Delta Between Two Patch Sets: lib/csp.js
Issue 29680696:
[$csp4 adblockpluschrome] Issue 5241 - Add support for Content Security Policy filters (Closed)
Left Patch Set: Use extractHostFromFrame and attempt to match $csp exceptions non-recursively
Created March 16, 2018, 12:43 p.m.
Right Patch Set: Rebased
Created March 26, 2018, 6:22 p.m.
| Left: | ||
| Right: |
Use n/p to move between diff chunks;
N/P to move between comments.
« no previous file with change/comment
|
« dependencies ('k')
|
lib/devtools.js » ('j')
|
no next file with change/comment »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')
| LEFT | RIGHT |
|---|---|
| 1 /* | 1 /* |
| 2 * This file is part of Adblock Plus <https://adblockplus.org/>, | 2 * This file is part of Adblock Plus <https://adblockplus.org/>, |
| 3 * Copyright (C) 2006-present eyeo GmbH | 3 * Copyright (C) 2006-present eyeo GmbH |
| 4 * | 4 * |
| 5 * Adblock Plus is free software: you can redistribute it and/or modify | 5 * Adblock Plus is free software: you can redistribute it and/or modify |
| 6 * it under the terms of the GNU General Public License version 3 as | 6 * it under the terms of the GNU General Public License version 3 as |
| 7 * published by the Free Software Foundation. | 7 * published by the Free Software Foundation. |
| 8 * | 8 * |
| 9 * Adblock Plus is distributed in the hope that it will be useful, | 9 * Adblock Plus is distributed in the hope that it will be useful, |
| 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of | 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 12 * GNU General Public License for more details. | 12 * GNU General Public License for more details. |
| 13 * | 13 * |
| 14 * You should have received a copy of the GNU General Public License | 14 * You should have received a copy of the GNU General Public License |
| 15 * along with Adblock Plus. If not, see <http://www.gnu.org/licenses/>. | 15 * along with Adblock Plus. If not, see <http://www.gnu.org/licenses/>. |
| 16 */ | 16 */ |
| 17 | 17 |
| 18 "use strict"; | 18 "use strict"; |
| 19 | 19 |
| 20 const {defaultMatcher} = require("matcher"); | 20 const {defaultMatcher} = require("matcher"); |
| 21 const {BlockingFilter, RegExpFilter} = require("filterClasses"); | 21 const {RegExpFilter, WhitelistFilter} = require("filterClasses"); |
| 22 const {extractHostFromFrame, getDecodedHostname, | 22 const {extractHostFromFrame, getDecodedHostname, |
| 23 isThirdParty, stringifyURL} = require("url"); | 23 isThirdParty, stringifyURL} = require("url"); |
| 24 const {checkWhitelisted} = require("whitelisting"); | 24 const {checkWhitelisted} = require("whitelisting"); |
| 25 const {FilterNotifier} = require("filterNotifier"); | 25 const {FilterNotifier} = require("filterNotifier"); |
| 26 const devtools = require("devtools"); | 26 const devtools = require("devtools"); |
| 27 | 27 |
| 28 const {typeMap} = RegExpFilter; | 28 const {typeMap} = RegExpFilter; |
| 29 | 29 |
| 30 browser.webRequest.onHeadersReceived.addListener(details => | 30 browser.webRequest.onHeadersReceived.addListener(details => |
| 31 { | 31 { |
| 32 let url = new URL(details.url); | 32 let url = new URL(details.url); |
| 33 let urlString = stringifyURL(url); | 33 let urlString = stringifyURL(url); |
| 34 | 34 let parentFrame = ext.getFrame(details.tabId, details.parentFrameId); |
| 35 let parentFrame = details.parentFrameId != -1 && | 35 let hostname = extractHostFromFrame(parentFrame) || getDecodedHostname(url); |
| 36 ext.getFrame(details.tabId, details.parentFrameId); | 36 let thirdParty = isThirdParty(url, hostname); |
| 37 let hostname = extractHostFromFrame(parentFrame); | |
| 38 let thirdParty = false; | |
| 39 if (hostname) | |
| 40 thirdParty = isThirdParty(url, hostname); | |
| 41 else | |
| 42 hostname = getDecodedHostname(url); | |
|
Sebastian Noack
2018/03/16 23:52:38
Is this micro-optimization worth it? Otherwise, th
kzar
2018/03/19 14:41:30
Done.
| |
| 43 | 37 |
| 44 let cspMatch = defaultMatcher.matchesAny(urlString, typeMap.CSP, hostname, | 38 let cspMatch = defaultMatcher.matchesAny(urlString, typeMap.CSP, hostname, |
| 45 thirdParty, null, false); | 39 thirdParty, null, false); |
| 46 if (cspMatch) | 40 if (cspMatch) |
| 47 { | 41 { |
| 48 let page = new ext.Page({id: details.tabId, url: details.url}); | 42 let page = new ext.Page({id: details.tabId, url: details.url}); |
| 49 let frame = ext.getFrame(details.tabId, details.frameId); | 43 let frame = ext.getFrame(details.tabId, details.frameId); |
| 50 | 44 |
| 45 if (checkWhitelisted(page, frame)) | |
| 46 return; | |
| 47 | |
| 51 // To avoid an extra matchesAny for the common case we assumed no | 48 // To avoid an extra matchesAny for the common case we assumed no |
| 52 // $genericblock filters applied when searching for a matching $csp filter. | 49 // $genericblock filters applied when searching for a matching $csp filter. |
| 53 // We must now pay the price by first checking for a $genericblock filter | 50 // We must now pay the price by first checking for a $genericblock filter |
| 54 // and if necessary that our $csp filter is specific. | 51 // and if necessary that our $csp filter is specific. |
| 55 let specificOnly = checkWhitelisted(page, frame, typeMap.GENERICBLOCK); | 52 let specificOnly = !!checkWhitelisted(page, frame, typeMap.GENERICBLOCK); |
| 56 if (specificOnly) | 53 if (specificOnly) |
| 57 { | 54 { |
| 58 cspMatch = defaultMatcher.matchesAny(urlString, typeMap.CSP, hostname, | 55 cspMatch = defaultMatcher.matchesAny(urlString, typeMap.CSP, hostname, |
| 59 thirdParty, null, specificOnly); | 56 thirdParty, null, specificOnly); |
| 60 if (!cspMatch) | 57 if (!cspMatch) |
| 61 return; | 58 return; |
| 62 } | 59 } |
| 63 | 60 |
| 64 devtools.logRequest(page, urlString, "CSP", hostname, thirdParty, null, | 61 devtools.logRequest(page, urlString, "CSP", hostname, thirdParty, null, |
| 65 specificOnly, cspMatch); | 62 specificOnly, cspMatch); |
| 63 FilterNotifier.emit("filter.hitCount", cspMatch, 0, 0, page); | |
| 66 | 64 |
| 67 if (checkWhitelisted(page, frame)) | 65 if (cspMatch instanceof WhitelistFilter) |
|
Sebastian Noack
2018/03/16 23:52:39
Why not doing this check earlier?
kzar
2018/03/19 14:41:30
Done.
| |
| 68 return; | 66 return; |
| 69 | |
| 70 FilterNotifier.emit("filter.hitCount", cspMatch, 0, 0, page); | |
| 71 | 67 |
| 72 details.responseHeaders.push({ | 68 details.responseHeaders.push({ |
|
Sebastian Noack
2018/03/16 23:52:38
It seems this code path is reached if cspMatch is
kzar
2018/03/19 14:41:30
Done.
| |
| 73 name: "Content-Security-Policy", | 69 name: "Content-Security-Policy", |
| 74 value: cspMatch.csp | 70 value: cspMatch.csp |
| 75 }); | 71 }); |
| 76 | 72 |
| 77 return {responseHeaders: details.responseHeaders}; | 73 return {responseHeaders: details.responseHeaders}; |
| 78 } | 74 } |
| 79 }, { | 75 }, { |
| 80 urls: ["http://*/*", "https://*/*"], | 76 urls: ["http://*/*", "https://*/*"], |
| 81 types: ["main_frame", "sub_frame"] | 77 types: ["main_frame", "sub_frame"] |
| 82 }, ["blocking", "responseHeaders"]); | 78 }, ["blocking", "responseHeaders"]); |
| LEFT | RIGHT |
« dependencies ('k')
|
lib/devtools.js » ('j')
|
Toggle Intra-line Diffs ('i')
|
Expand Comments ('e')
|
Collapse Comments ('c')
|
Toggle Comments ('s')
