mirror of https://github.com/gorhill/uBlock.git
Use helper function to lookup safe cookie values
This helper function is now used by `set-cookie` and `set-local-storage-item` scriptlets, so changes in the helper function will benefit both scriptlets.
This commit is contained in:
parent
3e2171f550
commit
79e10323ad
|
@ -954,6 +954,33 @@ function objectFindOwnerFn(
|
||||||
|
|
||||||
/******************************************************************************/
|
/******************************************************************************/
|
||||||
|
|
||||||
|
builtinScriptlets.push({
|
||||||
|
name: 'get-safe-cookie-values.fn',
|
||||||
|
fn: getSafeCookieValuesFn,
|
||||||
|
});
|
||||||
|
function getSafeCookieValuesFn() {
|
||||||
|
return [
|
||||||
|
'accept', 'reject',
|
||||||
|
'accepted', 'rejected', 'notaccepted',
|
||||||
|
'allow', 'disallow', 'deny',
|
||||||
|
'allowed', 'denied',
|
||||||
|
'approved', 'disapproved',
|
||||||
|
'checked', 'unchecked',
|
||||||
|
'dismiss', 'dismissed',
|
||||||
|
'enable', 'disable',
|
||||||
|
'enabled', 'disabled',
|
||||||
|
'essential', 'nonessential',
|
||||||
|
'hide', 'hidden',
|
||||||
|
'necessary', 'required',
|
||||||
|
'ok',
|
||||||
|
'on', 'off',
|
||||||
|
'true', 't', 'false', 'f',
|
||||||
|
'yes', 'y', 'no', 'n',
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
|
/******************************************************************************/
|
||||||
|
|
||||||
builtinScriptlets.push({
|
builtinScriptlets.push({
|
||||||
name: 'get-all-cookies.fn',
|
name: 'get-all-cookies.fn',
|
||||||
fn: getAllCookiesFn,
|
fn: getAllCookiesFn,
|
||||||
|
@ -1076,6 +1103,7 @@ builtinScriptlets.push({
|
||||||
name: 'set-local-storage-item.fn',
|
name: 'set-local-storage-item.fn',
|
||||||
fn: setLocalStorageItemFn,
|
fn: setLocalStorageItemFn,
|
||||||
dependencies: [
|
dependencies: [
|
||||||
|
'get-safe-cookie-values.fn',
|
||||||
'safe-self.fn',
|
'safe-self.fn',
|
||||||
],
|
],
|
||||||
});
|
});
|
||||||
|
@ -1097,14 +1125,9 @@ function setLocalStorageItemFn(
|
||||||
const trustedValues = [
|
const trustedValues = [
|
||||||
'',
|
'',
|
||||||
'undefined', 'null',
|
'undefined', 'null',
|
||||||
'false', 'true',
|
|
||||||
'on', 'off',
|
|
||||||
'yes', 'no',
|
|
||||||
'accept', 'reject',
|
|
||||||
'accepted', 'rejected',
|
|
||||||
'allowed', 'denied',
|
|
||||||
'{}', '[]', '""',
|
'{}', '[]', '""',
|
||||||
'$remove$',
|
'$remove$',
|
||||||
|
...getSafeCookieValuesFn(),
|
||||||
];
|
];
|
||||||
|
|
||||||
if ( trusted ) {
|
if ( trusted ) {
|
||||||
|
@ -3819,6 +3842,7 @@ builtinScriptlets.push({
|
||||||
fn: setCookie,
|
fn: setCookie,
|
||||||
world: 'ISOLATED',
|
world: 'ISOLATED',
|
||||||
dependencies: [
|
dependencies: [
|
||||||
|
'get-safe-cookie-values.fn',
|
||||||
'safe-self.fn',
|
'safe-self.fn',
|
||||||
'set-cookie.fn',
|
'set-cookie.fn',
|
||||||
],
|
],
|
||||||
|
@ -3831,28 +3855,10 @@ function setCookie(
|
||||||
if ( name === '' ) { return; }
|
if ( name === '' ) { return; }
|
||||||
const safe = safeSelf();
|
const safe = safeSelf();
|
||||||
const logPrefix = safe.makeLogPrefix('set-cookie', name, value, path);
|
const logPrefix = safe.makeLogPrefix('set-cookie', name, value, path);
|
||||||
|
|
||||||
const validValues = [
|
|
||||||
'accept', 'reject',
|
|
||||||
'accepted', 'rejected', 'notaccepted',
|
|
||||||
'allow', 'deny',
|
|
||||||
'allowed', 'disallow',
|
|
||||||
'enable', 'disable',
|
|
||||||
'enabled', 'disabled',
|
|
||||||
'ok',
|
|
||||||
'on', 'off',
|
|
||||||
'true', 't', 'false', 'f',
|
|
||||||
'yes', 'y', 'no', 'n',
|
|
||||||
'necessary', 'required',
|
|
||||||
'approved', 'disapproved',
|
|
||||||
'hide', 'hidden',
|
|
||||||
'essential', 'nonessential',
|
|
||||||
'dismiss', 'dismissed',
|
|
||||||
'checked', 'unchecked',
|
|
||||||
];
|
|
||||||
const normalized = value.toLowerCase();
|
const normalized = value.toLowerCase();
|
||||||
const match = /^("?)(.+)\1$/.exec(normalized);
|
const match = /^("?)(.+)\1$/.exec(normalized);
|
||||||
const unquoted = match && match[2] || normalized;
|
const unquoted = match && match[2] || normalized;
|
||||||
|
const validValues = getSafeCookieValuesFn();
|
||||||
if ( validValues.includes(unquoted) === false ) {
|
if ( validValues.includes(unquoted) === false ) {
|
||||||
if ( /^\d+$/.test(unquoted) === false ) { return; }
|
if ( /^\d+$/.test(unquoted) === false ) { return; }
|
||||||
const n = parseInt(value, 10);
|
const n = parseInt(value, 10);
|
||||||
|
|
Loading…
Reference in New Issue