Draft because @gitlimes wants me to change this due to some security concerns
PR makes changes to the AIMessageProcessor class to increase the thresholds, as well as adds the ability for Bandwidth to scrub and convert common proxy server dumps
The changes made to the AIMessageProcessor are done because Bandwidth's AI is still not perfect, and would result in false positives. Setting the thresholds to perfect scores essentially disables the feature for now until we have time to sit down and improve it. These changes were already in Bandwidth by changing the values on the server with nano, this just brings them into the repo now
Bandwidth now scans messages for attachments containing common proxy server dumps. It does this via the attachments extension. Bandwidth will then download said file and use the charles CLI tool to convert them into JSON summaries, scrub them of personal information and then upload them again converted to HAR
The following data is removed
Headers
authorization
x-nintendo-serial-number
x-nintendo-device-cert
x-nintendo-servicetoken
account.nintendo.net / account.pretendo.cc
/v1/api/oauth20/access_token/generate
password from the request
refresh_token from the request
token from the response
refresh_token from the response
/v1/api/people/@me/profile
Email address from the response
Birthday from the response
/v1/api/provider/service_token/@me
token from the response
/v1/api/provider/nex_token/@me
token from the response
nex_password from the response
nasc.nintendowifi.net / nasc.pretendo.cc
/ac
fcdcert from the request. Contains your LocalFriendCodeSeed_B
csnum from the request. Serial number
macadr from the request. MAC address
bssid from the request
passwd from the request. This is the NEX password the console wants to use. Only sent when the console is registering a new NEX account (like after a factory reset)
token from the response. Only seen if requesting a NEX token
servicetoken from the response. Only seen if requesting a service token
Draft because @gitlimes wants me to change this due to some security concerns
PR makes changes to the
AIMessageProcessor
class to increase the thresholds, as well as adds the ability for Bandwidth to scrub and convert common proxy server dumpsThe changes made to the
AIMessageProcessor
are done because Bandwidth's AI is still not perfect, and would result in false positives. Setting the thresholds to perfect scores essentially disables the feature for now until we have time to sit down and improve it. These changes were already in Bandwidth by changing the values on the server withnano
, this just brings them into the repo nowBandwidth now scans messages for attachments containing common proxy server dumps. It does this via the attachments extension. Bandwidth will then download said file and use the
charles
CLI tool to convert them into JSON summaries, scrub them of personal information and then upload them again converted to HARThe following data is removed
Headers
authorization
x-nintendo-serial-number
x-nintendo-device-cert
x-nintendo-servicetoken
account.nintendo.net / account.pretendo.cc
/v1/api/oauth20/access_token/generate
password
from the requestrefresh_token
from the requesttoken
from the responserefresh_token
from the response/v1/api/people/@me/profile
/v1/api/provider/service_token/@me
token
from the response/v1/api/provider/nex_token/@me
token
from the responsenex_password
from the responsenasc.nintendowifi.net / nasc.pretendo.cc
/ac
fcdcert
from the request. Contains your LocalFriendCodeSeed_Bcsnum
from the request. Serial numbermacadr
from the request. MAC addressbssid
from the requestpasswd
from the request. This is the NEX password the console wants to use. Only sent when the console is registering a new NEX account (like after a factory reset)token
from the response. Only seen if requesting a NEX tokenservicetoken
from the response. Only seen if requesting a service token