Commit graph

766 commits

Author SHA1 Message Date
Raymond Hill
3a564c1992
Add ability to uncloak CNAME records
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/780

New webext permission added: `dns`, which purpose is
to allow an extension to fetch the DNS record of
specific hostnames, reference documentation:

https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/dns

The webext API `dns` is available in Firefox 60+ only.

The new API will enable uBO to "uncloak" the actual
hostname used in network requests. The ability is
currently disabled by default for now -- this is only
a first commit related to the above issue to allow
advanced users to immediately use the new ability.

Four advanced settings have been created to control the
uncloaking of actual hostnames:

cnameAliasList: a space-separated list of hostnames.
Default value: unset => empty list.
Special value: * => all hostnames.
A space-separated list of hostnames => this tells uBO
to "uncloak" the  hostnames in the list will.

cnameIgnoreList: a space-separated list of hostnames.
Default value: unset => empty list.
Special value: * => all hostnames.
A space-separated list of hostnames => this tells uBO
to NOT re-run the network request through uBO's
filtering engine with the CNAME hostname. This is
useful to exclude commonly used actual hostnames
from being re-run through uBO's filtering engine, so
as to avoid pointless overhead.

cnameIgnore1stParty: boolean.
Default value: true.
Whether uBO should ignore to re-run a network request
through the filtering engine when the CNAME hostname
is 1st-party to the alias hostname.

cnameMaxTTL: number of minutes.
Default value: 120.
This tells uBO to clear its CNAME cache after the
specified time. For efficiency purpose, uBO will
cache alias=>CNAME associations for reuse so as
to reduce calls to `browser.dns.resolve`. All the
associations will be cleared after the specified time
to ensure the map does not grow too large and too
ensure uBO uses up to date CNAME information.
2019-11-19 12:05:33 -05:00
Raymond Hill
a69b301d81
Fine-tune new bidi-trie code
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/761
2019-10-29 10:26:34 -04:00
Raymond Hill
b79445320d
Force-unsuspend when starting webRequest listener
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/759

If for some reasons the launch code throws, uBO could
find itself in permanent suspend mode, thus preventing
web pages from loading in Firefox.

Though uBO should not have exceptions thrown during
it's initialization code, this commit will ensure
uBO complete its initialization process should it
ever happen for whatever reason.
2019-10-27 11:41:08 -04:00
Raymond Hill
35cb0eb377
Do not bypass network listener in suspended mode
Tabless network requests were bypassing uBO's
onBeforeRequest's listener when in suspended
mode. Suspend mode occurs during the time the
filter lists are all reloaded.

Regression from:
- 1dfdc40e09 (diff-d04c15ee6bff6a6269c6aee25a7c7522R1122)
2019-10-07 08:13:37 -04:00
Raymond Hill
41ab06a47b
Fix regression in cosmetic filtering
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/740

Related commit:
- 3f074d7908
2019-09-30 10:40:56 -04:00
Raymond Hill
3f074d7908
Use self when testing for vAPI presence 2019-09-30 07:50:35 -04:00
Raymond Hill
efa4ff3bcf
Code review re. dynamically loaded vapi-client-extra.js
Related commit:
- 87d0e456f1

Ensure that the code which depends on extending
`vapi-client.js` is ready to deal with
`vapi-client-extra.js` failing to load.
2019-09-26 15:57:55 -04:00
Raymond Hill
733b2330de
Prevent spurious error messages to browser console
These spurious error messages can occur when a
extension framework API method return a
rejected Promise. In uBO the results of
browserAction methods is not used so it can be
safely discarded.
2019-09-23 09:29:17 -04:00
Raymond Hill
f204d24bf4
Match static popup filter against local context
Related feedback:
- https://www.reddit.com/r/uBlockOrigin/comments/d6zbqv/

For static filter `popup` filter purpose, the URL of the
embedded frame from which the popup was launched will
be used in the matching algorithm.
2019-09-23 08:25:23 -04:00
Raymond Hill
010635acd6
Add support for ping static filter option
Related issue:
- https://github.com/gorhill/uBlock/issues/1493

Documentation:
- https://help.eyeo.com/adblockplus/how-to-write-filters#type-options

Test page:
- https://testpages.adblockplus.org/en/filters/ping

Additionally, network requests of type `beacon` will
be mapped to `ping` by the static filtering engine.
2019-09-22 09:11:55 -04:00
Raymond Hill
350e436c08
Remove remnants of chrome references...
... from platform-independent code.

This should complete the de-chromiumification of
uBO. Next step will be to swap the content of the
`platform/chromium` and `platform/firefox`
folders so as to reflect that Firefox is the
natural platform for uBO.
2019-09-21 12:06:57 -04:00
Raymond Hill
0c6407c082
Use webext.menus, not browser.contextMenus (oops) 2019-09-20 07:59:21 -04:00
Raymond Hill
58620fb051
Work toward modernizing code base: promisification
Swathes of code have been converted to use
Promises/async/await.

Related commits:
- 022951547c
- 3224d9b5cc
- 26235d80d0
- 0051f3b5c7
- eec53c0154
- 915687fddb
- 55cc0c6997
- e27328f931
2019-09-19 16:41:44 -04:00
Raymond Hill
5f60c31f77
Fix copyright dates as per commit history
vapi.js
-https://github.com/gorhill/uBlock/commits/master/platform/chromium/vapi.js

vapi-common-js
- https://github.com/gorhill/uBlock/commits/master/platform/chromium/vapi-common.js
- 266f62914f/meta/crx/vapi-common.js
- 8444923c0c/src/js/vapi-common.js

vapi-background.js
- https://github.com/gorhill/uBlock/commits/master/platform/chromium/vapi-background.js
- 266f62914f/meta/crx/vapi-background.js
- 8444923c0c/src/js/vapi-background.js

vapi-client.js
- https://github.com/gorhill/uBlock/commits/master/platform/chromium/vapi-client.js
- 266f62914f/meta/crx/vapi-client.js
- 8444923c0c/src/js/vapi-client.js
2019-09-19 11:04:12 -04:00
Raymond Hill
60aa80b571
Fix erroneous copyright date
As per commit history:
266f62914f/meta/crx/vapi-client.js
2019-09-19 09:12:51 -04:00
Raymond Hill
a45a962517
Fix property name inconsistency
Addtionally, fixed erroneous copyright date, as per
commit history:
https://github.com/gorhill/uBlock/commits/master/platform/chromium/vapi-client.js
2019-09-19 09:07:55 -04:00
Raymond Hill
87d0e456f1
Simplify client messaging code
Little-used code from vapi-client.js has been moved
to vapi-client-extra.js. Given that vapi-client.js
is injected in all web pages, this means less dead
code being injected in all pages.

Swathes of code in vapi-client.js was used only in
a few very specific cases, such as when the logger's
DOM inspector is opened or when the "Filter lists"
pane in the dashboard is opened -- and thus to avoid
that little used code to be loaded in every web page
unconditionally, it has been moved to its own
separate file, vapi-client.extra.js.

vapi-client-extra.js is loaded declaratively or
programmatically only where needed.
2019-09-19 08:31:38 -04:00
Raymond Hill
022951547c
Work toward modernizing code base: promisification
Swathes of code have been converted to use
Promises/async/await.

Related commits:
- 3224d9b5cc
- 26235d80d0
- 0051f3b5c7
- eec53c0154
- 915687fddb
- 55cc0c6997
- e27328f931
2019-09-18 08:34:55 -04:00
Raymond Hill
ed99d52bc4
Simplify slightly messaging code
- No need to hold onto channel name and message data while
  waiting for response to resolve
- Use more representative `msgId` instead of `auxProcessId`
2019-09-17 17:43:52 -04:00
Raymond Hill
3224d9b5cc
Work toward modernizing code base: promisification
Swathes of code have been converted to use
Promises/async/await.

Related commits:
- 26235d80d0
- 0051f3b5c7
- eec53c0154
- 915687fddb
- 55cc0c6997
- e27328f931
2019-09-17 15:15:01 -04:00
Raymond Hill
0051f3b5c7
Work toward modernizing code base: promisification
Swathes of code have been converted to use
Promises/async/await. More left to do.

Related commits:
- eec53c0154
- 915687fddb
- 55cc0c6997
- e27328f931
2019-09-16 16:17:48 -04:00
Raymond Hill
eec53c0154
Work toward modernizing code base: promisification
Swathes of code have been converted to use
Promises/async/await. More left to do.

Related commits:
- 915687fddb
- 55cc0c6997
- e27328f931
2019-09-16 09:45:17 -04:00
Raymond Hill
e27328f931
Work toward modernizing code base: promisification
Swathes of code have been converted to use
Promises/async/await. More left to do.

In the process, a regression affecting the fix to
<https://github.com/uBlockOrigin/uBlock-issues/issues/682>
has been fixed.
2019-09-15 07:58:28 -04:00
Raymond Hill
e393a52442
Fix icon title always showing (0) when badge is disabled
Related feedback:
- https://www.reddit.com/r/uBlockOrigin/comments/d33d37/
2019-09-12 12:26:09 -04:00
Raymond Hill
93f438f55e
Add advanced setting for extension reload on update
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/717

Related feedback:
- https://github.com/uBlockOrigin/uBlock-issues/issues/717#issuecomment-530275655

New advanced setting: `extensionUpdateForceReload`

Default value: `false`

If set to `true`, the extension will unconditionally reload
when an update is available; otherwise the extension will
reload only when being explicitly disabled then enabled, or
when the browser is restarted.
2019-09-11 08:00:55 -04:00
Raymond Hill
c8c2e11d09
Prevent reload if updated version is higher than current
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/717

Related feedback:
- https://github.com/uBlockOrigin/uBlock-issues/issues/717#issuecomment-528921730
2019-09-06 13:03:06 -04:00
Raymond Hill
bcf5ac1fee
Add advanced setting to control logger popup type
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/663

The advanced setting `loggerPopupType` has been added, to
control the type of window to be used when the logger is
launched as a separate window.

The default value is `popup`, it can be changed to any of
the values documented at:

https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/windows/CreateType
2019-09-06 11:41:07 -04:00
Raymond Hill
5688888ec1
Remove pointless local scoping 2019-09-06 10:38:17 -04:00
Raymond Hill
59bdf2b4cc
Prevent uBO from being reloaded mid-session
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/717

Just registering a onUpdateAvailable() listener prevents
the browser from reloading the extension mid-session.

Ref:
- https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/runtime/onUpdateAvailable
2019-09-04 10:24:24 -04:00
Raymond Hill
ca9b29c7ec
Distinguish between priviledge and unprivileged messages
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/710

Messages from unprivileged ports (i.e. from content scripts)
are no longer relayed to message handlers which are to be
strictly used to execute privileged code.

The last remaining case of unprivileged messages which
should be converted into a privileged ones will be taken
care of when the following issue is fixed:
- https://github.com/gorhill/uBlock/issues/3497
2019-09-01 12:43:12 -04:00
Raymond Hill
7ff750eaf6
Reflect blocking mode in badge color of toolbar icon
Related feedback:
- https://www.reddit.com/r/uBlockOrigin/comments/cmh910/

Additionally, the `3p` rule has been made distinct from
`3p-script`/`3p-frame` for the purpose of
"Relax blocking mode" command.

The badge color will hint at the current blocking mode.
There are four colors for the four following blocking
modes:
- JavaScript wholly disabled
- All 3rd parties blocked
- 3rd-party scripts and frames blocked
- None of the above

The default badge color will be used when JavaScript is not
wholly disabled and when there are no rules for `3p`,
`3p-script` or `3p-frame`.

A new advanced setting has been added to let the user choose
the badge colors for the various blocking modes,
`blockingProfileColors`. The value *must* be a sequence of
4 valid CSS color values that match 6 hexadecimal digits
prefixed with`#` -- anything else will be ignored.
2019-08-10 10:57:24 -04:00
Raymond Hill
aaee898d95
Ensure icon & context menu are up to date on window focus change
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/151

Related feedback:
- https://github.com/uBlockOrigin/uBlock-issues/issues/680#issuecomment-515215220
2019-07-26 08:53:20 -04:00
Raymond Hill
066440534d
Prevent popup panel to close when forcing a tab reload
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/672

Additionally, this commit add the ability to press F5 to
force a reload while the popup panel is opened.
2019-07-21 11:50:15 -04:00
Raymond Hill
e1dd7f7043
Ensure toolbar icon reflect updated whitelist directives
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/680

Opportunistically, vAPI.tabs has been refactored toward
ES6 syntax.
2019-07-21 10:48:44 -04:00
Raymond Hill
7e1868b1c3
Add virtuous signal that remote code execution is not possible
Related Chromium issue:
- https://bugs.chromium.org/p/chromium/issues/detail?id=985759

By expressly restricting JavaScript execution to only code
from the extension package, this explicitly tells code reviewer
that uBO can't execute remote code.

I also had to add `object-src 'self'`, otherwise Chromium
refused to load the extension with the following error message:

> 'content_security_policy': CSP directive 'object-src' must be specified

`object-src 'self'` is the default value.
2019-07-21 10:37:58 -04:00
Raymond Hill
730a83377e
Minor code review re. context menu code
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/151

I have been unsuccessful fixing the above issue, but I will
keep the changes made in the process of trying to fix it.
2019-07-02 09:43:26 -04:00
Raymond Hill
1dfdc40e09
Add ability to suspend network request handler at will
This works only for platforms supporting the return of
Promise by network listeners, i.e. only Firefox at this
point.

When filter lists are reloaded[1], there is a small
time window in which some network requests which should
have normally been blocked are not being blocked
because the static network filtering engine may not
have yet loaded all the filters in memory

This is now addressed by suspending the network request
handler when filter lists are reloaded -- again, this
works only on supported platforms.

[1] Examples: when a filter list update session
    completes; when user filters change, when
    adding/removing filter lists.
2019-06-30 10:09:27 -04:00
Raymond Hill
6c34b3c3c9
Use "relax" instead of "toggle"
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/371
2019-06-27 08:16:18 -04:00
Raymond Hill
693687fd74
Add keyboard support for toggling down blocking profile
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/371

By default, no specific keyboard shortcut is predefined,
this will have to be assigned by the user. The command
name in English is "Toggle blocking profile".

The default behavior is to toggle down according to one
of the following scenarios.

a) If script execution is disabled through the no-scripting
switch, the no-scripting switch will be locally toggled
so as to allow script execution. The page will be
automatically reloaded.

b) If script execution is not blocked but the 3rd-party
script and/or frame cells are blocked, local no-op rules
will be set so as to no longer block 3rd-party scripts
and/or frames. The page will be automatically reloaded.

Given this, it may take more than one toggle down command
to reach the lowest blocking profile, which is one where
JavaScript execution is not blocked and 3rd-party scripts
and frames resources block rules, if any, are bypassed
with local no-op rules.

TODO: At this point, I haven't yet decided whether
toggling from the lowest profile should restore the
original highest blocking profile.
2019-06-26 07:47:14 -04:00
Raymond Hill
793aca7ddb
Fix internal cosmetic filter being reported in the logger
Regression from:
- 62387fb87a

Repro steps were:
- Open the logger
- Navigate to `https://news.ycombinator.com/`
- Select an element using the element picker
- Click "Preview"

An attribute selector used internally by uBO to
hide targeted nodes was being reported in the
logger.
2019-06-20 07:14:34 -04:00
Raymond Hill
184e4f7a42
Avoid reloading the dashboard tab if it is already present
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/592
2019-05-24 20:15:40 -04:00
Raymond Hill
eed13194fb
Handle possible exceptions in vAPI.messaging.broadcast()
I had exceptions thrown by that code once in a while,
about the `port` object not being connected; possibly
occurs only when using dev tools with breakpoints
in uBO's code. Even if this can be reproduced randomly
only when debugging uBO, it costs nothing to add code
in there to handle exceptions.
2019-05-21 14:07:38 -04:00
Raymond Hill
1386429382
Fix regression in applying procedural cosmetic filters
Related commit:
- 3573b6b32c
2019-05-16 17:22:20 -04:00
Raymond Hill
3573b6b32c
Add ability to report exception cosmetic filters in the logger
Related issue:
- https://github.com/gorhill/uBlock/issues/127

Additionally, the extended exception filters in the
logger will be rendered with a line-through to more
easily distinguish them from non-exception ones.

Also, opportunistically converted revisited code to
ES6 syntax.
2019-05-16 13:44:49 -04:00
Raymond Hill
b87b242384
Use per-request secret rather than time-based secret
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/550
2019-05-01 07:41:04 -04:00
Raymond Hill
99212e3264
Code review: use function arrow properly 2019-05-01 06:35:47 -04:00
Raymond Hill
016625465e
Simplify a bit 9e43852 by using Array.every() 2019-04-30 16:18:40 -04:00
Raymond Hill
0714aceaaf
Simplify secret generation introduced in 9e4385243c 2019-04-30 15:19:10 -04:00
Raymond Hill
9e4385243c
Web accessible secrets can be used for at most one second
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/550

Related Chromium issue (I can't access it):
- https://bugs.chromium.org/p/chromium/issues/detail?id=957866

Findings so far: affects browsers based on Chromium 74.
I could not reproduce the issue with either Chromium 73 or
Google Chrome 75.

This commit is a mitigation: to prevent sites from using
uBO's internal WAR secret for tracking purpose. A secret
can be used for at most one second, after which a new secret
is generated.

The original issue related to the implementation of
secret-gated web accessible resources is:
- https://github.com/gorhill/uBlock/issues/2823
2019-04-30 14:36:07 -04:00
Raymond Hill
367cdd6666
Make use of X-DNS-Prefetch-Control in Chromium-based browsers
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/548

The fix applies only to Chromium-based browsers -- a
`X-DNS-Prefetch-Control` header[1] will be unconditionally
injected when uBO's "Disable pre-fetching" setting is
enabled (it is by default).

This is a mitigation, this does not completely fix the issue
of the setting "Disable pre-fetching" being disregarded on
Chromium-based browsers when sites use
`preconnect`/`preload`.

[1] https://developer.mozilla.org/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control
2019-04-27 13:12:33 -04:00