2014-06-24 00:42:43 +02:00
|
|
|
/*******************************************************************************
|
|
|
|
|
|
|
|
|
|
µBlock - a Chromium browser extension to block requests.
|
|
|
|
|
Copyright (C) 2014 Raymond Hill
|
|
|
|
|
|
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
|
|
|
it under the terms of the GNU General Public License as published by
|
|
|
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
|
|
|
(at your option) any later version.
|
|
|
|
|
|
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
GNU General Public License for more details.
|
|
|
|
|
|
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
|
|
|
along with this program. If not, see {http://www.gnu.org/licenses/}.
|
|
|
|
|
|
|
|
|
|
Home: https://github.com/gorhill/uBlock
|
|
|
|
|
*/
|
|
|
|
|
|
2014-11-24 23:20:21 +01:00
|
|
|
/* global µBlock, vAPI */
|
2014-06-24 00:42:43 +02:00
|
|
|
|
|
|
|
|
/******************************************************************************/
|
|
|
|
|
|
|
|
|
|
// Start isolation from global scope
|
|
|
|
|
|
|
|
|
|
µBlock.webRequest = (function() {
|
|
|
|
|
|
2014-11-24 23:20:21 +01:00
|
|
|
'use strict';
|
|
|
|
|
|
2014-06-24 00:42:43 +02:00
|
|
|
/******************************************************************************/
|
|
|
|
|
|
2014-07-26 15:55:12 +02:00
|
|
|
// Intercept and filter web requests.
|
2014-07-14 17:24:59 +02:00
|
|
|
|
2014-07-26 01:29:51 +02:00
|
|
|
var onBeforeRequest = function(details) {
|
|
|
|
|
//console.debug('onBeforeRequest()> "%s": %o', details.url, details);
|
2014-07-14 17:24:59 +02:00
|
|
|
|
2014-07-26 01:29:51 +02:00
|
|
|
// Do not block behind the scene requests.
|
|
|
|
|
var tabId = details.tabId;
|
|
|
|
|
var µb = µBlock;
|
|
|
|
|
var requestURL = details.url;
|
2014-10-02 22:45:26 +02:00
|
|
|
var requestType = details.type;
|
2015-01-08 00:56:03 +01:00
|
|
|
var pageStore;
|
2014-07-26 01:29:51 +02:00
|
|
|
|
|
|
|
|
// Special handling for root document.
|
|
|
|
|
if ( requestType === 'main_frame' && details.parentFrameId === -1 ) {
|
2015-01-08 00:56:03 +01:00
|
|
|
pageStore = µb.bindTabToPageStats(tabId, requestURL, 'beforeRequest');
|
|
|
|
|
// Log for convenience
|
|
|
|
|
if ( pageStore !== null ) {
|
|
|
|
|
pageStore.requestURL = requestURL;
|
|
|
|
|
pageStore.requestHostname = pageStore.pageHostname;
|
|
|
|
|
pageStore.requestType = 'main_frame';
|
|
|
|
|
pageStore.logBuffer.writeOne(pageStore, '');
|
|
|
|
|
}
|
2014-07-14 17:24:59 +02:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-26 01:29:51 +02:00
|
|
|
// Lookup the page store associated with this tab id.
|
2015-01-08 00:56:03 +01:00
|
|
|
pageStore = µb.pageStoreFromTabId(tabId);
|
2014-07-26 01:29:51 +02:00
|
|
|
if ( !pageStore ) {
|
2014-07-14 20:40:40 +02:00
|
|
|
return;
|
|
|
|
|
}
|
2014-07-15 13:38:34 +02:00
|
|
|
|
2014-07-30 07:05:35 +02:00
|
|
|
// https://github.com/gorhill/uBlock/issues/114
|
|
|
|
|
var requestContext = pageStore;
|
2014-08-06 01:35:32 +02:00
|
|
|
var frameStore;
|
|
|
|
|
var frameId = details.frameId;
|
|
|
|
|
if ( frameId > 0 ) {
|
|
|
|
|
if ( frameStore = pageStore.getFrame(frameId) ) {
|
|
|
|
|
requestContext = frameStore;
|
|
|
|
|
}
|
|
|
|
|
}
|
2014-07-30 07:05:35 +02:00
|
|
|
|
2014-12-28 16:07:43 +01:00
|
|
|
// Setup context and evaluate
|
|
|
|
|
requestContext.requestURL = requestURL;
|
2015-01-21 01:39:13 +01:00
|
|
|
requestContext.requestHostname = details.hostname;
|
2014-12-28 16:07:43 +01:00
|
|
|
requestContext.requestType = requestType;
|
|
|
|
|
|
|
|
|
|
var result = pageStore.filterRequest(requestContext);
|
2014-07-14 17:24:59 +02:00
|
|
|
|
2015-01-16 18:15:12 +01:00
|
|
|
// Possible outcomes: blocked, allowed-passthru, allowed-mirror
|
2015-01-06 14:01:15 +01:00
|
|
|
|
2014-09-14 22:20:40 +02:00
|
|
|
// Not blocked
|
2015-01-16 18:15:12 +01:00
|
|
|
if ( µb.isAllowResult(result) ) {
|
2014-12-23 00:38:18 +01:00
|
|
|
//console.debug('onBeforeRequest()> ALLOW "%s" (%o) because "%s"', details.url, details, result);
|
|
|
|
|
|
2014-09-14 22:20:40 +02:00
|
|
|
pageStore.perLoadAllowedRequestCount++;
|
|
|
|
|
µb.localSettings.allowedRequestCount++;
|
2014-07-30 07:05:35 +02:00
|
|
|
|
|
|
|
|
// https://github.com/gorhill/uBlock/issues/114
|
2014-08-06 01:35:32 +02:00
|
|
|
if ( frameId > 0 && frameStore === undefined ) {
|
|
|
|
|
pageStore.addFrame(frameId, requestURL);
|
|
|
|
|
}
|
2014-09-14 22:20:40 +02:00
|
|
|
|
2014-11-29 21:26:01 +01:00
|
|
|
// https://code.google.com/p/chromium/issues/detail?id=387198
|
|
|
|
|
// Not all redirects will succeed, until bug above is fixed.
|
2015-01-19 01:17:36 +01:00
|
|
|
// https://github.com/gorhill/uBlock/issues/540
|
|
|
|
|
// Disabling local mirroring for the time being
|
|
|
|
|
//var redirectURL = pageStore.toMirrorURL(requestURL);
|
|
|
|
|
//if ( redirectURL !== '' ) {
|
|
|
|
|
// pageStore.logBuffer.writeOne(requestContext, 'ma:');
|
2014-11-29 21:26:01 +01:00
|
|
|
//console.debug('"%s" redirected to "%s..."', requestURL.slice(0, 50), redirectURL.slice(0, 50));
|
2015-01-19 01:17:36 +01:00
|
|
|
// return { redirectUrl: redirectURL };
|
|
|
|
|
//}
|
2014-09-30 21:55:18 +02:00
|
|
|
|
2015-01-16 18:15:12 +01:00
|
|
|
pageStore.logBuffer.writeOne(requestContext, result);
|
|
|
|
|
|
2014-07-14 17:24:59 +02:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-26 01:29:51 +02:00
|
|
|
// Blocked
|
2014-12-23 00:38:18 +01:00
|
|
|
//console.debug('onBeforeRequest()> BLOCK "%s" (%o) because "%s"', details.url, details, result);
|
|
|
|
|
|
2015-01-16 18:15:12 +01:00
|
|
|
pageStore.logBuffer.writeOne(requestContext, result);
|
|
|
|
|
|
2014-09-14 22:20:40 +02:00
|
|
|
pageStore.perLoadBlockedRequestCount++;
|
|
|
|
|
µb.localSettings.blockedRequestCount++;
|
|
|
|
|
µb.updateBadgeAsync(tabId);
|
2014-07-26 01:29:51 +02:00
|
|
|
|
|
|
|
|
// https://github.com/gorhill/uBlock/issues/18
|
|
|
|
|
// Do not use redirection, we need to block outright to be sure the request
|
|
|
|
|
// will not be made. There can be no such guarantee with redirection.
|
2014-07-14 17:24:59 +02:00
|
|
|
|
|
|
|
|
return { 'cancel': true };
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/******************************************************************************/
|
|
|
|
|
|
2014-07-26 01:29:51 +02:00
|
|
|
// Intercept root frame requests. This is where we identify and block popups.
|
2014-06-24 00:42:43 +02:00
|
|
|
|
2014-07-14 20:53:06 +02:00
|
|
|
var onBeforeSendHeaders = function(details) {
|
2014-07-26 15:55:12 +02:00
|
|
|
// TODO: I vaguely remember reading that when pre-fetch is enabled,
|
|
|
|
|
// the tab id could be -1, despite the request not really being a
|
2014-10-17 21:44:19 +02:00
|
|
|
// behind-the-scene request. If true, the test below would prevent
|
2014-07-26 15:55:12 +02:00
|
|
|
// the popup blocker from working. Need to check this.
|
2014-12-23 00:38:18 +01:00
|
|
|
//console.debug('onBeforeSendHeaders()> "%s" (%o) because "%s"', details.url, details, result);
|
2014-07-26 15:55:12 +02:00
|
|
|
|
2014-06-24 00:42:43 +02:00
|
|
|
// Do not block behind the scene requests.
|
2014-06-25 03:46:37 +02:00
|
|
|
var tabId = details.tabId;
|
|
|
|
|
if ( tabId < 0 ) {
|
2014-06-24 00:42:43 +02:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-26 01:29:51 +02:00
|
|
|
// Only root document.
|
|
|
|
|
if ( details.parentFrameId !== -1 ) {
|
|
|
|
|
return;
|
2014-06-24 00:42:43 +02:00
|
|
|
}
|
|
|
|
|
|
2014-07-26 01:29:51 +02:00
|
|
|
var µb = µBlock;
|
2014-06-27 23:06:42 +02:00
|
|
|
var requestURL = details.url;
|
2014-07-26 01:29:51 +02:00
|
|
|
|
|
|
|
|
// Lookup the page store associated with this tab id.
|
|
|
|
|
var pageStore = µb.pageStoreFromTabId(tabId);
|
|
|
|
|
if ( !pageStore ) {
|
2014-10-10 19:26:43 +02:00
|
|
|
// This happens under normal circumstances in Opera.
|
2014-06-24 00:42:43 +02:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-26 01:29:51 +02:00
|
|
|
// Heuristic to determine whether we are dealing with a popup:
|
|
|
|
|
// - the page store is new (it's not a reused one)
|
|
|
|
|
// - the referrer is not nil
|
2014-06-25 03:46:37 +02:00
|
|
|
|
2014-07-26 01:29:51 +02:00
|
|
|
// Can't be a popup, the tab was in use previously.
|
|
|
|
|
if ( pageStore.previousPageURL !== '' ) {
|
|
|
|
|
return;
|
2014-06-24 00:42:43 +02:00
|
|
|
}
|
|
|
|
|
|
2014-09-23 17:18:54 +02:00
|
|
|
var referrer = headerValue(details.requestHeaders, 'referer');
|
2014-07-26 01:29:51 +02:00
|
|
|
if ( referrer === '' ) {
|
2014-07-05 18:56:16 +02:00
|
|
|
return;
|
|
|
|
|
}
|
2014-06-24 00:42:43 +02:00
|
|
|
|
2014-10-15 19:14:25 +02:00
|
|
|
// https://github.com/gorhill/uBlock/issues/323
|
|
|
|
|
if ( pageStore.getNetFilteringSwitch() === false ) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-26 15:55:12 +02:00
|
|
|
// TODO: I think I should test the switch of the referrer instead, not the
|
|
|
|
|
// switch of the popup. If so, that would require being able to lookup
|
|
|
|
|
// a page store from a URL. Have to keep in mind the same URL can appear
|
|
|
|
|
// in multiple tabs.
|
2014-10-15 19:14:25 +02:00
|
|
|
|
|
|
|
|
// https://github.com/gorhill/uBlock/issues/67
|
|
|
|
|
// We need to pass the details of the page which opened this popup,
|
|
|
|
|
// so that the `third-party` option works.
|
|
|
|
|
// Create a synthetic context based on the referrer.
|
|
|
|
|
var µburi = µb.URI;
|
|
|
|
|
var referrerHostname = µburi.hostnameFromURI(referrer);
|
|
|
|
|
var pageDetails = {
|
|
|
|
|
pageHostname: referrerHostname,
|
2015-01-16 18:15:12 +01:00
|
|
|
pageDomain: µburi.domainFromHostname(referrerHostname)
|
2014-10-15 19:14:25 +02:00
|
|
|
};
|
|
|
|
|
pageDetails.rootHostname = pageDetails.pageHostname;
|
|
|
|
|
pageDetails.rootDomain = pageDetails.pageDomain;
|
|
|
|
|
//console.debug('Referrer="%s"', referrer);
|
2014-12-28 16:07:43 +01:00
|
|
|
var result = µb.staticNetFilteringEngine.matchStringExactType(pageDetails, requestURL, 'popup');
|
2014-06-24 00:42:43 +02:00
|
|
|
|
2014-06-25 03:46:37 +02:00
|
|
|
// Not blocked?
|
2015-01-21 01:39:13 +01:00
|
|
|
if ( µb.isAllowResult(result) ) {
|
2014-06-24 00:42:43 +02:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-26 01:29:51 +02:00
|
|
|
// It is a popup, block and remove the tab.
|
|
|
|
|
µb.unbindTabFromPageStats(tabId);
|
2014-11-16 14:09:28 +01:00
|
|
|
vAPI.tabs.remove(tabId);
|
2014-06-24 00:42:43 +02:00
|
|
|
|
|
|
|
|
return { 'cancel': true };
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/******************************************************************************/
|
|
|
|
|
|
2014-09-24 23:38:22 +02:00
|
|
|
// To handle `inline-script`.
|
|
|
|
|
|
|
|
|
|
var onHeadersReceived = function(details) {
|
|
|
|
|
// Do not interfere with behind-the-scene requests.
|
|
|
|
|
var tabId = details.tabId;
|
|
|
|
|
if ( tabId < 0 ) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Lookup the page store associated with this tab id.
|
|
|
|
|
var µb = µBlock;
|
|
|
|
|
var pageStore = µb.pageStoreFromTabId(tabId);
|
|
|
|
|
if ( !pageStore ) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2014-11-29 21:26:01 +01:00
|
|
|
// https://github.com/gorhill/uBlock/issues/384
|
2015-01-19 01:17:36 +01:00
|
|
|
// https://github.com/gorhill/uBlock/issues/540
|
|
|
|
|
// Disabling local mirroring for the time being
|
|
|
|
|
//if ( details.parentFrameId === -1 ) {
|
2015-01-19 04:26:07 +01:00
|
|
|
// pageStore.skipLocalMirroring = headerStartsWith(details.responseHeaders, 'content-security-policy') !== '';
|
2015-01-19 01:17:36 +01:00
|
|
|
//}
|
2015-01-13 17:54:54 +01:00
|
|
|
|
2015-01-17 21:03:33 +01:00
|
|
|
var requestURL = details.url;
|
2015-01-21 01:39:13 +01:00
|
|
|
var requestHostname = details.hostname;
|
2015-01-17 21:03:33 +01:00
|
|
|
|
|
|
|
|
// https://github.com/gorhill/uBlock/issues/525
|
|
|
|
|
// When we are dealing with the root frame, due to fix to issue #516, it
|
|
|
|
|
// is likely the root frame has not been bound yet to the tab, and thus
|
|
|
|
|
// we could end up using the context of the previous page for filtering.
|
|
|
|
|
// So when the request is that of a root frame, simply create an
|
|
|
|
|
// artificial context, this will ensure we are properly filtering
|
|
|
|
|
// inline scripts.
|
|
|
|
|
var context;
|
|
|
|
|
if ( details.parentFrameId === -1 ) {
|
2015-01-21 01:39:13 +01:00
|
|
|
var contextDomain = µb.URI.domainFromHostname(requestHostname);
|
2015-01-17 21:03:33 +01:00
|
|
|
context = {
|
|
|
|
|
rootHostname: requestHostname,
|
2015-01-21 01:39:13 +01:00
|
|
|
rootDomain: contextDomain,
|
2015-01-17 21:03:33 +01:00
|
|
|
pageHostname: requestHostname,
|
2015-01-21 01:39:13 +01:00
|
|
|
pageDomain: contextDomain
|
2015-01-17 21:03:33 +01:00
|
|
|
};
|
|
|
|
|
} else {
|
|
|
|
|
context = pageStore;
|
|
|
|
|
}
|
|
|
|
|
|
2015-01-13 17:54:54 +01:00
|
|
|
// Concatenating with '{inline-script}' so that the network request cache
|
|
|
|
|
// can distinguish from the document itself
|
2015-01-17 21:03:33 +01:00
|
|
|
// The cache should do whatever it takes to not confuse same
|
|
|
|
|
// URLs-different type
|
|
|
|
|
context.requestURL = requestURL + '{inline-script}';
|
|
|
|
|
context.requestHostname = requestHostname;
|
|
|
|
|
context.requestType = 'inline-script';
|
|
|
|
|
|
|
|
|
|
var result = pageStore.filterRequest(context);
|
2015-01-01 16:57:03 +01:00
|
|
|
if ( µb.isBlockResult(result) === false ) {
|
2014-09-24 23:38:22 +02:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Blocked
|
|
|
|
|
pageStore.perLoadBlockedRequestCount++;
|
|
|
|
|
µb.localSettings.blockedRequestCount++;
|
|
|
|
|
µb.updateBadgeAsync(tabId);
|
|
|
|
|
|
2015-01-17 21:03:33 +01:00
|
|
|
pageStore.logBuffer.writeOne(context, result);
|
2015-01-17 13:53:19 +01:00
|
|
|
|
2014-09-24 23:38:22 +02:00
|
|
|
details.responseHeaders.push({
|
|
|
|
|
'name': 'Content-Security-Policy',
|
2014-10-06 20:02:44 +02:00
|
|
|
'value': "script-src 'unsafe-eval' *"
|
2014-09-24 23:38:22 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
return { 'responseHeaders': details.responseHeaders };
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/******************************************************************************/
|
|
|
|
|
|
2014-09-23 17:18:54 +02:00
|
|
|
var headerValue = function(headers, name) {
|
2014-07-14 20:40:40 +02:00
|
|
|
var i = headers.length;
|
|
|
|
|
while ( i-- ) {
|
2014-09-23 17:18:54 +02:00
|
|
|
if ( headers[i].name.toLowerCase() === name ) {
|
2014-07-14 20:40:40 +02:00
|
|
|
return headers[i].value;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return '';
|
|
|
|
|
};
|
2014-10-09 16:51:28 +02:00
|
|
|
|
2014-07-14 20:40:40 +02:00
|
|
|
/******************************************************************************/
|
|
|
|
|
|
2015-01-19 04:26:07 +01:00
|
|
|
var headerStartsWith = function(headers, prefix) {
|
2015-01-19 01:17:36 +01:00
|
|
|
var i = headers.length;
|
|
|
|
|
while ( i-- ) {
|
2015-01-21 01:39:13 +01:00
|
|
|
if ( headers[i].name.toLowerCase().lastIndexOf(prefix, 0) === 0 ) {
|
2015-01-19 01:17:36 +01:00
|
|
|
return headers[i].value;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return '';
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/******************************************************************************/
|
|
|
|
|
|
2014-10-17 21:44:19 +02:00
|
|
|
vAPI.net.onBeforeRequest = {
|
|
|
|
|
urls: [
|
|
|
|
|
'http://*/*',
|
|
|
|
|
'https://*/*'
|
|
|
|
|
],
|
|
|
|
|
types: [
|
|
|
|
|
"main_frame",
|
|
|
|
|
"sub_frame",
|
|
|
|
|
'stylesheet',
|
|
|
|
|
"script",
|
|
|
|
|
"image",
|
|
|
|
|
"object",
|
|
|
|
|
"xmlhttprequest",
|
|
|
|
|
"other"
|
|
|
|
|
],
|
|
|
|
|
extra: [ 'blocking' ],
|
|
|
|
|
callback: onBeforeRequest
|
2014-06-24 00:42:43 +02:00
|
|
|
//function(details) {
|
2014-07-26 01:29:51 +02:00
|
|
|
// quickProfiler.start('onBeforeRequest');
|
|
|
|
|
// var r = onBeforeRequest(details);
|
2014-06-24 00:42:43 +02:00
|
|
|
// quickProfiler.stop();
|
|
|
|
|
// return r;
|
|
|
|
|
//},
|
2014-10-17 21:44:19 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
vAPI.net.onBeforeSendHeaders = {
|
|
|
|
|
urls: [
|
|
|
|
|
'http://*/*',
|
|
|
|
|
'https://*/*'
|
|
|
|
|
],
|
|
|
|
|
types: [
|
|
|
|
|
"main_frame"
|
|
|
|
|
],
|
|
|
|
|
extra: [ 'blocking', 'requestHeaders' ],
|
|
|
|
|
callback: onBeforeSendHeaders
|
2014-07-26 01:29:51 +02:00
|
|
|
//function(details) {
|
|
|
|
|
// quickProfiler.start('onBeforeSendHeaders');
|
|
|
|
|
// var r = onBeforeSendHeaders(details);
|
|
|
|
|
// quickProfiler.stop();
|
|
|
|
|
// return r;
|
|
|
|
|
//},
|
2014-10-17 21:44:19 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
vAPI.net.onHeadersReceived = {
|
|
|
|
|
urls: [
|
|
|
|
|
'http://*/*',
|
|
|
|
|
'https://*/*'
|
|
|
|
|
],
|
|
|
|
|
types: [
|
2015-01-13 17:54:54 +01:00
|
|
|
"main_frame",
|
|
|
|
|
"sub_frame"
|
2014-10-17 21:44:19 +02:00
|
|
|
],
|
|
|
|
|
extra: [ 'blocking', 'responseHeaders' ],
|
|
|
|
|
callback: onHeadersReceived
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
vAPI.net.registerListeners();
|
2014-09-24 23:38:22 +02:00
|
|
|
|
2014-11-24 23:20:21 +01:00
|
|
|
//console.log('µBlock> Beginning to intercept net requests at %s', (new Date()).toISOString());
|
2014-06-24 00:42:43 +02:00
|
|
|
|
|
|
|
|
/******************************************************************************/
|
|
|
|
|
|
|
|
|
|
})();
|
|
|
|
|
|
|
|
|
|
/******************************************************************************/
|
|
|
|
|
|
