Closed smashah closed 4 years ago
This will be available in the upcoming version. However, it will happen on the browser and the code to implement it will be obfuscated so that it cannot be commented out.
It will send up to 3 messages:
1 will always be sent.
2 & 3 will only be sent when bypassCSP
is set to true
(https://open-wa.github.io/wa-automate-nodejs/interfaces/configobject.html#bypasscsp) as 2 and 3 make requests to an IP identification service ('https://api.ipify.org/?format=json') and an IP geolocation service.
By default, bypassCSP
is false
, meaning the IP request will fail with a CORS error:
Refused to connect to 'https://api.ipify.org/?format=json' because it violates the following Content Security Policy directive: "connect-src 'self' data: blob: https://*.whatsapp.net https://www.facebook.com https://*.giphy.com https://*.tenor.co https://crashlogs.whatsapp.net/wa_clb_data https://crashlogs.whatsapp.net/wa_fls_upload_check https://www.bingapis.com/api/v6/images/search https://*.google-analytics.com wss://*.web.whatsapp.com wss://web.whatsapp.com https://dyn.web.whatsapp.com".
This is normal and can be ignored.
Implemented in v2.0.0 f8ed576
@github-actions run
Time for more languages? :D
This will prevent any clandestine access to accounts without the knowledge of the host account owner.