Move proxy-detection code to Firefox-specific code

Related commit:
- https://github.com/uBlockOrigin/uBlock-issues/issues/911

The motivation is to avoid executing code which is
unnecessary on platforms not supporting the browser.dns
API.
This commit is contained in:
Raymond Hill 2020-03-23 13:31:43 -04:00
parent 5d804f5d78
commit 11d24abea0
No known key found for this signature in database
GPG Key ID: 25E1490B761470C2
3 changed files with 52 additions and 33 deletions

View File

@ -49,6 +49,27 @@
const reAsciiHostname = /^https?:\/\/[0-9a-z_.:@-]+[/?#]/; const reAsciiHostname = /^https?:\/\/[0-9a-z_.:@-]+[/?#]/;
const parsedURL = new URL('about:blank'); const parsedURL = new URL('about:blank');
// Canonical name-uncloaking feature.
let cnameUncloak = browser.dns instanceof Object;
let cnameUncloakProxied = false;
// https://github.com/uBlockOrigin/uBlock-issues/issues/911
// We detect here whether network requests are proxied, and if so,
// de-aliasing of hostnames will be disabled to avoid possible
// DNS leaks.
const proxyDetector = function(details) {
if ( details.proxyInfo instanceof Object ) {
cnameUncloak = false;
proxyDetectorTryCount = 0;
}
if ( proxyDetectorTryCount === 0 ) {
browser.webRequest.onHeadersReceived.removeListener(proxyDetector);
return;
}
proxyDetectorTryCount -= 1;
};
let proxyDetectorTryCount = 0;
// Related issues: // Related issues:
// - https://github.com/gorhill/uBlock/issues/1327 // - https://github.com/gorhill/uBlock/issues/1327
// - https://github.com/uBlockOrigin/uBlock-issues/issues/128 // - https://github.com/uBlockOrigin/uBlock-issues/issues/128
@ -68,13 +89,15 @@
this.cnameMaxTTL = 120; this.cnameMaxTTL = 120;
this.cnameReplayFullURL = false; this.cnameReplayFullURL = false;
this.cnameFlushTime = Date.now() + this.cnameMaxTTL * 60000; this.cnameFlushTime = Date.now() + this.cnameMaxTTL * 60000;
this.cnameUncloak = browser.dns instanceof Object;
} }
setOptions(options) { setOptions(options) {
super.setOptions(options); super.setOptions(options);
if ( 'cnameUncloak' in options ) { if ( 'cnameUncloak' in options ) {
this.cnameUncloak = browser.dns instanceof Object && cnameUncloak = browser.dns instanceof Object &&
options.cnameUncloak !== false; options.cnameUncloak !== false;
}
if ( 'cnameUncloakProxied' in options ) {
cnameUncloakProxied = options.cnameUncloakProxied === true;
} }
if ( 'cnameIgnoreList' in options ) { if ( 'cnameIgnoreList' in options ) {
this.cnameIgnoreList = this.cnameIgnoreList =
@ -100,6 +123,21 @@
} }
this.cnames.clear(); this.cnames.set('', ''); this.cnames.clear(); this.cnames.set('', '');
this.cnameFlushTime = Date.now() + this.cnameMaxTTL * 60000; this.cnameFlushTime = Date.now() + this.cnameMaxTTL * 60000;
// https://github.com/uBlockOrigin/uBlock-issues/issues/911
// Install/remove proxy detector.
const wrohr = browser.webRequest.onHeadersReceived;
if ( cnameUncloak === false || cnameUncloakProxied ) {
if ( wrohr.hasListener(proxyDetector) ) {
wrohr.removeListener(proxyDetector);
}
} else if ( wrohr.hasListener(proxyDetector) === false ) {
wrohr.addListener(
proxyDetector,
{ urls: [ '*://*/*' ] },
[ 'blocking' ]
);
}
proxyDetectorTryCount = 32;
} }
normalizeDetails(details) { normalizeDetails(details) {
if ( mustPunycode && !reAsciiHostname.test(details.url) ) { if ( mustPunycode && !reAsciiHostname.test(details.url) ) {
@ -226,7 +264,7 @@
} }
onBeforeSuspendableRequest(details) { onBeforeSuspendableRequest(details) {
const r = super.onBeforeSuspendableRequest(details); const r = super.onBeforeSuspendableRequest(details);
if ( this.cnameUncloak === false ) { return r; } if ( cnameUncloak === false ) { return r; }
if ( r !== undefined ) { if ( r !== undefined ) {
if ( if (
r.cancel === true || r.cancel === true ||

View File

@ -133,26 +133,18 @@
}; };
self.addEventListener('hiddenSettingsChanged', ( ) => { self.addEventListener('hiddenSettingsChanged', ( ) => {
self.log.verbosity = µBlock.hiddenSettings.consoleLogLevel; const µbhs = µBlock.hiddenSettings;
self.log.verbosity = µbhs.consoleLogLevel;
vAPI.net.setOptions({ vAPI.net.setOptions({
cnameIgnoreList: µBlock.hiddenSettings.cnameIgnoreList, cnameIgnoreList: µbhs.cnameIgnoreList,
cnameIgnore1stParty: µBlock.hiddenSettings.cnameIgnore1stParty, cnameIgnore1stParty: µbhs.cnameIgnore1stParty,
cnameIgnoreExceptions: µBlock.hiddenSettings.cnameIgnoreExceptions, cnameIgnoreExceptions: µbhs.cnameIgnoreExceptions,
cnameIgnoreRootDocument: µBlock.hiddenSettings.cnameIgnoreRootDocument, cnameIgnoreRootDocument: µbhs.cnameIgnoreRootDocument,
cnameMaxTTL: µBlock.hiddenSettings.cnameMaxTTL, cnameMaxTTL: µbhs.cnameMaxTTL,
cnameReplayFullURL: µBlock.hiddenSettings.cnameReplayFullURL, cnameReplayFullURL: µbhs.cnameReplayFullURL,
cnameUncloak: µBlock.hiddenSettings.cnameUncloak, cnameUncloak: µbhs.cnameUncloak,
cnameUncloakProxied: µbhs.cnameUncloakProxied,
}); });
// https://github.com/uBlockOrigin/uBlock-issues/issues/911
// See uBO's onHeadersReceived() listener.
if (
µBlock.hiddenSettings.cnameUncloak === false ||
µBlock.hiddenSettings.cnameUncloakProxied === true
) {
µBlock.proxyDNS = false;
} else {
µBlock.proxyDNS = undefined;
}
}); });
/******************************************************************************/ /******************************************************************************/

View File

@ -441,17 +441,6 @@ const onHeadersReceived = function(details) {
const isRootDoc = requestType === 'main_frame'; const isRootDoc = requestType === 'main_frame';
const isDoc = isRootDoc || requestType === 'sub_frame'; const isDoc = isRootDoc || requestType === 'sub_frame';
// https://github.com/uBlockOrigin/uBlock-issues/issues/911
// We detect here whether network requests are proxied, and if so,
// de-aliasing of hostnames will be disabled to avoid possible
// DNS leaks.
if ( isRootDoc && µb.proxyDNS === undefined ) {
µb.proxyDNS = details.proxyInfo instanceof Object;
if ( µb.proxyDNS ) {
vAPI.net.setOptions({ cnameUncloak: false });
}
}
let pageStore = µb.pageStoreFromTabId(fctxt.tabId); let pageStore = µb.pageStoreFromTabId(fctxt.tabId);
if ( pageStore === null ) { if ( pageStore === null ) {
if ( isRootDoc === false ) { return; } if ( isRootDoc === false ) { return; }