uBlock/src/js/traffic.js

415 lines
13 KiB
JavaScript
Raw Normal View History

2014-06-24 00:42:43 +02:00
/*******************************************************************************
µBlock - a Chromium browser extension to block requests.
Copyright (C) 2014 Raymond Hill
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see {http://www.gnu.org/licenses/}.
Home: https://github.com/gorhill/uBlock
*/
2014-11-24 23:20:21 +01:00
/* global µBlock, vAPI */
2014-06-24 00:42:43 +02:00
/******************************************************************************/
// Start isolation from global scope
µBlock.webRequest = (function() {
2014-11-24 23:20:21 +01:00
'use strict';
2014-06-24 00:42:43 +02:00
/******************************************************************************/
2014-07-26 15:55:12 +02:00
// Intercept and filter web requests.
2014-07-14 17:24:59 +02:00
2014-07-26 01:29:51 +02:00
var onBeforeRequest = function(details) {
2015-02-25 20:15:36 +01:00
//console.debug('µBlock.webRequest/onBeforeRequest(): "%s": %o', details.url, details);
2015-02-26 18:30:12 +01:00
//console.debug('µBlock.webRequest/onBeforeRequest(): "type=%s, id=%d, parent id=%d, url=%s', details.type, details.frameId, details.parentFrameId, details.url);
2014-07-14 17:24:59 +02:00
2014-07-26 01:29:51 +02:00
var tabId = details.tabId;
2015-01-24 18:06:22 +01:00
// Special treatment: behind-the-scene requests
if ( vAPI.isNoTabId(tabId) ) {
return onBeforeBehindTheSceneRequest(details);
}
2014-07-26 01:29:51 +02:00
var µb = µBlock;
var requestURL = details.url;
2014-10-02 22:45:26 +02:00
var requestType = details.type;
2015-01-08 00:56:03 +01:00
var pageStore;
2014-07-26 01:29:51 +02:00
// Special handling for root document.
if ( requestType === 'main_frame' && details.parentFrameId === -1 ) {
2015-01-08 00:56:03 +01:00
pageStore = µb.bindTabToPageStats(tabId, requestURL, 'beforeRequest');
// Log for convenience
if ( pageStore !== null ) {
pageStore.requestURL = requestURL;
pageStore.requestHostname = pageStore.pageHostname;
pageStore.requestType = 'main_frame';
2015-01-24 18:06:22 +01:00
pageStore.logRequest(pageStore, '');
2015-01-08 00:56:03 +01:00
}
2014-07-14 17:24:59 +02:00
return;
}
2014-07-26 01:29:51 +02:00
// Lookup the page store associated with this tab id.
2015-01-08 00:56:03 +01:00
pageStore = µb.pageStoreFromTabId(tabId);
2014-07-26 01:29:51 +02:00
if ( !pageStore ) {
2014-07-14 20:40:40 +02:00
return;
}
2014-07-15 13:38:34 +02:00
// https://github.com/gorhill/uBlock/issues/114
var requestContext = pageStore;
var frameStore;
2015-02-25 20:15:36 +01:00
// https://github.com/gorhill/uBlock/issues/886
// For requests of type `sub_frame`, the parent frame id must be used
// to lookup the proper context:
// > If the document of a (sub-)frame is loaded (type is main_frame or
// > sub_frame), frameId indicates the ID of this frame, not the ID of
// > the outer frame.
// > (ref: https://developer.chrome.com/extensions/webRequest)
var isFrame = requestType === 'sub_frame' || requestType === 'main_frame';
var frameId = isFrame ? details.parentFrameId : details.frameId;
if ( frameId > 0 ) {
if ( frameStore = pageStore.getFrame(frameId) ) {
requestContext = frameStore;
}
}
// Setup context and evaluate
requestContext.requestURL = requestURL;
2015-01-21 01:39:13 +01:00
requestContext.requestHostname = details.hostname;
requestContext.requestType = requestType;
var result = pageStore.filterRequest(requestContext);
2014-07-14 17:24:59 +02:00
2015-01-16 18:15:12 +01:00
// Possible outcomes: blocked, allowed-passthru, allowed-mirror
2014-09-14 22:20:40 +02:00
// Not blocked
2015-01-16 18:15:12 +01:00
if ( µb.isAllowResult(result) ) {
2015-01-24 18:06:22 +01:00
//console.debug('traffic.js > onBeforeRequest(): ALLOW "%s" (%o) because "%s"', details.url, details, result);
// https://github.com/gorhill/uBlock/issues/114
2015-02-25 20:15:36 +01:00
if ( isFrame && details.frameId > 0 ) {
pageStore.setFrame(details.frameId, requestURL);
}
2014-09-14 22:20:40 +02:00
// https://code.google.com/p/chromium/issues/detail?id=387198
// Not all redirects will succeed, until bug above is fixed.
// https://github.com/gorhill/uBlock/issues/540
// Disabling local mirroring for the time being
//var redirectURL = pageStore.toMirrorURL(requestURL);
//if ( redirectURL !== '' ) {
2015-01-24 18:06:22 +01:00
// pageStore.logRequest(requestContext, 'ma:');
//console.debug('traffic.js > "%s" redirected to "%s..."', requestURL.slice(0, 50), redirectURL.slice(0, 50));
// return { redirectUrl: redirectURL };
//}
2015-01-24 18:06:22 +01:00
pageStore.logRequest(requestContext, result);
2015-01-16 18:15:12 +01:00
2014-07-14 17:24:59 +02:00
return;
}
2014-07-26 01:29:51 +02:00
// Blocked
2015-01-24 18:06:22 +01:00
//console.debug('traffic.js > onBeforeRequest(): BLOCK "%s" (%o) because "%s"', details.url, details, result);
2015-01-24 18:06:22 +01:00
pageStore.logRequest(requestContext, result);
2015-01-16 18:15:12 +01:00
2014-09-14 22:20:40 +02:00
µb.updateBadgeAsync(tabId);
2014-07-26 01:29:51 +02:00
// https://github.com/gorhill/uBlock/issues/18
// Do not use redirection, we need to block outright to be sure the request
// will not be made. There can be no such guarantee with redirection.
2014-07-14 17:24:59 +02:00
return { 'cancel': true };
};
/******************************************************************************/
2015-01-24 18:06:22 +01:00
// Intercept and filter behind-the-scene requests.
var onBeforeBehindTheSceneRequest = function(details) {
//console.debug('traffic.js > onBeforeBehindTheSceneRequest(): "%s": %o', details.url, details);
var µb = µBlock;
var pageStore = µb.pageStoreFromTabId(vAPI.noTabId);
if ( !pageStore ) {
return;
}
pageStore.requestURL = details.url;
pageStore.requestHostname = details.hostname;
pageStore.requestType = details.type;
// Blocking behind-the-scene requests can break a lot of stuff: prevent
// browser updates, prevent extension updates, prevent extensions from
// working properly, etc.
// So we filter if and only if the "advanced user" mode is selected
var result = '';
if ( µb.userSettings.advancedUserEnabled ) {
result = pageStore.filterRequestNoCache(pageStore);
}
pageStore.logRequest(pageStore, result);
// Not blocked
if ( µb.isAllowResult(result) ) {
//console.debug('traffic.js > onBeforeBehindTheSceneRequest(): ALLOW "%s" (%o) because "%s"', details.url, details, result);
return;
}
// Blocked
//console.debug('traffic.js > onBeforeBehindTheSceneRequest(): BLOCK "%s" (%o) because "%s"', details.url, details, result);
return { 'cancel': true };
};
/******************************************************************************/
2014-07-26 01:29:51 +02:00
// Intercept root frame requests. This is where we identify and block popups.
2014-06-24 00:42:43 +02:00
2014-07-14 20:53:06 +02:00
var onBeforeSendHeaders = function(details) {
2014-07-26 15:55:12 +02:00
// TODO: I vaguely remember reading that when pre-fetch is enabled,
// the tab id could be -1, despite the request not really being a
// behind-the-scene request. If true, the test below would prevent
2014-07-26 15:55:12 +02:00
// the popup blocker from working. Need to check this.
2015-01-24 18:06:22 +01:00
//console.debug('traffic.js > onBeforeSendHeaders(): "%s" (%o) because "%s"', details.url, details, result);
2014-07-26 15:55:12 +02:00
2014-06-24 00:42:43 +02:00
// Do not block behind the scene requests.
2014-06-25 03:46:37 +02:00
var tabId = details.tabId;
2015-01-24 18:06:22 +01:00
if ( vAPI.isNoTabId(tabId) ) {
2014-06-24 00:42:43 +02:00
return;
}
2014-07-26 01:29:51 +02:00
// Only root document.
if ( details.parentFrameId !== -1 ) {
return;
2014-06-24 00:42:43 +02:00
}
2014-07-26 01:29:51 +02:00
var µb = µBlock;
2014-06-27 23:06:42 +02:00
var requestURL = details.url;
2014-07-26 01:29:51 +02:00
// Lookup the page store associated with this tab id.
var pageStore = µb.pageStoreFromTabId(tabId);
if ( !pageStore ) {
2014-10-10 19:26:43 +02:00
// This happens under normal circumstances in Opera.
2014-06-24 00:42:43 +02:00
return;
}
2014-07-26 01:29:51 +02:00
// Heuristic to determine whether we are dealing with a popup:
// - the page store is new (it's not a reused one)
// - the referrer is not nil
2014-06-25 03:46:37 +02:00
2014-07-26 01:29:51 +02:00
// Can't be a popup, the tab was in use previously.
if ( pageStore.previousPageURL !== '' ) {
return;
2014-06-24 00:42:43 +02:00
}
var referrer = headerValue(details.requestHeaders, 'referer');
2014-07-26 01:29:51 +02:00
if ( referrer === '' ) {
2014-07-05 18:56:16 +02:00
return;
}
2014-06-24 00:42:43 +02:00
2014-10-15 19:14:25 +02:00
// https://github.com/gorhill/uBlock/issues/323
if ( pageStore.getNetFilteringSwitch() === false ) {
return;
}
2014-07-26 15:55:12 +02:00
// TODO: I think I should test the switch of the referrer instead, not the
// switch of the popup. If so, that would require being able to lookup
// a page store from a URL. Have to keep in mind the same URL can appear
// in multiple tabs.
2014-10-15 19:14:25 +02:00
// https://github.com/gorhill/uBlock/issues/67
// We need to pass the details of the page which opened this popup,
// so that the `third-party` option works.
// Create a synthetic context based on the referrer.
var µburi = µb.URI;
var referrerHostname = µburi.hostnameFromURI(referrer);
var pageDetails = {
pageHostname: referrerHostname,
2015-01-16 18:15:12 +01:00
pageDomain: µburi.domainFromHostname(referrerHostname)
2014-10-15 19:14:25 +02:00
};
pageDetails.rootHostname = pageDetails.pageHostname;
pageDetails.rootDomain = pageDetails.pageDomain;
2015-01-24 18:06:22 +01:00
//console.debug('traffic.js > Referrer="%s"', referrer);
var result = µb.staticNetFilteringEngine.matchStringExactType(pageDetails, requestURL, 'popup');
2014-06-24 00:42:43 +02:00
2014-06-25 03:46:37 +02:00
// Not blocked?
2015-01-21 01:39:13 +01:00
if ( µb.isAllowResult(result) ) {
2014-06-24 00:42:43 +02:00
return;
}
2014-07-26 01:29:51 +02:00
// It is a popup, block and remove the tab.
µb.unbindTabFromPageStats(tabId);
vAPI.tabs.remove(tabId);
2014-06-24 00:42:43 +02:00
return { 'cancel': true };
};
/******************************************************************************/
2014-09-24 23:38:22 +02:00
// To handle `inline-script`.
var onHeadersReceived = function(details) {
// Do not interfere with behind-the-scene requests.
var tabId = details.tabId;
2015-01-24 18:06:22 +01:00
if ( vAPI.isNoTabId(tabId) ) {
2014-09-24 23:38:22 +02:00
return;
}
// Lookup the page store associated with this tab id.
var µb = µBlock;
var pageStore = µb.pageStoreFromTabId(tabId);
if ( !pageStore ) {
return;
}
// https://github.com/gorhill/uBlock/issues/384
// https://github.com/gorhill/uBlock/issues/540
// Disabling local mirroring for the time being
//if ( details.parentFrameId === -1 ) {
2015-01-19 04:26:07 +01:00
// pageStore.skipLocalMirroring = headerStartsWith(details.responseHeaders, 'content-security-policy') !== '';
//}
2015-01-13 17:54:54 +01:00
2015-01-17 21:03:33 +01:00
var requestURL = details.url;
2015-01-21 01:39:13 +01:00
var requestHostname = details.hostname;
2015-01-17 21:03:33 +01:00
// https://github.com/gorhill/uBlock/issues/525
// When we are dealing with the root frame, due to fix to issue #516, it
// is likely the root frame has not been bound yet to the tab, and thus
// we could end up using the context of the previous page for filtering.
// So when the request is that of a root frame, simply create an
// artificial context, this will ensure we are properly filtering
// inline scripts.
var context;
if ( details.parentFrameId === -1 ) {
2015-01-21 01:39:13 +01:00
var contextDomain = µb.URI.domainFromHostname(requestHostname);
2015-01-17 21:03:33 +01:00
context = {
rootHostname: requestHostname,
2015-01-21 01:39:13 +01:00
rootDomain: contextDomain,
2015-01-17 21:03:33 +01:00
pageHostname: requestHostname,
2015-01-21 01:39:13 +01:00
pageDomain: contextDomain
2015-01-17 21:03:33 +01:00
};
} else {
context = pageStore;
}
2015-01-13 17:54:54 +01:00
// Concatenating with '{inline-script}' so that the network request cache
// can distinguish from the document itself
2015-01-17 21:03:33 +01:00
// The cache should do whatever it takes to not confuse same
// URLs-different type
context.requestURL = requestURL + '{inline-script}';
context.requestHostname = requestHostname;
context.requestType = 'inline-script';
var result = pageStore.filterRequest(context);
2015-01-24 18:06:22 +01:00
pageStore.logRequest(context, result);
// Don't block
if ( µb.isAllowResult(result) ) {
2014-09-24 23:38:22 +02:00
return;
}
µb.updateBadgeAsync(tabId);
details.responseHeaders.push({
'name': 'Content-Security-Policy',
2014-10-06 20:02:44 +02:00
'value': "script-src 'unsafe-eval' *"
2014-09-24 23:38:22 +02:00
});
return { 'responseHeaders': details.responseHeaders };
};
/******************************************************************************/
var headerValue = function(headers, name) {
2014-07-14 20:40:40 +02:00
var i = headers.length;
while ( i-- ) {
if ( headers[i].name.toLowerCase() === name ) {
2014-07-14 20:40:40 +02:00
return headers[i].value;
}
}
return '';
};
2014-10-09 16:51:28 +02:00
2014-07-14 20:40:40 +02:00
/******************************************************************************/
2015-01-19 04:26:07 +01:00
var headerStartsWith = function(headers, prefix) {
var i = headers.length;
while ( i-- ) {
2015-01-21 01:39:13 +01:00
if ( headers[i].name.toLowerCase().lastIndexOf(prefix, 0) === 0 ) {
return headers[i].value;
}
}
return '';
};
/******************************************************************************/
vAPI.net.onBeforeRequest = {
urls: [
'http://*/*',
'https://*/*'
],
types: [
"main_frame",
"sub_frame",
'stylesheet',
"script",
"image",
"object",
"xmlhttprequest",
"other"
],
extra: [ 'blocking' ],
callback: onBeforeRequest
};
vAPI.net.onBeforeSendHeaders = {
urls: [
'http://*/*',
'https://*/*'
],
types: [
"main_frame"
],
extra: [ 'blocking', 'requestHeaders' ],
callback: onBeforeSendHeaders
};
vAPI.net.onHeadersReceived = {
urls: [
'http://*/*',
'https://*/*'
],
types: [
2015-01-13 17:54:54 +01:00
"main_frame",
"sub_frame"
],
extra: [ 'blocking', 'responseHeaders' ],
callback: onHeadersReceived
};
vAPI.net.registerListeners();
2014-09-24 23:38:22 +02:00
2015-01-24 18:06:22 +01:00
//console.log('traffic.js > Beginning to intercept net requests at %s', (new Date()).toISOString());
2014-06-24 00:42:43 +02:00
/******************************************************************************/
})();
/******************************************************************************/