2014-06-24 00:42:43 +02:00
|
|
|
/*******************************************************************************
|
|
|
|
|
|
2016-03-22 15:19:41 +01:00
|
|
|
uBlock Origin - a browser extension to block requests.
|
2018-09-01 00:47:02 +02:00
|
|
|
Copyright (C) 2014-present Raymond Hill
|
2014-06-24 00:42:43 +02:00
|
|
|
|
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
|
|
|
it under the terms of the GNU General Public License as published by
|
|
|
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
|
|
|
(at your option) any later version.
|
|
|
|
|
|
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
GNU General Public License for more details.
|
|
|
|
|
|
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
|
|
|
along with this program. If not, see {http://www.gnu.org/licenses/}.
|
|
|
|
|
|
|
|
|
|
Home: https://github.com/gorhill/uBlock
|
|
|
|
|
*/
|
|
|
|
|
|
2016-07-01 04:03:29 +02:00
|
|
|
'use strict';
|
2014-06-24 00:42:43 +02:00
|
|
|
|
|
|
|
|
/******************************************************************************/
|
|
|
|
|
|
|
|
|
|
// Start isolation from global scope
|
|
|
|
|
|
|
|
|
|
µBlock.webRequest = (function() {
|
|
|
|
|
|
|
|
|
|
/******************************************************************************/
|
|
|
|
|
|
2018-05-16 17:50:50 +02:00
|
|
|
// Platform-specific behavior.
|
|
|
|
|
|
|
|
|
|
// https://github.com/uBlockOrigin/uBlock-issues/issues/42
|
|
|
|
|
// https://bugzilla.mozilla.org/show_bug.cgi?id=1376932
|
|
|
|
|
// Add proper version number detection once issue is fixed in Firefox.
|
|
|
|
|
let dontCacheResponseHeaders =
|
|
|
|
|
vAPI.webextFlavor.soup.has('firefox');
|
|
|
|
|
|
|
|
|
|
// https://github.com/gorhill/uMatrix/issues/967#issuecomment-373002011
|
|
|
|
|
// This can be removed once Firefox 60 ESR is released.
|
|
|
|
|
let cantMergeCSPHeaders =
|
|
|
|
|
vAPI.webextFlavor.soup.has('firefox') && vAPI.webextFlavor.major < 59;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// The real actual webextFlavor value may not be set in stone, so listen
|
|
|
|
|
// for possible future changes.
|
|
|
|
|
window.addEventListener('webextFlavor', function() {
|
|
|
|
|
dontCacheResponseHeaders =
|
|
|
|
|
vAPI.webextFlavor.soup.has('firefox');
|
|
|
|
|
cantMergeCSPHeaders =
|
2018-12-13 18:30:54 +01:00
|
|
|
vAPI.webextFlavor.soup.has('firefox') &&
|
|
|
|
|
vAPI.webextFlavor.major < 59;
|
2018-05-16 17:50:50 +02:00
|
|
|
}, { once: true });
|
|
|
|
|
|
|
|
|
|
/******************************************************************************/
|
|
|
|
|
|
2014-07-26 15:55:12 +02:00
|
|
|
// Intercept and filter web requests.
|
2014-07-14 17:24:59 +02:00
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const onBeforeRequest = function(details) {
|
|
|
|
|
const fctxt = µBlock.filteringContext.fromWebrequestDetails(details);
|
|
|
|
|
|
2014-07-26 01:29:51 +02:00
|
|
|
// Special handling for root document.
|
2015-04-07 03:26:05 +02:00
|
|
|
// https://github.com/chrisaljoudi/uBlock/issues/1001
|
2015-03-13 14:48:10 +01:00
|
|
|
// This must be executed regardless of whether the request is
|
|
|
|
|
// behind-the-scene
|
2018-12-13 18:30:54 +01:00
|
|
|
if ( details.type === 'main_frame' ) {
|
|
|
|
|
return onBeforeRootFrameRequest(fctxt);
|
2014-07-14 17:24:59 +02:00
|
|
|
}
|
|
|
|
|
|
2015-03-13 14:48:10 +01:00
|
|
|
// Special treatment: behind-the-scene requests
|
2018-12-13 18:30:54 +01:00
|
|
|
const tabId = details.tabId;
|
|
|
|
|
if ( tabId < 0 ) {
|
|
|
|
|
return onBeforeBehindTheSceneRequest(fctxt);
|
2015-03-13 14:48:10 +01:00
|
|
|
}
|
|
|
|
|
|
2014-07-26 01:29:51 +02:00
|
|
|
// Lookup the page store associated with this tab id.
|
2018-12-13 18:30:54 +01:00
|
|
|
const µb = µBlock;
|
|
|
|
|
let pageStore = µb.pageStoreFromTabId(tabId);
|
|
|
|
|
if ( pageStore === null ) {
|
|
|
|
|
const tabContext = µb.tabContextManager.mustLookup(tabId);
|
|
|
|
|
if ( tabContext.tabId < 0 ) {
|
|
|
|
|
return onBeforeBehindTheSceneRequest(fctxt);
|
2015-03-13 14:48:10 +01:00
|
|
|
}
|
2018-12-13 18:30:54 +01:00
|
|
|
vAPI.tabs.onNavigation({ tabId, frameId: 0, url: tabContext.rawURL });
|
2015-04-09 00:46:08 +02:00
|
|
|
pageStore = µb.pageStoreFromTabId(tabId);
|
2014-07-14 20:40:40 +02:00
|
|
|
}
|
2014-07-15 13:38:34 +02:00
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const result = pageStore.filterRequest(fctxt);
|
2014-07-30 07:05:35 +02:00
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
pageStore.journalAddRequest(fctxt.getHostname(), result);
|
|
|
|
|
|
|
|
|
|
if ( µb.logger.enabled ) {
|
|
|
|
|
fctxt.setRealm('net').toLogger();
|
2015-06-05 01:27:03 +02:00
|
|
|
}
|
2015-04-09 00:46:08 +02:00
|
|
|
|
2014-09-14 22:20:40 +02:00
|
|
|
// Not blocked
|
2017-05-12 16:35:11 +02:00
|
|
|
if ( result !== 1 ) {
|
2018-12-13 18:30:54 +01:00
|
|
|
if ( details.parentFrameId !== -1 && details.type === 'sub_frame' ) {
|
|
|
|
|
pageStore.setFrame(details.frameId, details.url);
|
2014-08-06 01:35:32 +02:00
|
|
|
}
|
2014-07-14 17:24:59 +02:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-26 01:29:51 +02:00
|
|
|
// Blocked
|
2014-12-23 00:38:18 +01:00
|
|
|
|
2015-11-23 13:52:50 +01:00
|
|
|
// https://github.com/gorhill/uBlock/issues/949
|
2018-12-13 18:30:54 +01:00
|
|
|
// Redirect blocked request?
|
2016-11-03 16:20:47 +01:00
|
|
|
if ( µb.hiddenSettings.ignoreRedirectFilters !== true ) {
|
2018-12-13 18:30:54 +01:00
|
|
|
const url = µb.redirectEngine.toURL(fctxt);
|
2016-11-03 16:20:47 +01:00
|
|
|
if ( url !== undefined ) {
|
|
|
|
|
pageStore.internalRedirectionCount += 1;
|
2018-12-13 18:30:54 +01:00
|
|
|
if ( µb.logger.enabled ) {
|
|
|
|
|
fctxt.setRealm('redirect')
|
|
|
|
|
.setFilter({ source: 'redirect', raw: µb.redirectEngine.resourceNameRegister })
|
|
|
|
|
.toLogger();
|
2016-11-03 16:20:47 +01:00
|
|
|
}
|
|
|
|
|
return { redirectUrl: url };
|
2016-01-07 23:30:56 +01:00
|
|
|
}
|
2015-11-23 13:52:50 +01:00
|
|
|
}
|
2014-07-14 17:24:59 +02:00
|
|
|
|
2015-03-26 00:28:22 +01:00
|
|
|
return { cancel: true };
|
2014-07-14 17:24:59 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/******************************************************************************/
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const onBeforeRootFrameRequest = function(fctxt) {
|
|
|
|
|
const µb = µBlock;
|
|
|
|
|
const requestURL = fctxt.url;
|
2015-03-26 00:28:22 +01:00
|
|
|
|
2015-03-21 21:52:35 +01:00
|
|
|
// Special handling for root document.
|
2015-04-07 03:26:05 +02:00
|
|
|
// https://github.com/chrisaljoudi/uBlock/issues/1001
|
2018-12-13 18:30:54 +01:00
|
|
|
// This must be executed regardless of whether the request is
|
|
|
|
|
// behind-the-scene
|
|
|
|
|
const requestHostname = fctxt.getHostname();
|
|
|
|
|
const logEnabled = µb.logger.enabled;
|
|
|
|
|
let result = 0,
|
|
|
|
|
logData;
|
2015-03-26 00:28:22 +01:00
|
|
|
|
2015-04-09 18:20:24 +02:00
|
|
|
// If the site is whitelisted, disregard strict blocking
|
|
|
|
|
if ( µb.getNetFilteringSwitch(requestURL) === false ) {
|
2017-05-12 16:35:11 +02:00
|
|
|
result = 2;
|
2018-12-13 18:30:54 +01:00
|
|
|
if ( logEnabled ) {
|
2017-05-12 16:35:11 +02:00
|
|
|
logData = { engine: 'u', result: 2, raw: 'whitelisted' };
|
|
|
|
|
}
|
2015-04-09 18:20:24 +02:00
|
|
|
}
|
|
|
|
|
|
2015-03-27 18:00:55 +01:00
|
|
|
// Permanently unrestricted?
|
2018-10-29 13:56:51 +01:00
|
|
|
if (
|
|
|
|
|
result === 0 &&
|
|
|
|
|
µb.sessionSwitches.evaluateZ('no-strict-blocking', requestHostname)
|
|
|
|
|
) {
|
2017-05-12 16:35:11 +02:00
|
|
|
result = 2;
|
2018-09-03 20:06:49 +02:00
|
|
|
if ( logEnabled ) {
|
|
|
|
|
logData = { engine: 'u', result: 2, raw: 'no-strict-blocking: ' + µb.sessionSwitches.z + ' true' };
|
2017-05-12 16:35:11 +02:00
|
|
|
}
|
2015-03-27 18:00:55 +01:00
|
|
|
}
|
|
|
|
|
|
2015-03-26 00:28:22 +01:00
|
|
|
// Temporarily whitelisted?
|
2018-12-13 18:30:54 +01:00
|
|
|
if ( result === 0 && strictBlockBypasser.isBypassed(requestHostname) ) {
|
2018-10-29 13:56:51 +01:00
|
|
|
result = 2;
|
|
|
|
|
if ( logEnabled ) {
|
|
|
|
|
logData = { engine: 'u', result: 2, raw: 'no-strict-blocking: true (temporary)' };
|
2015-04-09 18:20:24 +02:00
|
|
|
}
|
2015-03-21 21:52:35 +01:00
|
|
|
}
|
2015-03-26 00:28:22 +01:00
|
|
|
|
2015-07-13 14:49:58 +02:00
|
|
|
// Static filtering: We always need the long-form result here.
|
2018-12-13 18:30:54 +01:00
|
|
|
const snfe = µb.staticNetFilteringEngine;
|
2015-07-13 14:49:58 +02:00
|
|
|
|
|
|
|
|
// Check for specific block
|
2017-05-12 16:35:11 +02:00
|
|
|
if ( result === 0 ) {
|
2018-12-13 18:30:54 +01:00
|
|
|
result = snfe.matchStringExactType(fctxt, 'main_frame');
|
|
|
|
|
if ( result !== 0 || logEnabled ) {
|
2017-05-12 16:35:11 +02:00
|
|
|
logData = snfe.toLogData();
|
|
|
|
|
}
|
2015-07-13 14:49:58 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check for generic block
|
2017-05-12 16:35:11 +02:00
|
|
|
if ( result === 0 ) {
|
2018-12-13 18:30:54 +01:00
|
|
|
result = snfe.matchStringExactType(fctxt, 'no_type');
|
|
|
|
|
if ( result !== 0 || logEnabled ) {
|
2017-05-28 22:57:02 +02:00
|
|
|
logData = snfe.toLogData();
|
|
|
|
|
}
|
|
|
|
|
// https://github.com/chrisaljoudi/uBlock/issues/1128
|
|
|
|
|
// Do not block if the match begins after the hostname, except when
|
|
|
|
|
// the filter is specifically of type `other`.
|
|
|
|
|
// https://github.com/gorhill/uBlock/issues/490
|
|
|
|
|
// Removing this for the time being, will need a new, dedicated type.
|
|
|
|
|
if (
|
|
|
|
|
result === 1 &&
|
|
|
|
|
toBlockDocResult(requestURL, requestHostname, logData) === false
|
|
|
|
|
) {
|
|
|
|
|
result = 0;
|
|
|
|
|
logData = undefined;
|
2015-03-30 23:42:12 +02:00
|
|
|
}
|
2015-03-26 00:28:22 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Log
|
2018-12-13 18:30:54 +01:00
|
|
|
const pageStore = µb.bindTabToPageStats(fctxt.tabId, 'beforeRequest');
|
2015-03-26 00:28:22 +01:00
|
|
|
if ( pageStore ) {
|
2016-10-08 16:15:31 +02:00
|
|
|
pageStore.journalAddRootFrame('uncommitted', requestURL);
|
|
|
|
|
pageStore.journalAddRequest(requestHostname, result);
|
2015-03-26 00:28:22 +01:00
|
|
|
}
|
2015-06-05 01:27:03 +02:00
|
|
|
|
2017-05-12 16:35:11 +02:00
|
|
|
if ( logEnabled ) {
|
2018-12-13 18:30:54 +01:00
|
|
|
fctxt.setRealm('net').setFilter(logData).toLogger();
|
2015-06-05 01:27:03 +02:00
|
|
|
}
|
2015-03-26 00:28:22 +01:00
|
|
|
|
|
|
|
|
// Not blocked
|
2017-05-12 16:35:11 +02:00
|
|
|
if ( result !== 1 ) { return; }
|
2015-03-26 00:28:22 +01:00
|
|
|
|
2017-05-12 16:35:11 +02:00
|
|
|
// No log data means no strict blocking (because we need to report why
|
|
|
|
|
// the blocking occurs.
|
|
|
|
|
if ( logData === undefined ) { return; }
|
2015-06-12 01:33:30 +02:00
|
|
|
|
2015-03-26 00:28:22 +01:00
|
|
|
// Blocked
|
2018-12-13 18:30:54 +01:00
|
|
|
const query = btoa(JSON.stringify({
|
2015-03-26 00:28:22 +01:00
|
|
|
url: requestURL,
|
2015-03-30 19:10:29 +02:00
|
|
|
hn: requestHostname,
|
2018-12-13 18:30:54 +01:00
|
|
|
dn: fctxt.getDomain() || requestHostname,
|
2017-05-12 16:35:11 +02:00
|
|
|
fc: logData.compiled,
|
|
|
|
|
fs: logData.raw
|
2015-03-26 00:28:22 +01:00
|
|
|
}));
|
2015-03-27 18:00:55 +01:00
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
vAPI.tabs.replace(
|
|
|
|
|
fctxt.tabId,
|
|
|
|
|
vAPI.getURL('document-blocked.html?details=') + query
|
|
|
|
|
);
|
2015-03-27 18:00:55 +01:00
|
|
|
|
|
|
|
|
return { cancel: true };
|
2015-03-21 21:52:35 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/******************************************************************************/
|
|
|
|
|
|
2017-11-08 19:29:04 +01:00
|
|
|
// https://github.com/gorhill/uBlock/issues/3208
|
|
|
|
|
// Mind case insensitivity.
|
2017-11-09 21:46:25 +01:00
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const toBlockDocResult = function(url, hostname, logData) {
|
2017-11-09 21:46:25 +01:00
|
|
|
if ( typeof logData.regex !== 'string' ) { return false; }
|
2018-12-13 18:30:54 +01:00
|
|
|
const re = new RegExp(logData.regex, 'i');
|
|
|
|
|
const match = re.exec(url.toLowerCase());
|
2017-11-08 19:29:04 +01:00
|
|
|
if ( match === null ) { return false; }
|
2015-03-30 23:42:12 +02:00
|
|
|
|
2015-04-08 13:04:29 +02:00
|
|
|
// https://github.com/chrisaljoudi/uBlock/issues/1128
|
|
|
|
|
// https://github.com/chrisaljoudi/uBlock/issues/1212
|
|
|
|
|
// Relax the rule: verify that the match is completely before the path part
|
2017-11-09 21:46:25 +01:00
|
|
|
return (match.index + match[0].length) <=
|
|
|
|
|
(url.indexOf(hostname) + hostname.length + 1);
|
2015-03-30 23:42:12 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/******************************************************************************/
|
|
|
|
|
|
2016-10-14 16:06:34 +02:00
|
|
|
// Intercept and filter behind-the-scene requests.
|
|
|
|
|
|
2016-03-22 15:19:41 +01:00
|
|
|
// https://github.com/gorhill/uBlock/issues/870
|
|
|
|
|
// Finally, Chromium 49+ gained the ability to report network request of type
|
|
|
|
|
// `beacon`, so now we can block them according to the state of the
|
|
|
|
|
// "Disable hyperlink auditing/beacon" setting.
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const onBeforeBehindTheSceneRequest = function(fctxt) {
|
|
|
|
|
const µb = µBlock;
|
|
|
|
|
const pageStore = µb.pageStoreFromTabId(fctxt.tabId);
|
2018-02-26 19:59:16 +01:00
|
|
|
if ( pageStore === null ) { return; }
|
2016-10-14 16:06:34 +02:00
|
|
|
|
2016-10-17 15:37:59 +02:00
|
|
|
// https://bugs.chromium.org/p/chromium/issues/detail?id=637577#c15
|
|
|
|
|
// Do not filter behind-the-scene network request of type `beacon`: there
|
|
|
|
|
// is no point. In any case, this will become a non-issue once
|
|
|
|
|
// <https://bugs.chromium.org/p/chromium/issues/detail?id=522129> is
|
|
|
|
|
// fixed.
|
2015-01-24 18:06:22 +01:00
|
|
|
|
|
|
|
|
// Blocking behind-the-scene requests can break a lot of stuff: prevent
|
|
|
|
|
// browser updates, prevent extension updates, prevent extensions from
|
|
|
|
|
// working properly, etc.
|
2017-10-19 15:35:28 +02:00
|
|
|
// So we filter if and only if the "advanced user" mode is selected.
|
|
|
|
|
// https://github.com/gorhill/uBlock/issues/3150
|
|
|
|
|
// Ability to globally block CSP reports MUST also apply to
|
|
|
|
|
// behind-the-scene network requests.
|
2018-03-30 14:55:51 +02:00
|
|
|
|
|
|
|
|
// 2018-03-30:
|
|
|
|
|
// Filter all behind-the-scene network requests like any other network
|
|
|
|
|
// requests. Hopefully this will not break stuff as it used to be the
|
|
|
|
|
// case.
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
let result = 0;
|
2018-04-02 15:10:38 +02:00
|
|
|
|
2018-12-14 14:47:29 +01:00
|
|
|
// https://github.com/uBlockOrigin/uBlock-issues/issues/339
|
|
|
|
|
// Need to also test against `-scheme` since tabOrigin is normalized.
|
|
|
|
|
// Not especially elegant but for now this accomplishes the purpose of
|
|
|
|
|
// not dealing with network requests fired from a synthetic scope,
|
|
|
|
|
// that is unless advanced user mode is enabled.
|
|
|
|
|
|
2018-04-02 15:10:38 +02:00
|
|
|
if (
|
2018-12-14 14:47:29 +01:00
|
|
|
fctxt.tabOrigin.endsWith('-scheme') === false &&
|
2018-12-14 13:03:19 +01:00
|
|
|
µb.URI.isNetworkURI(fctxt.tabOrigin) ||
|
2018-04-02 15:10:38 +02:00
|
|
|
µb.userSettings.advancedUserEnabled ||
|
2018-12-13 18:30:54 +01:00
|
|
|
fctxt.type === 'csp_report'
|
2018-04-02 15:10:38 +02:00
|
|
|
) {
|
2018-12-13 18:30:54 +01:00
|
|
|
result = pageStore.filterRequest(fctxt);
|
2018-04-02 15:10:38 +02:00
|
|
|
|
|
|
|
|
// The "any-tab" scope is not whitelist-able, and in such case we must
|
|
|
|
|
// use the origin URL as the scope. Most such requests aren't going to
|
|
|
|
|
// be blocked, so we further test for whitelisting and modify the
|
|
|
|
|
// result only when the request is being blocked.
|
|
|
|
|
if (
|
|
|
|
|
result === 1 &&
|
2018-12-13 18:30:54 +01:00
|
|
|
µb.getNetFilteringSwitch(fctxt.tabOrigin) === false
|
2018-04-02 15:10:38 +02:00
|
|
|
) {
|
|
|
|
|
result = 2;
|
2018-12-13 18:30:54 +01:00
|
|
|
fctxt.filter = { engine: 'u', result: 2, raw: 'whitelisted' };
|
2018-04-02 15:10:38 +02:00
|
|
|
}
|
|
|
|
|
}
|
2015-01-24 18:06:22 +01:00
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
if ( µb.logger.enabled ) {
|
|
|
|
|
fctxt.setRealm('net').toLogger();
|
|
|
|
|
}
|
2016-07-01 04:03:29 +02:00
|
|
|
|
2017-05-28 19:32:08 +02:00
|
|
|
// Blocked?
|
|
|
|
|
if ( result === 1 ) {
|
2018-10-28 14:58:25 +01:00
|
|
|
return { cancel: true };
|
2017-05-28 19:32:08 +02:00
|
|
|
}
|
2015-01-24 18:06:22 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/******************************************************************************/
|
|
|
|
|
|
2017-10-18 21:00:22 +02:00
|
|
|
// https://github.com/gorhill/uBlock/issues/3140
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const onBeforeMaybeSpuriousCSPReport = (function() {
|
2018-10-28 14:58:25 +01:00
|
|
|
let textDecoder;
|
2017-10-18 21:00:22 +02:00
|
|
|
|
2018-10-28 14:58:25 +01:00
|
|
|
return function(details) {
|
2018-12-13 18:30:54 +01:00
|
|
|
const fctxt = µBlock.filteringContext.fromWebrequestDetails(details);
|
2017-10-18 21:00:22 +02:00
|
|
|
|
2018-10-28 14:58:25 +01:00
|
|
|
// Ignore behind-the-scene requests.
|
2018-12-13 18:30:54 +01:00
|
|
|
if ( fctxt.tabId < 0 ) { return; }
|
2017-10-18 21:00:22 +02:00
|
|
|
|
2018-10-28 14:58:25 +01:00
|
|
|
// Lookup the page store associated with this tab id.
|
2018-12-13 18:30:54 +01:00
|
|
|
const pageStore = µBlock.pageStoreFromTabId(fctxt.tabId);
|
2018-10-28 14:58:25 +01:00
|
|
|
if ( pageStore === null ) { return; }
|
2017-10-18 21:00:22 +02:00
|
|
|
|
2018-10-28 14:58:25 +01:00
|
|
|
// If uBO is disabled for the page, it can't possibly causes CSP
|
|
|
|
|
// reports to be triggered.
|
|
|
|
|
if ( pageStore.getNetFilteringSwitch() === false ) { return; }
|
2017-10-18 21:00:22 +02:00
|
|
|
|
2018-10-28 14:58:25 +01:00
|
|
|
// A resource was redirected to a neutered one?
|
|
|
|
|
// TODO: mind injected scripts/styles as well.
|
|
|
|
|
if ( pageStore.internalRedirectionCount === 0 ) { return; }
|
2017-10-18 21:00:22 +02:00
|
|
|
|
|
|
|
|
if (
|
2018-10-28 14:58:25 +01:00
|
|
|
textDecoder === undefined &&
|
|
|
|
|
typeof self.TextDecoder === 'function'
|
2017-10-18 21:00:22 +02:00
|
|
|
) {
|
2018-10-28 14:58:25 +01:00
|
|
|
textDecoder = new TextDecoder();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Find out whether the CSP report is a potentially spurious CSP report.
|
|
|
|
|
// If from this point on we are unable to parse the CSP report data,
|
|
|
|
|
// the safest assumption to protect users is to assume the CSP report
|
|
|
|
|
// is spurious.
|
|
|
|
|
if (
|
|
|
|
|
textDecoder !== undefined &&
|
|
|
|
|
details.method === 'POST'
|
|
|
|
|
) {
|
2018-12-13 18:30:54 +01:00
|
|
|
const raw = details.requestBody && details.requestBody.raw;
|
2018-10-28 14:58:25 +01:00
|
|
|
if (
|
|
|
|
|
Array.isArray(raw) &&
|
|
|
|
|
raw.length !== 0 &&
|
|
|
|
|
raw[0] instanceof Object &&
|
|
|
|
|
raw[0].bytes instanceof ArrayBuffer
|
|
|
|
|
) {
|
|
|
|
|
let data;
|
|
|
|
|
try {
|
|
|
|
|
data = JSON.parse(textDecoder.decode(raw[0].bytes));
|
|
|
|
|
} catch (ex) {
|
|
|
|
|
}
|
|
|
|
|
if ( data instanceof Object ) {
|
2018-12-13 18:30:54 +01:00
|
|
|
const report = data['csp-report'];
|
2018-10-28 14:58:25 +01:00
|
|
|
if ( report instanceof Object ) {
|
2018-12-13 18:30:54 +01:00
|
|
|
const blocked =
|
|
|
|
|
report['blocked-uri'] || report['blockedURI'];
|
|
|
|
|
const validBlocked = typeof blocked === 'string';
|
|
|
|
|
const source =
|
|
|
|
|
report['source-file'] || report['sourceFile'];
|
|
|
|
|
const validSource = typeof source === 'string';
|
2018-10-28 14:58:25 +01:00
|
|
|
if (
|
|
|
|
|
(validBlocked || validSource) &&
|
|
|
|
|
(!validBlocked || !blocked.startsWith('data')) &&
|
|
|
|
|
(!validSource || !source.startsWith('data'))
|
|
|
|
|
) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
2017-10-18 21:00:22 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
// At this point, we have a potentially spurious CSP report.
|
|
|
|
|
|
|
|
|
|
if ( µBlock.logger.enabled ) {
|
|
|
|
|
fctxt.setRealm('net')
|
|
|
|
|
.setType('csp_report')
|
|
|
|
|
.setFilter({ result: 1, source: 'global', raw: 'no-spurious-csp-report' })
|
|
|
|
|
.toLogger();
|
2018-10-28 14:58:25 +01:00
|
|
|
}
|
2017-10-18 21:00:22 +02:00
|
|
|
|
2018-10-28 14:58:25 +01:00
|
|
|
return { cancel: true };
|
|
|
|
|
};
|
|
|
|
|
})();
|
2017-10-18 21:00:22 +02:00
|
|
|
|
|
|
|
|
/******************************************************************************/
|
|
|
|
|
|
2016-01-17 19:30:43 +01:00
|
|
|
// To handle:
|
2017-12-28 19:49:02 +01:00
|
|
|
// - Media elements larger than n kB
|
|
|
|
|
// - Scriptlet injection (requires ability to modify response body)
|
|
|
|
|
// - HTML filtering (requires ability to modify response body)
|
|
|
|
|
// - CSP injection
|
2014-09-24 23:38:22 +02:00
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const onHeadersReceived = function(details) {
|
|
|
|
|
const fctxt = µBlock.filteringContext.fromWebrequestDetails(details);
|
|
|
|
|
|
2014-09-24 23:38:22 +02:00
|
|
|
// Do not interfere with behind-the-scene requests.
|
2018-12-13 18:30:54 +01:00
|
|
|
if ( fctxt.tabId < 0 ) { return; }
|
2014-09-24 23:38:22 +02:00
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const µb = µBlock;
|
|
|
|
|
const requestType = details.type;
|
|
|
|
|
const isRootDoc = requestType === 'main_frame';
|
|
|
|
|
const isDoc = isRootDoc || requestType === 'sub_frame';
|
2015-11-09 23:59:19 +01:00
|
|
|
|
2017-12-28 19:49:02 +01:00
|
|
|
if ( isRootDoc ) {
|
2018-12-13 18:30:54 +01:00
|
|
|
µb.tabContextManager.push(details.tabId, details.url);
|
2015-06-11 21:11:01 +02:00
|
|
|
}
|
2016-01-17 19:30:43 +01:00
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
let pageStore = µb.pageStoreFromTabId(fctxt.tabId);
|
2017-01-18 00:18:28 +01:00
|
|
|
if ( pageStore === null ) {
|
2017-12-28 19:49:02 +01:00
|
|
|
if ( isRootDoc === false ) { return; }
|
2018-12-13 18:30:54 +01:00
|
|
|
pageStore = µb.bindTabToPageStats(fctxt.tabId, 'beforeRequest');
|
2014-09-24 23:38:22 +02:00
|
|
|
}
|
2017-01-18 00:18:28 +01:00
|
|
|
if ( pageStore.getNetFilteringSwitch() === false ) { return; }
|
2015-04-09 00:46:08 +02:00
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
// Keep in mind response headers will be modified in-place if needed, so
|
|
|
|
|
// `details.responseHeaders` will always point to the modified response
|
|
|
|
|
// headers.
|
|
|
|
|
const responseHeaders = details.responseHeaders;
|
|
|
|
|
|
2017-01-18 00:18:28 +01:00
|
|
|
if ( requestType === 'image' || requestType === 'media' ) {
|
2018-12-13 18:30:54 +01:00
|
|
|
return foilLargeMediaElement(
|
|
|
|
|
fctxt,
|
|
|
|
|
pageStore,
|
|
|
|
|
responseHeaders
|
|
|
|
|
);
|
2015-04-09 00:46:08 +02:00
|
|
|
}
|
|
|
|
|
|
2018-05-16 17:50:50 +02:00
|
|
|
if ( isDoc === false ) { return; }
|
|
|
|
|
|
2017-07-22 22:58:08 +02:00
|
|
|
// https://github.com/gorhill/uBlock/issues/2813
|
|
|
|
|
// Disable the blocking of large media elements if the document is itself
|
|
|
|
|
// a media element: the resource was not prevented from loading so no
|
|
|
|
|
// point to further block large media elements for the current document.
|
2017-12-28 19:49:02 +01:00
|
|
|
if ( isRootDoc ) {
|
2018-12-13 18:30:54 +01:00
|
|
|
const contentType = headerValueFromName('content-type', responseHeaders);
|
2018-05-16 17:50:50 +02:00
|
|
|
if ( reMediaContentTypes.test(contentType) ) {
|
2017-07-22 22:58:08 +02:00
|
|
|
pageStore.allowLargeMediaElementsUntil = Date.now() + 86400000;
|
2018-05-16 17:50:50 +02:00
|
|
|
return;
|
2017-07-22 22:58:08 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-05-16 17:50:50 +02:00
|
|
|
// At this point we have a HTML document.
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const filteredHTML = µb.canFilterResponseData &&
|
|
|
|
|
filterDocument(pageStore, fctxt, details) === true;
|
2018-05-16 17:50:50 +02:00
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
let modifiedHeaders = injectCSP(fctxt, pageStore, responseHeaders) === true;
|
2018-05-16 17:50:50 +02:00
|
|
|
|
|
|
|
|
// https://bugzilla.mozilla.org/show_bug.cgi?id=1376932
|
|
|
|
|
// Prevent document from being cached by the browser if we modified it,
|
|
|
|
|
// either through HTML filtering and/or modified response headers.
|
2018-09-18 23:05:53 +02:00
|
|
|
// https://github.com/uBlockOrigin/uBlock-issues/issues/229
|
|
|
|
|
// Use `no-cache` instead of `no-cache, no-store, must-revalidate`, this
|
|
|
|
|
// allows Firefox's offline mode to work as expected.
|
2018-05-16 17:50:50 +02:00
|
|
|
if ( (filteredHTML || modifiedHeaders) && dontCacheResponseHeaders ) {
|
|
|
|
|
let i = headerIndexFromName('cache-control', responseHeaders);
|
2018-09-21 15:16:46 +02:00
|
|
|
let cacheControl = µb.hiddenSettings.cacheControlForFirefox1376932;
|
2018-05-16 17:50:50 +02:00
|
|
|
if ( i !== -1 ) {
|
2018-09-21 15:16:46 +02:00
|
|
|
responseHeaders[i].value = cacheControl;
|
2018-05-16 17:50:50 +02:00
|
|
|
} else {
|
2018-09-21 15:27:41 +02:00
|
|
|
responseHeaders.push({ name: 'Cache-Control', value: cacheControl });
|
2018-05-16 17:50:50 +02:00
|
|
|
}
|
|
|
|
|
modifiedHeaders = true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ( modifiedHeaders ) {
|
|
|
|
|
return { responseHeaders: responseHeaders };
|
2017-01-18 00:18:28 +01:00
|
|
|
}
|
2016-08-27 17:08:56 +02:00
|
|
|
};
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const reMediaContentTypes = /^(?:audio|image|video)\//;
|
2017-07-22 22:58:08 +02:00
|
|
|
|
2017-12-28 19:49:02 +01:00
|
|
|
/*******************************************************************************
|
|
|
|
|
|
|
|
|
|
The response body filterer is responsible for:
|
|
|
|
|
|
|
|
|
|
- HTML filtering
|
|
|
|
|
|
|
|
|
|
In the spirit of efficiency, the response body filterer works this way:
|
|
|
|
|
|
|
|
|
|
If:
|
|
|
|
|
- HTML filtering: no.
|
|
|
|
|
Then:
|
|
|
|
|
No response body filtering is initiated.
|
|
|
|
|
|
|
|
|
|
If:
|
|
|
|
|
- HTML filtering: yes.
|
|
|
|
|
Then:
|
|
|
|
|
Assemble all response body data into a single buffer. Once all the
|
|
|
|
|
response data has been received, create a document from it. Then:
|
|
|
|
|
- Remove all DOM elements matching HTML filters.
|
|
|
|
|
Then serialize the resulting modified document as the new response
|
|
|
|
|
body.
|
|
|
|
|
|
|
|
|
|
**/
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const filterDocument = (function() {
|
|
|
|
|
const µb = µBlock;
|
|
|
|
|
const filterers = new Map();
|
|
|
|
|
let domParser, xmlSerializer,
|
2018-01-05 19:15:56 +01:00
|
|
|
utf8TextDecoder, textDecoder, textEncoder;
|
2017-12-28 19:49:02 +01:00
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const textDecode = function(encoding, buffer) {
|
2018-02-18 13:16:10 +01:00
|
|
|
if (
|
|
|
|
|
textDecoder !== undefined &&
|
|
|
|
|
textDecoder.encoding !== encoding
|
|
|
|
|
) {
|
|
|
|
|
textDecoder = undefined;
|
|
|
|
|
}
|
|
|
|
|
if ( textDecoder === undefined ) {
|
|
|
|
|
textDecoder = new TextDecoder(encoding);
|
|
|
|
|
}
|
|
|
|
|
return textDecoder.decode(buffer);
|
|
|
|
|
};
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const reContentTypeDocument = /^(?:text\/html|application\/xhtml\+xml)/i;
|
|
|
|
|
const reContentTypeCharset = /charset=['"]?([^'" ]+)/i;
|
2018-01-03 19:59:38 +01:00
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const mimeFromContentType = function(contentType) {
|
|
|
|
|
const match = reContentTypeDocument.exec(contentType);
|
2018-03-01 20:12:16 +01:00
|
|
|
if ( match !== null ) {
|
|
|
|
|
return match[0].toLowerCase();
|
|
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const charsetFromContentType = function(contentType) {
|
|
|
|
|
const match = reContentTypeCharset.exec(contentType);
|
2018-01-05 00:26:52 +01:00
|
|
|
if ( match !== null ) {
|
|
|
|
|
return match[1].toLowerCase();
|
|
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const charsetFromDoc = function(doc) {
|
|
|
|
|
let meta = doc.querySelector('meta[charset]');
|
2018-01-05 00:26:52 +01:00
|
|
|
if ( meta !== null ) {
|
|
|
|
|
return meta.getAttribute('charset').toLowerCase();
|
|
|
|
|
}
|
|
|
|
|
meta = doc.querySelector(
|
|
|
|
|
'meta[http-equiv="content-type" i][content]'
|
|
|
|
|
);
|
|
|
|
|
if ( meta !== null ) {
|
|
|
|
|
return charsetFromContentType(meta.getAttribute('content'));
|
|
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const streamClose = function(filterer, buffer) {
|
2017-12-28 19:49:02 +01:00
|
|
|
if ( buffer !== undefined ) {
|
|
|
|
|
filterer.stream.write(buffer);
|
|
|
|
|
} else if ( filterer.buffer !== undefined ) {
|
|
|
|
|
filterer.stream.write(filterer.buffer);
|
|
|
|
|
}
|
|
|
|
|
filterer.stream.close();
|
|
|
|
|
};
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const onStreamData = function(ev) {
|
|
|
|
|
const filterer = filterers.get(this);
|
2017-12-28 19:49:02 +01:00
|
|
|
if ( filterer === undefined ) {
|
|
|
|
|
this.write(ev.data);
|
|
|
|
|
this.disconnect();
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
if (
|
|
|
|
|
this.status !== 'transferringdata' &&
|
|
|
|
|
this.status !== 'finishedtransferringdata'
|
|
|
|
|
) {
|
|
|
|
|
filterers.delete(this);
|
|
|
|
|
this.disconnect();
|
|
|
|
|
return;
|
|
|
|
|
}
|
2017-12-30 17:21:23 +01:00
|
|
|
// TODO:
|
|
|
|
|
// - Possibly improve buffer growth, if benchmarking shows it's worth
|
|
|
|
|
// it.
|
|
|
|
|
// - Also evaluate whether keeping a list of buffers and then decoding
|
|
|
|
|
// them in sequence using TextDecoder's "stream" option is more
|
|
|
|
|
// efficient. Can the data buffers be safely kept around for later
|
|
|
|
|
// use?
|
|
|
|
|
// - Informal, quick benchmarks seem to show most of the overhead is
|
|
|
|
|
// from calling TextDecoder.decode() and TextEncoder.encode(), and if
|
|
|
|
|
// confirmed, there is nothing which can be done uBO-side to reduce
|
|
|
|
|
// overhead.
|
2017-12-28 19:49:02 +01:00
|
|
|
if ( filterer.buffer === null ) {
|
|
|
|
|
filterer.buffer = new Uint8Array(ev.data);
|
|
|
|
|
return;
|
|
|
|
|
}
|
2018-12-13 18:30:54 +01:00
|
|
|
const buffer = new Uint8Array(
|
2017-12-28 19:49:02 +01:00
|
|
|
filterer.buffer.byteLength +
|
|
|
|
|
ev.data.byteLength
|
|
|
|
|
);
|
|
|
|
|
buffer.set(filterer.buffer);
|
|
|
|
|
buffer.set(new Uint8Array(ev.data), filterer.buffer.byteLength);
|
|
|
|
|
filterer.buffer = buffer;
|
|
|
|
|
};
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const onStreamStop = function() {
|
|
|
|
|
const filterer = filterers.get(this);
|
2017-12-28 19:49:02 +01:00
|
|
|
filterers.delete(this);
|
|
|
|
|
if ( filterer === undefined || filterer.buffer === null ) {
|
|
|
|
|
this.close();
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
if ( this.status !== 'finishedtransferringdata' ) { return; }
|
|
|
|
|
|
|
|
|
|
if ( domParser === undefined ) {
|
|
|
|
|
domParser = new DOMParser();
|
|
|
|
|
xmlSerializer = new XMLSerializer();
|
|
|
|
|
}
|
|
|
|
|
if ( textEncoder === undefined ) {
|
|
|
|
|
textEncoder = new TextEncoder();
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
let doc;
|
2018-01-05 19:15:56 +01:00
|
|
|
|
|
|
|
|
// If stream encoding is still unknnown, try to extract from document.
|
2018-12-13 18:30:54 +01:00
|
|
|
let charsetFound = filterer.charset,
|
2018-02-18 13:16:10 +01:00
|
|
|
charsetUsed = charsetFound;
|
|
|
|
|
if ( charsetFound === undefined ) {
|
2018-01-05 19:15:56 +01:00
|
|
|
if ( utf8TextDecoder === undefined ) {
|
|
|
|
|
utf8TextDecoder = new TextDecoder();
|
|
|
|
|
}
|
|
|
|
|
doc = domParser.parseFromString(
|
2018-02-18 13:16:10 +01:00
|
|
|
utf8TextDecoder.decode(filterer.buffer.slice(0, 1024)),
|
2018-03-01 20:12:16 +01:00
|
|
|
filterer.mime
|
2018-01-05 19:15:56 +01:00
|
|
|
);
|
2018-02-18 13:16:10 +01:00
|
|
|
charsetFound = charsetFromDoc(doc);
|
|
|
|
|
charsetUsed = µb.textEncode.normalizeCharset(charsetFound);
|
|
|
|
|
if ( charsetUsed === undefined ) {
|
|
|
|
|
return streamClose(filterer);
|
2018-01-05 19:15:56 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
doc = domParser.parseFromString(
|
2018-02-18 13:16:10 +01:00
|
|
|
textDecode(charsetUsed, filterer.buffer),
|
2018-03-01 20:12:16 +01:00
|
|
|
filterer.mime
|
2017-12-28 19:49:02 +01:00
|
|
|
);
|
|
|
|
|
|
2018-02-18 13:16:10 +01:00
|
|
|
// https://github.com/gorhill/uBlock/issues/3507
|
|
|
|
|
// In case of no explicit charset found, try to find one again, but
|
|
|
|
|
// this time with the whole document parsed.
|
|
|
|
|
if ( charsetFound === undefined ) {
|
|
|
|
|
charsetFound = µb.textEncode.normalizeCharset(charsetFromDoc(doc));
|
|
|
|
|
if ( charsetFound !== charsetUsed ) {
|
|
|
|
|
if ( charsetFound === undefined ) {
|
|
|
|
|
return streamClose(filterer);
|
|
|
|
|
}
|
|
|
|
|
charsetUsed = charsetFound;
|
|
|
|
|
doc = domParser.parseFromString(
|
|
|
|
|
textDecode(charsetFound, filterer.buffer),
|
2018-03-01 20:12:16 +01:00
|
|
|
filterer.mime
|
2018-02-18 13:16:10 +01:00
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
let modified = false;
|
2017-12-28 19:49:02 +01:00
|
|
|
if ( filterer.selectors !== undefined ) {
|
|
|
|
|
if ( µb.htmlFilteringEngine.apply(doc, filterer) ) {
|
|
|
|
|
modified = true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ( modified === false ) {
|
2018-02-18 13:16:10 +01:00
|
|
|
return streamClose(filterer);
|
2017-12-28 19:49:02 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// https://stackoverflow.com/questions/6088972/get-doctype-of-an-html-as-string-with-javascript/10162353#10162353
|
2018-12-13 18:30:54 +01:00
|
|
|
const doctypeStr = doc.doctype instanceof Object ?
|
2017-12-28 19:49:02 +01:00
|
|
|
xmlSerializer.serializeToString(doc.doctype) + '\n' :
|
|
|
|
|
'';
|
|
|
|
|
|
2018-01-03 05:06:16 +01:00
|
|
|
// https://github.com/gorhill/uBlock/issues/3391
|
2018-12-13 18:30:54 +01:00
|
|
|
let encodedStream = textEncoder.encode(
|
2018-01-03 05:06:16 +01:00
|
|
|
doctypeStr +
|
|
|
|
|
doc.documentElement.outerHTML
|
2017-12-28 19:49:02 +01:00
|
|
|
);
|
2018-02-18 13:16:10 +01:00
|
|
|
if ( charsetUsed !== 'utf-8' ) {
|
2018-01-03 05:06:16 +01:00
|
|
|
encodedStream = µb.textEncode.encode(
|
2018-02-18 13:16:10 +01:00
|
|
|
charsetUsed,
|
2018-01-03 05:06:16 +01:00
|
|
|
encodedStream
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
streamClose(filterer, encodedStream);
|
2017-12-28 19:49:02 +01:00
|
|
|
};
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const onStreamError = function() {
|
2017-12-28 19:49:02 +01:00
|
|
|
filterers.delete(this);
|
|
|
|
|
};
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
return function(pageStore, fctxt, extras) {
|
2018-02-03 15:34:27 +01:00
|
|
|
// https://github.com/gorhill/uBlock/issues/3478
|
2018-12-13 18:30:54 +01:00
|
|
|
const statusCode = extras.statusCode || 0;
|
2018-02-03 15:34:27 +01:00
|
|
|
if ( statusCode !== 0 && (statusCode < 200 || statusCode >= 300) ) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const hostname = fctxt.getHostname();
|
2017-12-28 19:49:02 +01:00
|
|
|
if ( hostname === '' ) { return; }
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const domain = fctxt.getDomain();
|
2017-12-28 19:49:02 +01:00
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const request = {
|
2017-12-28 19:49:02 +01:00
|
|
|
stream: undefined,
|
2018-12-13 18:30:54 +01:00
|
|
|
tabId: fctxt.tabId,
|
|
|
|
|
url: fctxt.url,
|
2017-12-28 19:49:02 +01:00
|
|
|
hostname: hostname,
|
|
|
|
|
domain: domain,
|
|
|
|
|
entity: µb.URI.entityFromDomain(domain),
|
|
|
|
|
selectors: undefined,
|
|
|
|
|
buffer: null,
|
2018-04-03 00:40:29 +02:00
|
|
|
mime: 'text/html',
|
2017-12-28 19:49:02 +01:00
|
|
|
charset: undefined
|
|
|
|
|
};
|
2018-02-21 14:19:43 +01:00
|
|
|
|
2018-02-23 15:45:51 +01:00
|
|
|
request.selectors = µb.htmlFilteringEngine.retrieve(request);
|
2018-04-24 23:12:41 +02:00
|
|
|
if ( request.selectors === undefined ) { return; }
|
2017-12-28 19:49:02 +01:00
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const headers = extras.responseHeaders;
|
|
|
|
|
const contentType = headerValueFromName('content-type', headers);
|
2017-12-28 19:49:02 +01:00
|
|
|
if ( contentType !== '' ) {
|
2018-03-01 20:12:16 +01:00
|
|
|
request.mime = mimeFromContentType(contentType);
|
|
|
|
|
if ( request.mime === undefined ) { return; }
|
2018-12-13 18:30:54 +01:00
|
|
|
let charset = charsetFromContentType(contentType);
|
2018-01-05 00:26:52 +01:00
|
|
|
if ( charset !== undefined ) {
|
|
|
|
|
charset = µb.textEncode.normalizeCharset(charset);
|
2018-01-03 19:59:38 +01:00
|
|
|
if ( charset === undefined ) { return; }
|
2018-01-05 00:26:52 +01:00
|
|
|
request.charset = charset;
|
2017-12-28 19:49:02 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
// https://bugzilla.mozilla.org/show_bug.cgi?id=1426789
|
|
|
|
|
if ( headerValueFromName('content-disposition', headers) ) { return; }
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const stream = request.stream =
|
|
|
|
|
browser.webRequest.filterResponseData(extras.requestId);
|
2017-12-28 19:49:02 +01:00
|
|
|
stream.ondata = onStreamData;
|
|
|
|
|
stream.onstop = onStreamStop;
|
|
|
|
|
stream.onerror = onStreamError;
|
|
|
|
|
filterers.set(stream, request);
|
2018-05-16 17:50:50 +02:00
|
|
|
|
|
|
|
|
return true;
|
2017-12-28 19:49:02 +01:00
|
|
|
};
|
|
|
|
|
})();
|
|
|
|
|
|
2016-08-27 17:08:56 +02:00
|
|
|
/******************************************************************************/
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const injectCSP = function(fctxt, pageStore, responseHeaders) {
|
|
|
|
|
const µb = µBlock;
|
|
|
|
|
const loggerEnabled = µb.logger.enabled;
|
|
|
|
|
const cspSubsets = [];
|
2015-01-24 18:06:22 +01:00
|
|
|
|
2017-05-12 16:35:11 +02:00
|
|
|
// Start collecting policies >>>>>>>>
|
|
|
|
|
|
|
|
|
|
// ======== built-in policies
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const builtinDirectives = [];
|
2017-09-11 15:53:42 +02:00
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
if ( pageStore.filterScripting(fctxt, true) === 1 ) {
|
2018-09-01 12:36:17 +02:00
|
|
|
builtinDirectives.push("script-src http: https:");
|
2018-12-13 18:30:54 +01:00
|
|
|
if ( loggerEnabled ) {
|
|
|
|
|
fctxt.setRealm('net').setType('scripting').toLogger();
|
2018-09-01 00:47:02 +02:00
|
|
|
}
|
|
|
|
|
} else {
|
2018-12-13 18:30:54 +01:00
|
|
|
fctxt.type = 'inline-script';
|
|
|
|
|
if ( pageStore.filterRequest(fctxt) === 1 ) {
|
2018-09-01 00:47:02 +02:00
|
|
|
builtinDirectives.push("script-src 'unsafe-eval' * blob: data:");
|
2018-12-13 18:30:54 +01:00
|
|
|
if ( loggerEnabled ) {
|
|
|
|
|
fctxt.setRealm('net').toLogger();
|
|
|
|
|
}
|
2018-09-01 00:47:02 +02:00
|
|
|
}
|
2016-08-27 17:08:56 +02:00
|
|
|
}
|
2015-06-05 01:27:03 +02:00
|
|
|
|
2017-09-11 15:53:42 +02:00
|
|
|
// https://github.com/gorhill/uBlock/issues/1539
|
|
|
|
|
// - Use a CSP to also forbid inline fonts if remote fonts are blocked.
|
2018-12-13 18:30:54 +01:00
|
|
|
fctxt.type = 'inline-font';
|
|
|
|
|
if ( pageStore.filterRequest(fctxt) === 1 ) {
|
2017-09-11 15:53:42 +02:00
|
|
|
builtinDirectives.push('font-src *');
|
2018-12-13 18:30:54 +01:00
|
|
|
if ( loggerEnabled ) {
|
|
|
|
|
fctxt.setRealm('net').toLogger();
|
2017-09-11 15:53:42 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ( builtinDirectives.length !== 0 ) {
|
|
|
|
|
cspSubsets[0] = builtinDirectives.join('; ');
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-12 16:35:11 +02:00
|
|
|
// ======== filter-based policies
|
|
|
|
|
|
|
|
|
|
// Static filtering.
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const logDataEntries = loggerEnabled ? [] : undefined;
|
2017-05-12 16:35:11 +02:00
|
|
|
|
|
|
|
|
µb.staticNetFilteringEngine.matchAndFetchData(
|
|
|
|
|
'csp',
|
2018-12-13 18:30:54 +01:00
|
|
|
fctxt.url,
|
2017-05-12 16:35:11 +02:00
|
|
|
cspSubsets,
|
2018-12-13 18:30:54 +01:00
|
|
|
logDataEntries
|
2017-05-12 16:35:11 +02:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
// URL filtering `allow` rules override static filtering.
|
|
|
|
|
if (
|
|
|
|
|
cspSubsets.length !== 0 &&
|
2018-12-13 18:30:54 +01:00
|
|
|
µb.sessionURLFiltering.evaluateZ(
|
|
|
|
|
fctxt.getTabHostname(),
|
|
|
|
|
fctxt.url,
|
|
|
|
|
'csp'
|
|
|
|
|
) === 2
|
2017-05-12 16:35:11 +02:00
|
|
|
) {
|
2018-12-13 18:30:54 +01:00
|
|
|
if ( loggerEnabled ) {
|
|
|
|
|
fctxt.setRealm('net')
|
|
|
|
|
.setType('csp')
|
|
|
|
|
.setFilter(µb.sessionURLFiltering.toLogData())
|
|
|
|
|
.toLogger();
|
2017-01-18 00:18:28 +01:00
|
|
|
}
|
2017-05-12 16:35:11 +02:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-17 15:25:11 +02:00
|
|
|
// Dynamic filtering `allow` rules override static filtering.
|
2017-05-12 16:35:11 +02:00
|
|
|
if (
|
|
|
|
|
cspSubsets.length !== 0 &&
|
|
|
|
|
µb.userSettings.advancedUserEnabled &&
|
2018-12-13 18:30:54 +01:00
|
|
|
µb.sessionFirewall.evaluateCellZY(
|
|
|
|
|
fctxt.getTabHostname(),
|
|
|
|
|
fctxt.getTabHostname(),
|
|
|
|
|
'*'
|
|
|
|
|
) === 2
|
2017-05-12 16:35:11 +02:00
|
|
|
) {
|
2018-12-13 18:30:54 +01:00
|
|
|
if ( loggerEnabled ) {
|
|
|
|
|
fctxt.setRealm('net')
|
|
|
|
|
.setType('csp')
|
|
|
|
|
.setFilter(µb.sessionFirewall.toLogData())
|
|
|
|
|
.toLogger();
|
2017-02-06 21:34:31 +01:00
|
|
|
}
|
2017-05-12 16:35:11 +02:00
|
|
|
return;
|
2016-08-27 17:08:56 +02:00
|
|
|
}
|
|
|
|
|
|
2017-05-17 15:25:11 +02:00
|
|
|
// <<<<<<<< All policies have been collected
|
|
|
|
|
|
2017-05-12 16:35:11 +02:00
|
|
|
// Static CSP policies will be applied.
|
2018-12-13 18:30:54 +01:00
|
|
|
if ( logDataEntries !== undefined ) {
|
|
|
|
|
fctxt.setRealm('net').setType('csp');
|
|
|
|
|
for ( const entry of logDataEntries ) {
|
|
|
|
|
fctxt.setFilter(entry).toLogger();
|
|
|
|
|
}
|
2017-05-12 16:35:11 +02:00
|
|
|
}
|
2016-07-01 04:03:29 +02:00
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
if ( cspSubsets.length === 0 ) { return; }
|
2017-05-17 15:25:11 +02:00
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
µb.updateToolbarIcon(fctxt.tabId, 0x02);
|
2014-09-24 23:38:22 +02:00
|
|
|
|
2018-03-13 22:24:07 +01:00
|
|
|
// Use comma to merge CSP directives.
|
2017-05-12 16:35:11 +02:00
|
|
|
// Ref.: https://www.w3.org/TR/CSP2/#implementation-considerations
|
2018-03-13 22:24:07 +01:00
|
|
|
//
|
|
|
|
|
// https://github.com/gorhill/uMatrix/issues/967
|
2018-03-14 17:06:49 +01:00
|
|
|
// Inject a new CSP header rather than modify an existing one, except
|
|
|
|
|
// if the current environment does not support merging headers:
|
|
|
|
|
// Firefox 58/webext and less can't merge CSP headers, so we will merge
|
|
|
|
|
// them here.
|
|
|
|
|
|
|
|
|
|
if ( cantMergeCSPHeaders ) {
|
2018-12-13 18:30:54 +01:00
|
|
|
const i = headerIndexFromName(
|
|
|
|
|
'content-security-policy',
|
|
|
|
|
responseHeaders
|
|
|
|
|
);
|
2018-03-14 17:06:49 +01:00
|
|
|
if ( i !== -1 ) {
|
2018-12-13 18:30:54 +01:00
|
|
|
cspSubsets.unshift(responseHeaders[i].value.trim());
|
|
|
|
|
responseHeaders.splice(i, 1);
|
2018-03-14 17:06:49 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
responseHeaders.push({
|
2017-05-12 16:35:11 +02:00
|
|
|
name: 'Content-Security-Policy',
|
2018-03-13 22:24:07 +01:00
|
|
|
value: cspSubsets.join(', ')
|
2017-05-12 16:35:11 +02:00
|
|
|
});
|
|
|
|
|
|
2018-05-16 17:50:50 +02:00
|
|
|
return true;
|
2018-04-04 18:42:01 +02:00
|
|
|
};
|
|
|
|
|
|
2015-08-13 22:03:37 +02:00
|
|
|
/******************************************************************************/
|
|
|
|
|
|
2016-01-17 19:30:43 +01:00
|
|
|
// https://github.com/gorhill/uBlock/issues/1163
|
2016-11-08 21:53:08 +01:00
|
|
|
// "Block elements by size"
|
2016-01-17 19:30:43 +01:00
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const foilLargeMediaElement = function(fctxt, pageStore, responseHeaders) {
|
|
|
|
|
const i = headerIndexFromName('content-length', responseHeaders);
|
2016-11-08 21:53:08 +01:00
|
|
|
if ( i === -1 ) { return; }
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const size = parseInt(responseHeaders[i].value, 10) || 0;
|
|
|
|
|
const result = pageStore.filterLargeMediaElement(fctxt, size);
|
2017-05-12 16:35:11 +02:00
|
|
|
if ( result === 0 ) { return; }
|
2016-01-17 19:30:43 +01:00
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
if ( µBlock.logger.enabled ) {
|
|
|
|
|
fctxt.setRealm('net').toLogger();
|
2016-01-17 19:30:43 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return { cancel: true };
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/******************************************************************************/
|
|
|
|
|
|
2015-08-13 22:03:37 +02:00
|
|
|
// Caller must ensure headerName is normalized to lower case.
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const headerIndexFromName = function(headerName, headers) {
|
|
|
|
|
let i = headers.length;
|
2015-08-13 22:03:37 +02:00
|
|
|
while ( i-- ) {
|
|
|
|
|
if ( headers[i].name.toLowerCase() === headerName ) {
|
|
|
|
|
return i;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return -1;
|
2014-09-24 23:38:22 +02:00
|
|
|
};
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const headerValueFromName = function(headerName, headers) {
|
|
|
|
|
const i = headerIndexFromName(headerName, headers);
|
2017-07-22 22:58:08 +02:00
|
|
|
return i !== -1 ? headers[i].value : '';
|
|
|
|
|
};
|
|
|
|
|
|
2014-09-24 23:38:22 +02:00
|
|
|
/******************************************************************************/
|
|
|
|
|
|
2018-12-13 18:30:54 +01:00
|
|
|
const strictBlockBypasser = {
|
2018-10-29 13:56:51 +01:00
|
|
|
hostnameToDeadlineMap: new Map(),
|
|
|
|
|
cleanupTimer: undefined,
|
|
|
|
|
|
|
|
|
|
cleanup: function() {
|
2018-12-13 18:30:54 +01:00
|
|
|
for ( const [ hostname, deadline ] of this.hostnameToDeadlineMap ) {
|
2018-10-29 13:56:51 +01:00
|
|
|
if ( deadline <= Date.now() ) {
|
|
|
|
|
this.hostnameToDeadlineMap.delete(hostname);
|
2015-04-06 16:26:32 +02:00
|
|
|
}
|
|
|
|
|
}
|
2018-10-29 13:56:51 +01:00
|
|
|
},
|
|
|
|
|
|
|
|
|
|
bypass: function(hostname) {
|
|
|
|
|
if ( typeof hostname !== 'string' || hostname === '' ) { return; }
|
|
|
|
|
this.hostnameToDeadlineMap.set(
|
|
|
|
|
hostname,
|
|
|
|
|
Date.now() + µBlock.hiddenSettings.strictBlockingBypassDuration * 1000
|
|
|
|
|
);
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
isBypassed: function(hostname) {
|
|
|
|
|
if ( this.hostnameToDeadlineMap.size === 0 ) { return false; }
|
|
|
|
|
let bypassDuration =
|
|
|
|
|
µBlock.hiddenSettings.strictBlockingBypassDuration * 1000;
|
|
|
|
|
if ( this.cleanupTimer === undefined ) {
|
|
|
|
|
this.cleanupTimer = vAPI.setTimeout(
|
|
|
|
|
( ) => {
|
|
|
|
|
this.cleanupTimer = undefined;
|
|
|
|
|
this.cleanup();
|
|
|
|
|
},
|
|
|
|
|
bypassDuration + 10000
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
for (;;) {
|
2018-12-13 18:30:54 +01:00
|
|
|
const deadline = this.hostnameToDeadlineMap.get(hostname);
|
2018-10-29 13:56:51 +01:00
|
|
|
if ( deadline !== undefined ) {
|
|
|
|
|
if ( deadline > Date.now() ) {
|
|
|
|
|
this.hostnameToDeadlineMap.set(
|
|
|
|
|
hostname,
|
|
|
|
|
Date.now() + bypassDuration
|
|
|
|
|
);
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
this.hostnameToDeadlineMap.delete(hostname);
|
|
|
|
|
}
|
2018-12-13 18:30:54 +01:00
|
|
|
const pos = hostname.indexOf('.');
|
2018-10-29 13:56:51 +01:00
|
|
|
if ( pos === -1 ) { break; }
|
|
|
|
|
hostname = hostname.slice(pos + 1);
|
|
|
|
|
}
|
|
|
|
|
return false;
|
2015-04-06 16:26:32 +02:00
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/******************************************************************************/
|
|
|
|
|
|
2018-10-28 14:58:25 +01:00
|
|
|
return {
|
|
|
|
|
start: (function() {
|
2018-12-13 18:30:54 +01:00
|
|
|
const suspendedTabs = new Set();
|
|
|
|
|
const onBeforeReady = function(details) {
|
2018-10-28 14:58:25 +01:00
|
|
|
if ( details.type !== 'main_frame' && details.tabId > 0 ) {
|
|
|
|
|
suspendedTabs.add(details.tabId);
|
|
|
|
|
console.info('uBO suspend tab %d, block %s', details.tabId, details.url);
|
|
|
|
|
return { cancel: true };
|
|
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
// https://github.com/gorhill/uBlock/issues/2067
|
|
|
|
|
// Experimental: Block everything until uBO is fully ready.
|
|
|
|
|
// https://github.com/gorhill/uBlock/issues/3130
|
|
|
|
|
// Don't block root frame.
|
|
|
|
|
if ( µBlock.hiddenSettings.suspendTabsUntilReady ) {
|
|
|
|
|
vAPI.net.addListener(
|
|
|
|
|
'onBeforeRequest',
|
|
|
|
|
onBeforeReady,
|
|
|
|
|
{ urls: [ 'http://*/*', 'https://*/*' ] },
|
|
|
|
|
[ 'blocking' ]
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
return function() {
|
|
|
|
|
vAPI.net.removeListener('onBeforeRequest', onBeforeReady);
|
|
|
|
|
vAPI.net.addListener(
|
|
|
|
|
'onBeforeRequest',
|
|
|
|
|
onBeforeRequest,
|
|
|
|
|
{ urls: [ 'http://*/*', 'https://*/*' ] },
|
|
|
|
|
[ 'blocking' ]
|
|
|
|
|
);
|
|
|
|
|
vAPI.net.addListener(
|
|
|
|
|
'onHeadersReceived',
|
|
|
|
|
onHeadersReceived,
|
|
|
|
|
{
|
|
|
|
|
types: [ 'main_frame', 'sub_frame', 'image', 'media' ],
|
|
|
|
|
urls: [ 'http://*/*', 'https://*/*' ],
|
|
|
|
|
},
|
|
|
|
|
[ 'blocking', 'responseHeaders' ]
|
|
|
|
|
);
|
|
|
|
|
if ( vAPI.net.validTypes.has('csp_report') ) {
|
|
|
|
|
vAPI.net.addListener(
|
|
|
|
|
'onBeforeRequest',
|
|
|
|
|
onBeforeMaybeSpuriousCSPReport,
|
|
|
|
|
{
|
|
|
|
|
types: [ 'csp_report' ],
|
|
|
|
|
urls: [ 'http://*/*', 'https://*/*' ]
|
|
|
|
|
},
|
|
|
|
|
[ 'blocking', 'requestBody' ]
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
// https://github.com/gorhill/uBlock/issues/2067
|
|
|
|
|
// Force-reload tabs for which network requests were blocked
|
|
|
|
|
// during launch. This can happen only if tabs were "suspended".
|
2018-12-13 18:30:54 +01:00
|
|
|
for ( const tabId of suspendedTabs ) {
|
2018-10-28 14:58:25 +01:00
|
|
|
console.info('uBO suspend tab %d, force reload', tabId);
|
|
|
|
|
vAPI.tabs.reload(tabId);
|
|
|
|
|
}
|
|
|
|
|
suspendedTabs.clear();
|
|
|
|
|
};
|
|
|
|
|
})(),
|
2015-03-26 00:28:22 +01:00
|
|
|
|
2018-10-29 13:56:51 +01:00
|
|
|
strictBlockBypass: function(hostname) {
|
|
|
|
|
strictBlockBypasser.bypass(hostname);
|
2018-10-28 14:58:25 +01:00
|
|
|
}
|
2015-03-26 00:28:22 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/******************************************************************************/
|
|
|
|
|
|
2014-06-24 00:42:43 +02:00
|
|
|
})();
|
|
|
|
|
|
|
|
|
|
/******************************************************************************/
|
