Mirrors
/
uBlock
mirror of https://github.com/gorhill/uBlock.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

#956/#1497: code review

This commit is contained in:
gorhill 2016-04-21 12:26:08 -04:00
parent a6028083f3
commit e1f150f494
2 changed files with 284 additions and 107 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

238
platform/chromium/vapi-client.js
View File

@ -341,6 +341,7 @@ vAPI.shutdown.add(function() {
/******************************************************************************/ /******************************************************************************/
// https://bugs.chromium.org/p/chromium/issues/detail?id=129353 // https://bugs.chromium.org/p/chromium/issues/detail?id=129353
// https://github.com/gorhill/uBlock/issues/956
// https://github.com/gorhill/uBlock/issues/1497 // https://github.com/gorhill/uBlock/issues/1497
// Trap calls to WebSocket constructor, and expose websocket-based network // Trap calls to WebSocket constructor, and expose websocket-based network
// requests to uBO's filtering engine, logger, etc. // requests to uBO's filtering engine, logger, etc.
@ -367,116 +368,139 @@ vAPI.shutdown.add(function() {
// WebSocket reference: https://html.spec.whatwg.org/multipage/comms.html // WebSocket reference: https://html.spec.whatwg.org/multipage/comms.html
// The script tag will remove itself from the DOM once it completes // The script tag will remove itself from the DOM once it completes
// execution. // execution.
// For code review convenience, the stringified code below can be found at // Ideally, the `js/websocket.js` script would be declared as a
// the following gist: // `web_accessible_resources` in the manifest, but this unfortunately would
// - https://gist.github.com/gorhill/9cad94dfa438092e5fdabd7d0bdb23db // open the door for web pages to identify *directly* that one is using
// uBlock Origin. Consequently, I have to inject the code as a literal
// string below :(
// For code review, the stringified code below is found in
// `js/websocket.js` (comments were stripped).
var script = doc.createElement('script'); var script = doc.createElement('script');
script.id = 'ubofix-f41665f3028c7fd10eecf573336216d3'; script.id = 'ubofix-f41665f3028c7fd10eecf573336216d3';
script.textContent = [ script.textContent = [
'(function() {', "(function() {",
' var WS = window.WebSocket;', " 'use strict';",
'', "",
' var onClose = function(ev) {', " var WS = window.WebSocket;",
' this.readyState = this.wrapped.readyState;', " var toWrapped = new WeakMap();",
' if ( this.onclose !== null ) {', "",
' this.onclose(ev);', " var onClose = function(ev) {",
' }', " var wrapped = toWrapped.get(this);",
' };', " if ( !wrapped ) {",
'', " return;",
' var onError = function(ev) {', " }",
' this.readyState = this.wrapped.readyState;', " this.readyState = wrapped.readyState;",
' if ( this.onerror !== null ) {', " if ( this.onclose !== null ) {",
' this.onerror(ev);', " this.onclose(ev);",
' }', " }",
' };', " };",
'', "",
' var onMessage = function(ev) {', " var onError = function(ev) {",
' if ( this.onmessage !== null ) {', " var wrapped = toWrapped.get(this);",
' this.onmessage(ev);', " if ( !wrapped ) {",
' }', " return;",
' };', " }",
'', " this.readyState = wrapped.readyState;",
' var onOpen = function(ev) {', " if ( this.onerror !== null ) {",
' this.readyState = this.wrapped.readyState;', " this.onerror(ev);",
' if ( this.onopen !== null ) {', " }",
' this.onopen(ev);', " };",
' }', "",
' };', " var onMessage = function(ev) {",
'', " if ( this.onmessage !== null ) {",
' var onAllowed = function(ws, url, protocols) {', " this.onmessage(ev);",
' this.removeEventListener("load", onAllowed);', " }",
' this.removeEventListener("error", onBlocked);', " };",
' connect(ws, url, protocols);', "",
' };', " var onOpen = function(ev) {",
'', " var wrapped = toWrapped.get(this);",
' var onBlocked = function(ws) {', " if ( !wrapped ) {",
' this.removeEventListener("load", onAllowed);', " return;",
' this.removeEventListener("error", onBlocked);', " }",
' if ( ws.onerror !== null ) {', " this.readyState = wrapped.readyState;",
' ws.onerror(new window.ErrorEvent("error"));', " if ( this.onopen !== null ) {",
' }', " this.onopen(ev);",
' };', " }",
'', " };",
' var connect = function(ws, url, protocols) {', "",
' ws.wrapped = new WS(url, protocols);', " var onAllowed = function(ws, url, protocols) {",
' ws.wrapped.onclose = onClose.bind(ws);', " this.removeEventListener('load', onAllowed);",
' ws.wrapped.onerror = onError.bind(ws);', " this.removeEventListener('error', onBlocked);",
' ws.wrapped.onmessage = onMessage.bind(ws);', " connect(ws, url, protocols);",
' ws.wrapped.onopen = onOpen.bind(ws);', " };",
' };', "",
'', " var onBlocked = function(ws) {",
' var wrapper = function(url, protocols) {', " this.removeEventListener('load', onAllowed);",
' this.binaryType = "";', " this.removeEventListener('error', onBlocked);",
' this.bufferedAmount = 0;', " if ( ws.onerror !== null ) {",
' this.extensions = "";', " ws.onerror(new window.ErrorEvent('error'));",
' this.onclose = null;', " }",
' this.onerror = null;', " };",
' this.onmessage = null;', "",
' this.onopen = null;', " var connect = function(wrapper, url, protocols) {",
' this.protocol = "";', " var wrapped = new WS(url, protocols);",
' this.readyState = this.CONNECTING;', " toWrapped.set(wrapper, wrapped);",
' this.url = url;', " wrapped.onclose = onClose.bind(wrapper);",
'', " wrapped.onerror = onError.bind(wrapper);",
' this.wrapped = null;', " wrapped.onmessage = onMessage.bind(wrapper);",
' if ( /^wss?:\\/\\//.test(url) === false ) {', " wrapped.onopen = onOpen.bind(wrapper);",
' connect(this, url, protocols);', " };",
' return;', "",
' }', " var WebSocket = function(url, protocols) {",
'', " this.binaryType = '';",
' var img = new Image();', " this.bufferedAmount = 0;",
' img.src = ', " this.extensions = '';",
' window.location.origin', " this.onclose = null;",
' + "?url=" + encodeURIComponent(url)', " this.onerror = null;",
' + "&ubofix=f41665f3028c7fd10eecf573336216d3";', " this.onmessage = null;",
' img.addEventListener("load", onAllowed.bind(img, this, url, protocols));', " this.onopen = null;",
' img.addEventListener("error", onBlocked.bind(img, this, url, protocols));', " this.protocol = '';",
' };', " this.readyState = this.CONNECTING;",
'', " this.url = url;",
' wrapper.prototype.close = function(code, reason) {', "",
' if ( this.wrapped !== null ) {', " if ( /^wss?:\\/\\//.test(url) === false ) {",
' this.wrapped.close(code, reason);', " connect(this, url, protocols);",
' }', " return;",
' };', " }",
'', "",
' wrapper.prototype.send = function(data) {', " var img = new Image();",
' if ( this.wrapped !== null ) {', " img.src = ",
' this.wrapped.send(data);', " window.location.origin",
' }', " + '?url=' + encodeURIComponent(url)",
' };', " + '&ubofix=f41665f3028c7fd10eecf573336216d3';",
'', " img.addEventListener('load', onAllowed.bind(img, this, url, protocols));",
' wrapper.prototype.CONNECTING = 0;', " img.addEventListener('error', onBlocked.bind(img, this, url, protocols));",
' wrapper.prototype.OPEN = 1;', " };",
' wrapper.prototype.CLOSING = 2;', "",
' wrapper.prototype.CLOSED = 3;', " WebSocket.prototype.close = function(code, reason) {",
'', " var wrapped = toWrapped.get(this);",
' window.WebSocket = wrapper;', " if ( !wrapped ) {",
'', " return;",
' var me = document.getElementById("ubofix-f41665f3028c7fd10eecf573336216d3");', " }",
' if ( me !== null && me.parentNode !== null ) {', " wrapped.close(code, reason);",
' me.parentNode.removeChild(me);', " };",
' }', "",
'})();', " WebSocket.prototype.send = function(data) {",
].join('\n'); " var wrapped = toWrapped.get(this);",
" if ( !wrapped ) {",
" return;",
" }",
" wrapped.send(data);",
" };",
"",
" WebSocket.prototype.CONNECTING = 0;",
" WebSocket.prototype.OPEN = 1;",
" WebSocket.prototype.CLOSING = 2;",
" WebSocket.prototype.CLOSED = 3;",
"",
" window.WebSocket = WebSocket;",
"",
" var me = document.getElementById('ubofix-f41665f3028c7fd10eecf573336216d3');",
" if ( me !== null && me.parentNode !== null ) {",
" me.parentNode.removeChild(me);",
" }",
"})();",
].join('\n');
try { try {
parent.appendChild(script); parent.appendChild(script);

153
platform/chromium/websocket.js Normal file
View File

@ -0,0 +1,153 @@
/*******************************************************************************
uBlock Origin - a browser extension to block requests.
Copyright (C) 2014-2106 The uBlock Origin authors
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see {http://www.gnu.org/licenses/}.
Home: https://github.com/gorhill/uBlock
*/
// Purpose of this script is to workaround Chromium issue 129353:
// https://bugs.chromium.org/p/chromium/issues/detail?id=129353
// https://github.com/gorhill/uBlock/issues/956
// https://github.com/gorhill/uBlock/issues/1497
// WebSocket reference: https://html.spec.whatwg.org/multipage/comms.html
// A WeakMap is used to hide the real WebSocket instance from caller's view, in
// order to ensure that the wrapper can't be bypassed.
// The script removes its own tag from the DOM.
(function() {
'use strict';
var WS = window.WebSocket;
var toWrapped = new WeakMap();
var onClose = function(ev) {
var wrapped = toWrapped.get(this);
if ( !wrapped ) {
return;
}
this.readyState = wrapped.readyState;
if ( this.onclose !== null ) {
this.onclose(ev);
}
};
var onError = function(ev) {
var wrapped = toWrapped.get(this);
if ( !wrapped ) {
return;
}
this.readyState = wrapped.readyState;
if ( this.onerror !== null ) {
this.onerror(ev);
}
};
var onMessage = function(ev) {
if ( this.onmessage !== null ) {
this.onmessage(ev);
}
};
var onOpen = function(ev) {
var wrapped = toWrapped.get(this);
if ( !wrapped ) {
return;
}
this.readyState = wrapped.readyState;
if ( this.onopen !== null ) {
this.onopen(ev);
}
};
var onAllowed = function(ws, url, protocols) {
this.removeEventListener('load', onAllowed);
this.removeEventListener('error', onBlocked);
connect(ws, url, protocols);
};
var onBlocked = function(ws) {
this.removeEventListener('load', onAllowed);
this.removeEventListener('error', onBlocked);
if ( ws.onerror !== null ) {
ws.onerror(new window.ErrorEvent('error'));
}
};
var connect = function(wrapper, url, protocols) {
var wrapped = new WS(url, protocols);
toWrapped.set(wrapper, wrapped);
wrapped.onclose = onClose.bind(wrapper);
wrapped.onerror = onError.bind(wrapper);
wrapped.onmessage = onMessage.bind(wrapper);
wrapped.onopen = onOpen.bind(wrapper);
};
var WebSocket = function(url, protocols) {
this.binaryType = '';
this.bufferedAmount = 0;
this.extensions = '';
this.onclose = null;
this.onerror = null;
this.onmessage = null;
this.onopen = null;
this.protocol = '';
this.readyState = this.CONNECTING;
this.url = url;
if ( /^wss?:\/\//.test(url) === false ) {
connect(this, url, protocols);
return;
}
var img = new Image();
img.src =
window.location.origin
+ '?url=' + encodeURIComponent(url)
+ '&ubofix=f41665f3028c7fd10eecf573336216d3';
img.addEventListener('load', onAllowed.bind(img, this, url, protocols));
img.addEventListener('error', onBlocked.bind(img, this, url, protocols));
};
WebSocket.prototype.close = function(code, reason) {
var wrapped = toWrapped.get(this);
if ( !wrapped ) {
return;
}
wrapped.close(code, reason);
};
WebSocket.prototype.send = function(data) {
var wrapped = toWrapped.get(this);
if ( !wrapped ) {
return;
}
wrapped.send(data);
};
WebSocket.prototype.CONNECTING = 0;
WebSocket.prototype.OPEN = 1;
WebSocket.prototype.CLOSING = 2;
WebSocket.prototype.CLOSED = 3;
window.WebSocket = WebSocket;
var me = document.getElementById('ubofix-f41665f3028c7fd10eecf573336216d3');
if ( me !== null && me.parentNode !== null ) {
me.parentNode.removeChild(me);
}
})();