mirrored",["raw"],"GET","None",false,"Up to 22x","?","?","?","?","FR","CDN, ignores browsers headers"],
51.  
52. ["All Origins","https://api.allorigins.win/get?url=","encodeURIComponent",true,"Only code in json",["json","jsonp","raw"],"*",false,"None",true,"?","?","?","?","US","When using raw you loose status information"],
53.  
54. /* //don't abuse service
55. ["Cloudflare Cors Anywhere","https://test.cors.workers.dev/?","none",true,"Only code mirror (not statusText)",["raw"],"*","All but expect Forbidden headers","none",true,false,"?","none","none","?","100,000 requests/day 1,000 requests/10 minutes"],
56. */
57.  
58. ["CORS Hack","https://corsh.jsub.workers.dev/proxy/","none",true,"Only code mirror (not statusText)",["raw"],"*","All but expect Forbidden headers","none",true,false,"?","none","none","?","100,000 requests/day 2 requests/3 seconds"],
59.  
60. ["JSONProxy","https://jsonp.afeld.me/?url=","encodeURIComponent",true,"?",["jsonp","raw"],"GET","?","?","?","?","?","?","?","?",""]
61.  
62. ]};
63.  
64.  
65. //may split this file in 2 right here
66.  
67. //scan >> use document.write, form.submit, MediaElement.src=, anything that causes something on the page to be loaded, to scan for media and scan for upload APIs, also use javascript function chains, if a function sets the src of a media element, then find all instances where that function is called, all arguments that are passed to it and external variables accessed within it, follow the function call stack and the argument sources to decode complex web apps.
68.  
69.  
70.  
71.  
72. /*
73. //extracting scripts from saved page (need JScrawl):
74. scrps1=JScrawl.XrakScrps(xhr1.response);
75.  
76. self.ins=[];
77. self.i=0;
78. while(i<scrps1.length){ if(scrps1[i].innerHTML.length>2) ins.push(scrps1[i]); i++; }*
79.  
80. */
81.  
82.  
83.  
84.  
85.  
86. //self.ldifr=document.createElement("iframe"); //need?
87.  
88. var xhr1=new XMLHttpRequest(),xhr2=new XMLHttpRequest(),xhrpend=[]
89. doXHR=function(url,callback,method){
90.  
91. },
92. xondone=function(e){
93. };
94.  
95. xhr1.addEventListener("load",xondone);
96. xhr2.addEventListener("load",xondone);
97.  
98. doXHR("https://archive.ph/https://www.example.com/?waked_*",function(r,u){
99.  
100. });
101.  
102.