Commit graph

1331 commits

Author SHA1 Message Date
Raymond Hill
0051f3b5c7
Work toward modernizing code base: promisification
Swathes of code have been converted to use
Promises/async/await. More left to do.

Related commits:
- eec53c0154
- 915687fddb
- 55cc0c6997
- e27328f931
2019-09-16 16:17:48 -04:00
Raymond Hill
eec53c0154
Work toward modernizing code base: promisification
Swathes of code have been converted to use
Promises/async/await. More left to do.

Related commits:
- 915687fddb
- 55cc0c6997
- e27328f931
2019-09-16 09:45:17 -04:00
Raymond Hill
e27328f931
Work toward modernizing code base: promisification
Swathes of code have been converted to use
Promises/async/await. More left to do.

In the process, a regression affecting the fix to
<https://github.com/uBlockOrigin/uBlock-issues/issues/682>
has been fixed.
2019-09-15 07:58:28 -04:00
Raymond Hill
e393a52442
Fix icon title always showing (0) when badge is disabled
Related feedback:
- https://www.reddit.com/r/uBlockOrigin/comments/d33d37/
2019-09-12 12:26:09 -04:00
Raymond Hill
93f438f55e
Add advanced setting for extension reload on update
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/717

Related feedback:
- https://github.com/uBlockOrigin/uBlock-issues/issues/717#issuecomment-530275655

New advanced setting: `extensionUpdateForceReload`

Default value: `false`

If set to `true`, the extension will unconditionally reload
when an update is available; otherwise the extension will
reload only when being explicitly disabled then enabled, or
when the browser is restarted.
2019-09-11 08:00:55 -04:00
Raymond Hill
c8c2e11d09
Prevent reload if updated version is higher than current
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/717

Related feedback:
- https://github.com/uBlockOrigin/uBlock-issues/issues/717#issuecomment-528921730
2019-09-06 13:03:06 -04:00
Raymond Hill
bcf5ac1fee
Add advanced setting to control logger popup type
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/663

The advanced setting `loggerPopupType` has been added, to
control the type of window to be used when the logger is
launched as a separate window.

The default value is `popup`, it can be changed to any of
the values documented at:

https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/windows/CreateType
2019-09-06 11:41:07 -04:00
Raymond Hill
5688888ec1
Remove pointless local scoping 2019-09-06 10:38:17 -04:00
Raymond Hill
59bdf2b4cc
Prevent uBO from being reloaded mid-session
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/717

Just registering a onUpdateAvailable() listener prevents
the browser from reloading the extension mid-session.

Ref:
- https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/runtime/onUpdateAvailable
2019-09-04 10:24:24 -04:00
Raymond Hill
ca9b29c7ec
Distinguish between priviledge and unprivileged messages
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/710

Messages from unprivileged ports (i.e. from content scripts)
are no longer relayed to message handlers which are to be
strictly used to execute privileged code.

The last remaining case of unprivileged messages which
should be converted into a privileged ones will be taken
care of when the following issue is fixed:
- https://github.com/gorhill/uBlock/issues/3497
2019-09-01 12:43:12 -04:00
Raymond Hill
7c7be6c898
Add "Relax blocking mode" command to Opera manifest 2019-08-18 08:39:45 -04:00
Raymond Hill
7ff750eaf6
Reflect blocking mode in badge color of toolbar icon
Related feedback:
- https://www.reddit.com/r/uBlockOrigin/comments/cmh910/

Additionally, the `3p` rule has been made distinct from
`3p-script`/`3p-frame` for the purpose of
"Relax blocking mode" command.

The badge color will hint at the current blocking mode.
There are four colors for the four following blocking
modes:
- JavaScript wholly disabled
- All 3rd parties blocked
- 3rd-party scripts and frames blocked
- None of the above

The default badge color will be used when JavaScript is not
wholly disabled and when there are no rules for `3p`,
`3p-script` or `3p-frame`.

A new advanced setting has been added to let the user choose
the badge colors for the various blocking modes,
`blockingProfileColors`. The value *must* be a sequence of
4 valid CSS color values that match 6 hexadecimal digits
prefixed with`#` -- anything else will be ignored.
2019-08-10 10:57:24 -04:00
Raymond Hill
aaee898d95
Ensure icon & context menu are up to date on window focus change
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/151

Related feedback:
- https://github.com/uBlockOrigin/uBlock-issues/issues/680#issuecomment-515215220
2019-07-26 08:53:20 -04:00
Raymond Hill
066440534d
Prevent popup panel to close when forcing a tab reload
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/672

Additionally, this commit add the ability to press F5 to
force a reload while the popup panel is opened.
2019-07-21 11:50:15 -04:00
Raymond Hill
e1dd7f7043
Ensure toolbar icon reflect updated whitelist directives
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/680

Opportunistically, vAPI.tabs has been refactored toward
ES6 syntax.
2019-07-21 10:48:44 -04:00
Raymond Hill
7e1868b1c3
Add virtuous signal that remote code execution is not possible
Related Chromium issue:
- https://bugs.chromium.org/p/chromium/issues/detail?id=985759

By expressly restricting JavaScript execution to only code
from the extension package, this explicitly tells code reviewer
that uBO can't execute remote code.

I also had to add `object-src 'self'`, otherwise Chromium
refused to load the extension with the following error message:

> 'content_security_policy': CSP directive 'object-src' must be specified

`object-src 'self'` is the default value.
2019-07-21 10:37:58 -04:00
Raymond Hill
730a83377e
Minor code review re. context menu code
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/151

I have been unsuccessful fixing the above issue, but I will
keep the changes made in the process of trying to fix it.
2019-07-02 09:43:26 -04:00
Raymond Hill
1dfdc40e09
Add ability to suspend network request handler at will
This works only for platforms supporting the return of
Promise by network listeners, i.e. only Firefox at this
point.

When filter lists are reloaded[1], there is a small
time window in which some network requests which should
have normally been blocked are not being blocked
because the static network filtering engine may not
have yet loaded all the filters in memory

This is now addressed by suspending the network request
handler when filter lists are reloaded -- again, this
works only on supported platforms.

[1] Examples: when a filter list update session
    completes; when user filters change, when
    adding/removing filter lists.
2019-06-30 10:09:27 -04:00
Raymond Hill
6c34b3c3c9
Use "relax" instead of "toggle"
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/371
2019-06-27 08:16:18 -04:00
Raymond Hill
a9659d039d
Add missing command in manifest.json 2019-06-26 17:17:41 -04:00
Raymond Hill
693687fd74
Add keyboard support for toggling down blocking profile
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/371

By default, no specific keyboard shortcut is predefined,
this will have to be assigned by the user. The command
name in English is "Toggle blocking profile".

The default behavior is to toggle down according to one
of the following scenarios.

a) If script execution is disabled through the no-scripting
switch, the no-scripting switch will be locally toggled
so as to allow script execution. The page will be
automatically reloaded.

b) If script execution is not blocked but the 3rd-party
script and/or frame cells are blocked, local no-op rules
will be set so as to no longer block 3rd-party scripts
and/or frames. The page will be automatically reloaded.

Given this, it may take more than one toggle down command
to reach the lowest blocking profile, which is one where
JavaScript execution is not blocked and 3rd-party scripts
and frames resources block rules, if any, are bypassed
with local no-op rules.

TODO: At this point, I haven't yet decided whether
toggling from the lowest profile should restore the
original highest blocking profile.
2019-06-26 07:47:14 -04:00
Raymond Hill
793aca7ddb
Fix internal cosmetic filter being reported in the logger
Regression from:
- 62387fb87a

Repro steps were:
- Open the logger
- Navigate to `https://news.ycombinator.com/`
- Select an element using the element picker
- Click "Preview"

An attribute selector used internally by uBO to
hide targeted nodes was being reported in the
logger.
2019-06-20 07:14:34 -04:00
Raymond Hill
184e4f7a42
Avoid reloading the dashboard tab if it is already present
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/592
2019-05-24 20:15:40 -04:00
Raymond Hill
eed13194fb
Handle possible exceptions in vAPI.messaging.broadcast()
I had exceptions thrown by that code once in a while,
about the `port` object not being connected; possibly
occurs only when using dev tools with breakpoints
in uBO's code. Even if this can be reproduced randomly
only when debugging uBO, it costs nothing to add code
in there to handle exceptions.
2019-05-21 14:07:38 -04:00
Raymond Hill
1386429382
Fix regression in applying procedural cosmetic filters
Related commit:
- 3573b6b32c
2019-05-16 17:22:20 -04:00
Raymond Hill
3573b6b32c
Add ability to report exception cosmetic filters in the logger
Related issue:
- https://github.com/gorhill/uBlock/issues/127

Additionally, the extended exception filters in the
logger will be rendered with a line-through to more
easily distinguish them from non-exception ones.

Also, opportunistically converted revisited code to
ES6 syntax.
2019-05-16 13:44:49 -04:00
Raymond Hill
9dfb570aa8
Use browser_specific_settings instead of applications
As per MDN's documentation, `applications` is a non-standard
alias for `browser_specific_settings` in `manifest.json`:

https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/manifest.json/browser_specific_settings#Browser_compatibility

Best to use the official manifest key.
2019-05-06 11:34:15 -04:00
Raymond Hill
b87b242384
Use per-request secret rather than time-based secret
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/550
2019-05-01 07:41:04 -04:00
Raymond Hill
99212e3264
Code review: use function arrow properly 2019-05-01 06:35:47 -04:00
Raymond Hill
016625465e
Simplify a bit 9e43852 by using Array.every() 2019-04-30 16:18:40 -04:00
Raymond Hill
0714aceaaf
Simplify secret generation introduced in 9e4385243c 2019-04-30 15:19:10 -04:00
Raymond Hill
9e4385243c
Web accessible secrets can be used for at most one second
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/550

Related Chromium issue (I can't access it):
- https://bugs.chromium.org/p/chromium/issues/detail?id=957866

Findings so far: affects browsers based on Chromium 74.
I could not reproduce the issue with either Chromium 73 or
Google Chrome 75.

This commit is a mitigation: to prevent sites from using
uBO's internal WAR secret for tracking purpose. A secret
can be used for at most one second, after which a new secret
is generated.

The original issue related to the implementation of
secret-gated web accessible resources is:
- https://github.com/gorhill/uBlock/issues/2823
2019-04-30 14:36:07 -04:00
Raymond Hill
367cdd6666
Make use of X-DNS-Prefetch-Control in Chromium-based browsers
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/548

The fix applies only to Chromium-based browsers -- a
`X-DNS-Prefetch-Control` header[1] will be unconditionally
injected when uBO's "Disable pre-fetching" setting is
enabled (it is by default).

This is a mitigation, this does not completely fix the issue
of the setting "Disable pre-fetching" being disregarded on
Chromium-based browsers when sites use
`preconnect`/`preload`.

[1] https://developer.mozilla.org/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control
2019-04-27 13:12:33 -04:00
Raymond Hill
977178bef2
Use a lower WebRTC mode on Firefox to hide private IP addresses
Releated issue:
- https://github.com/gorhill/uBlock/issues/3009

Firefox implements differently the behavior of `disable_non_proxied_udp`,
and this probably leads to more oft-misdiagnosed breakage.

Example:
https://www.reddit.com/r/firefox/comments/b4guyl/gotowebmeeting_same_unsupported_bs/
2019-03-23 16:23:42 -03:00
Raymond Hill
34a138e3ef
Add unlimitedStorage to Firefox manifest; add timeout to IndexedDB access
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/416

The Chromium version of uBO has declared `unlimitedStorage` since the
extension was first published in 2014. Declaring this permission in
Firefox brings uBO inline with the Chromium version. I suspect some
reported errors could be caused by IndexedDB eviction due to the lack
of `unlimitedStorage` permission.

Additionally, a timeout has been added when uBO tries to access its
indexedDB storage. It's unclear whether this will help with the
mentioned related issue though, the root cause is still to be
identified.
2019-03-17 09:45:28 -04:00
Raymond Hill
0d369cda21
Allow use of browser.storage.local as cache storage backend in Firefox
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/409

By default `indexedDB` is used in Firefox for purpose of cache storage
backend.

This commit allows to force the use of `browser.storage.local` instead
as cache storage backend. For this to happen, set `cacheStorageAPI` to
`browser.storage.local` in advanced settings.

Additionally, should `indexedDB` not be available for whatever reason,
uBO will automatically fallback to `browser.storage.local`.
2019-02-17 15:40:09 -05:00
Raymond Hill
ed7e34fb07
Refactor selfie generation into a more flexible persistence mechanism
The motivation is to address the higher peak memory usage at launch
time with 3rd-gen HNTrie when a selfie was present.

The selfie generation prior to this change was to collect all
filtering data into a single data structure, and then to serialize
that whole structure at once into storage (using JSON.stringify).

However, HNTrie serialization requires that a large UintArray32 be
converted into a plain JS array, which itslef would be indirectly
converted into a JSON string. This was the main reason why peak
memory usage would be higher at launch from selfie, since the JSON
string would need to be wholly unserialized into JS objects, which
themselves would need to be converted into more specialized data
structures (like that Uint32Array one).

The solution to lower peak memory usage at launch is to refactor
selfie generation to allow a more piecemeal approach: each filtering
component is given the ability to serialize itself rather than to be
forced to be embedded in the master selfie. With this approach, the
HNTrie buffer can now serialize to its own storage by converting the
buffer data directly into a string which can be directly sent to
storage. This avoiding expensive intermediate steps such as
converting into a JS array and then to a JSON string.

As part of the refactoring, there was also opportunistic code
upgrade to ES6 and Promise (eventually all of uBO's code will be
proper ES6).

Additionally, the polyfill to bring getBytesInUse() to Firefox has
been revisited to replace the rather expensive previous
implementation with an implementation with virtually no overhead.
2019-02-14 13:33:55 -05:00
Raymond Hill
83a3767a16
Test presence of firefox instead of absence of chromium 2019-02-12 15:29:20 -05:00
Raymond Hill
8c4249a870
Try to not rely on UA to lookup environment flavor
The environment flavor is used to by uBO to for self-configuration.

For users with spoofed UA at the `about:config` level, this might
cause uBO to misconfigure itself. Avoid UA and strictly rely on
browserInfo() for looking up environment parameters.
2019-02-12 11:11:58 -05:00
Raymond Hill
e06cf1de9b
Shield early request handler against re-entrance
Unlikely re-entrance is occurring, but there is no harm
shielding against it -- just in case.
2019-02-12 07:13:37 -05:00
Raymond Hill
656203adc7
Minor generic code review of changes since 1.18.2 2019-02-02 08:09:34 -05:00
Raymond Hill
920eee88be
Code review: ensure vAPI.shutdown.exec is called from root context only
This prevents uncaught errors in content scripts when uBO's main
process is terminated (i.e. disabled, updated).
2019-01-28 16:16:52 -05:00
Raymond Hill
a6ebcc85be
Reuse both flavors of webRequest wrapper in webext package
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/407

Both flavors will be stitched together into a single
`vapi-qebrequest.js` file.

The decision of which flavor to use will be made at runtime,
according to the browser environment.
2019-01-28 16:12:26 -05:00
Raymond Hill
15100459b3
Harden content script's message Port against spurious disconnections
Those spurious disconnections have been observed to occur at
uBO's launch time.

Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/403

I have observed that this fixes an issue observed on Firefox 64
(current stable).

The reported Waterfox issue *may* be fixed as a result. If not,
the issue he still considered fixed as Waterfox is not
officially supported.
2019-01-27 17:07:40 -05:00
Raymond Hill
3eb26fc0c5
Set minimum Opera version to 40 (Chromium 53) 2019-01-25 08:41:15 -05:00
Raymond Hill
305cd4db1c
Experimental Thunderbird 65+ support: experimental
Related issues:
- https://github.com/uBlockOrigin/uBlock-issues/issues/194

This is a first iteration, which purpose is to merely allow
uBO to load properly. Many things are known to not work,
quite probably due to the early Thunderbird support of the
WebExtensions framework.

Permission which had to be removed:
- contextMenus

Manifest entries which had to be removed:
- commands
- sidebar_action

uBO's webRequest listeners are not being called when loading a
feed item in the preview pane, *except* for resources fetched
from embedded iframes.

uBO appears to function properly when a feed item is opened in
its own tab.
2019-01-20 12:22:40 -05:00
Raymond Hill
ed5d63df69
Grand refactoring of the logger
Performance-related work: the logger data has been decoupled
from the DOM -- inspired from CodeMirror's way of efficiently
handling large amout of text data.

This decoupling now makes the logger highly efficient CPU- and
memory-wise, and open the way to more possibilities.

Ability to configure some aspect of the logger behavior and
visuals:
- The hard-coded limit of 5000 entries has been
  removed and is now replaced with a variety of
  user-configurable settings to enforce the discarding of
  logger entries.
- Some columns in the logger output can now be hidden.

The filter list look-up feature has been merged into the
existing overlay dialog used to create URL rules or static
filters, as an entry in a new "Details" pane.

Other issues addressed during refactoring:
- https://github.com/uBlockOrigin/uBlock-issues/issues/280
- https://github.com/gorhill/uBlock/issues/1999

The minimum version supported on Firefox has been bumped
up to 55.0.
2019-01-12 16:36:20 -05:00
Raymond Hill
0341a5e1f9
Use URL to proper issue in comments 2018-12-25 13:29:41 -05:00
Raymond Hill
be9e7fd11c
Code review related to the early blocking of network requests at launch 2018-12-24 08:56:35 -05:00
Raymond Hill
41548be6be
Move early blocking of requests out of experimental status on Firefox
Related issues:
- https://github.com/gorhill/uBlock/issues/2067
- https://github.com/uBlockOrigin/uBlock-issues/issues/128

Related mozbug issue:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1503721
2018-12-23 17:59:31 -05:00