Left: | ||
Right: |
LEFT | RIGHT |
---|---|
1 /* | 1 /* |
2 * This file is part of Adblock Plus <https://adblockplus.org/>, | 2 * This file is part of Adblock Plus <https://adblockplus.org/>, |
3 * Copyright (C) 2006-present eyeo GmbH | 3 * Copyright (C) 2006-present eyeo GmbH |
4 * | 4 * |
5 * Adblock Plus is free software: you can redistribute it and/or modify | 5 * Adblock Plus is free software: you can redistribute it and/or modify |
6 * it under the terms of the GNU General Public License version 3 as | 6 * it under the terms of the GNU General Public License version 3 as |
7 * published by the Free Software Foundation. | 7 * published by the Free Software Foundation. |
8 * | 8 * |
9 * Adblock Plus is distributed in the hope that it will be useful, | 9 * Adblock Plus is distributed in the hope that it will be useful, |
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of | 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of |
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
12 * GNU General Public License for more details. | 12 * GNU General Public License for more details. |
13 * | 13 * |
14 * You should have received a copy of the GNU General Public License | 14 * You should have received a copy of the GNU General Public License |
15 * along with Adblock Plus. If not, see <http://www.gnu.org/licenses/>. | 15 * along with Adblock Plus. If not, see <http://www.gnu.org/licenses/>. |
16 */ | 16 */ |
17 | 17 |
18 "use strict"; | 18 "use strict"; |
19 | 19 |
20 const {defaultMatcher} = require("matcher"); | 20 const {defaultMatcher} = require("matcher"); |
21 const {BlockingFilter, RegExpFilter} = require("filterClasses"); | 21 const {RegExpFilter, WhitelistFilter} = require("filterClasses"); |
22 const {extractHostFromFrame, getDecodedHostname, | 22 const {extractHostFromFrame, getDecodedHostname, |
23 isThirdParty, stringifyURL} = require("url"); | 23 isThirdParty, stringifyURL} = require("url"); |
24 const {checkWhitelisted} = require("whitelisting"); | 24 const {checkWhitelisted} = require("whitelisting"); |
25 const {FilterNotifier} = require("filterNotifier"); | 25 const {FilterNotifier} = require("filterNotifier"); |
26 const devtools = require("devtools"); | 26 const devtools = require("devtools"); |
27 | 27 |
28 const {typeMap} = RegExpFilter; | 28 const {typeMap} = RegExpFilter; |
29 | 29 |
30 browser.webRequest.onHeadersReceived.addListener(details => | 30 browser.webRequest.onHeadersReceived.addListener(details => |
31 { | 31 { |
32 let url = new URL(details.url); | 32 let url = new URL(details.url); |
33 let urlString = stringifyURL(url); | 33 let urlString = stringifyURL(url); |
34 | 34 let parentFrame = ext.getFrame(details.tabId, details.parentFrameId); |
35 let parentFrame = details.parentFrameId != -1 && | 35 let hostname = extractHostFromFrame(parentFrame) || getDecodedHostname(url); |
36 ext.getFrame(details.tabId, details.parentFrameId); | 36 let thirdParty = isThirdParty(url, hostname); |
37 let hostname = extractHostFromFrame(parentFrame); | |
38 let thirdParty = false; | |
39 if (hostname) | |
40 thirdParty = isThirdParty(url, hostname); | |
41 else | |
42 hostname = getDecodedHostname(url); | |
Sebastian Noack
2018/03/16 23:52:38
Is this micro-optimization worth it? Otherwise, th
kzar
2018/03/19 14:41:30
Done.
| |
43 | 37 |
44 let cspMatch = defaultMatcher.matchesAny(urlString, typeMap.CSP, hostname, | 38 let cspMatch = defaultMatcher.matchesAny(urlString, typeMap.CSP, hostname, |
45 thirdParty, null, false); | 39 thirdParty, null, false); |
46 if (cspMatch) | 40 if (cspMatch) |
47 { | 41 { |
48 let page = new ext.Page({id: details.tabId, url: details.url}); | 42 let page = new ext.Page({id: details.tabId, url: details.url}); |
49 let frame = ext.getFrame(details.tabId, details.frameId); | 43 let frame = ext.getFrame(details.tabId, details.frameId); |
50 | 44 |
45 if (checkWhitelisted(page, frame)) | |
46 return; | |
47 | |
51 // To avoid an extra matchesAny for the common case we assumed no | 48 // To avoid an extra matchesAny for the common case we assumed no |
52 // $genericblock filters applied when searching for a matching $csp filter. | 49 // $genericblock filters applied when searching for a matching $csp filter. |
53 // We must now pay the price by first checking for a $genericblock filter | 50 // We must now pay the price by first checking for a $genericblock filter |
54 // and if necessary that our $csp filter is specific. | 51 // and if necessary that our $csp filter is specific. |
55 let specificOnly = checkWhitelisted(page, frame, typeMap.GENERICBLOCK); | 52 let specificOnly = !!checkWhitelisted(page, frame, typeMap.GENERICBLOCK); |
56 if (specificOnly) | 53 if (specificOnly) |
57 { | 54 { |
58 cspMatch = defaultMatcher.matchesAny(urlString, typeMap.CSP, hostname, | 55 cspMatch = defaultMatcher.matchesAny(urlString, typeMap.CSP, hostname, |
59 thirdParty, null, specificOnly); | 56 thirdParty, null, specificOnly); |
60 if (!cspMatch) | 57 if (!cspMatch) |
61 return; | 58 return; |
62 } | 59 } |
63 | 60 |
64 devtools.logRequest(page, urlString, "CSP", hostname, thirdParty, null, | 61 devtools.logRequest(page, urlString, "CSP", hostname, thirdParty, null, |
65 specificOnly, cspMatch); | 62 specificOnly, cspMatch); |
63 FilterNotifier.emit("filter.hitCount", cspMatch, 0, 0, page); | |
66 | 64 |
67 if (checkWhitelisted(page, frame)) | 65 if (cspMatch instanceof WhitelistFilter) |
Sebastian Noack
2018/03/16 23:52:39
Why not doing this check earlier?
kzar
2018/03/19 14:41:30
Done.
| |
68 return; | 66 return; |
69 | |
70 FilterNotifier.emit("filter.hitCount", cspMatch, 0, 0, page); | |
71 | 67 |
72 details.responseHeaders.push({ | 68 details.responseHeaders.push({ |
Sebastian Noack
2018/03/16 23:52:38
It seems this code path is reached if cspMatch is
kzar
2018/03/19 14:41:30
Done.
| |
73 name: "Content-Security-Policy", | 69 name: "Content-Security-Policy", |
74 value: cspMatch.csp | 70 value: cspMatch.csp |
75 }); | 71 }); |
76 | 72 |
77 return {responseHeaders: details.responseHeaders}; | 73 return {responseHeaders: details.responseHeaders}; |
78 } | 74 } |
79 }, { | 75 }, { |
80 urls: ["http://*/*", "https://*/*"], | 76 urls: ["http://*/*", "https://*/*"], |
81 types: ["main_frame", "sub_frame"] | 77 types: ["main_frame", "sub_frame"] |
82 }, ["blocking", "responseHeaders"]); | 78 }, ["blocking", "responseHeaders"]); |
LEFT | RIGHT |