mirror of https://github.com/gorhill/uBlock.git
fix #3140
This commit is contained in:
parent
b89dbcce39
commit
eb7bdba47f
|
@ -25,7 +25,12 @@
|
|||
|
||||
/******************************************************************************/
|
||||
|
||||
vAPI.net = {};
|
||||
vAPI.net = {
|
||||
onBeforeRequest: {},
|
||||
onBeforeMaybeSpuriousCSPReport: {},
|
||||
onHeadersReceived: {},
|
||||
nativeCSPReportFiltering: false
|
||||
};
|
||||
|
||||
vAPI.net.registerListeners = function() {
|
||||
|
||||
|
@ -286,6 +291,22 @@ vAPI.net.registerListeners = function() {
|
|||
);
|
||||
}
|
||||
|
||||
// https://github.com/gorhill/uBlock/issues/3140
|
||||
this.nativeCSPReportFiltering = validTypes.csp_report;
|
||||
if (
|
||||
this.nativeCSPReportFiltering &&
|
||||
typeof this.onBeforeMaybeSpuriousCSPReport.callback === 'function'
|
||||
) {
|
||||
wrApi.onBeforeRequest.addListener(
|
||||
this.onBeforeMaybeSpuriousCSPReport.callback,
|
||||
{
|
||||
urls: [ 'http://*/*', 'https://*/*' ],
|
||||
types: [ 'csp_report' ]
|
||||
},
|
||||
[ 'blocking', 'requestBody' ]
|
||||
);
|
||||
}
|
||||
|
||||
// Chromium 48 and lower does not support `ping` type.
|
||||
// Chromium 56 and higher does support `csp_report` stype.
|
||||
if ( onBeforeSendHeaders ) {
|
||||
|
|
|
@ -25,7 +25,14 @@
|
|||
|
||||
/******************************************************************************/
|
||||
|
||||
vAPI.net = {};
|
||||
vAPI.net = {
|
||||
onBeforeRequest: {},
|
||||
onBeforeMaybeSpuriousCSPReport: {},
|
||||
onHeadersReceived: {},
|
||||
nativeCSPReportFiltering: true
|
||||
};
|
||||
|
||||
/******************************************************************************/
|
||||
|
||||
vAPI.net.registerListeners = function() {
|
||||
|
||||
|
@ -129,20 +136,6 @@ vAPI.net.registerListeners = function() {
|
|||
return onBeforeRequestClient(details);
|
||||
};
|
||||
|
||||
var onHeadersReceivedClient = this.onHeadersReceived.callback,
|
||||
onHeadersReceivedClientTypes = this.onHeadersReceived.types.slice(0),
|
||||
onHeadersReceivedTypes = denormalizeTypes(onHeadersReceivedClientTypes);
|
||||
var onHeadersReceived = function(details) {
|
||||
normalizeRequestDetails(details);
|
||||
if (
|
||||
onHeadersReceivedClientTypes.length !== 0 &&
|
||||
onHeadersReceivedClientTypes.indexOf(details.type) === -1
|
||||
) {
|
||||
return;
|
||||
}
|
||||
return onHeadersReceivedClient(details);
|
||||
};
|
||||
|
||||
if ( onBeforeRequest ) {
|
||||
let urls = this.onBeforeRequest.urls || ['<all_urls>'];
|
||||
let types = this.onBeforeRequest.types || undefined;
|
||||
|
@ -165,6 +158,32 @@ vAPI.net.registerListeners = function() {
|
|||
);
|
||||
}
|
||||
|
||||
// https://github.com/gorhill/uBlock/issues/3140
|
||||
if ( typeof this.onBeforeMaybeSpuriousCSPReport.callback === 'function' ) {
|
||||
wrApi.onBeforeRequest.addListener(
|
||||
this.onBeforeMaybeSpuriousCSPReport.callback,
|
||||
{
|
||||
urls: [ 'http://*/*', 'https://*/*' ],
|
||||
types: [ 'csp_report' ]
|
||||
},
|
||||
[ 'blocking', 'requestBody' ]
|
||||
);
|
||||
}
|
||||
|
||||
var onHeadersReceivedClient = this.onHeadersReceived.callback,
|
||||
onHeadersReceivedClientTypes = this.onHeadersReceived.types.slice(0),
|
||||
onHeadersReceivedTypes = denormalizeTypes(onHeadersReceivedClientTypes);
|
||||
var onHeadersReceived = function(details) {
|
||||
normalizeRequestDetails(details);
|
||||
if (
|
||||
onHeadersReceivedClientTypes.length !== 0 &&
|
||||
onHeadersReceivedClientTypes.indexOf(details.type) === -1
|
||||
) {
|
||||
return;
|
||||
}
|
||||
return onHeadersReceivedClient(details);
|
||||
};
|
||||
|
||||
if ( onHeadersReceived ) {
|
||||
let urls = this.onHeadersReceived.urls || ['<all_urls>'];
|
||||
let types = onHeadersReceivedTypes;
|
||||
|
|
|
@ -589,15 +589,26 @@ PageStore.prototype.filterRequest = function(context) {
|
|||
|
||||
var requestType = context.requestType;
|
||||
|
||||
if ( requestType === 'csp_report' ) {
|
||||
// https://github.com/gorhill/uBlock/issues/3140
|
||||
// Special handling of CSP reports if and only if these can't be filtered
|
||||
// natively.
|
||||
if (
|
||||
requestType === 'csp_report' &&
|
||||
vAPI.net.nativeCSPReportFiltering !== true
|
||||
) {
|
||||
if ( this.internalRedirectionCount !== 0 ) {
|
||||
if ( µb.logger.isEnabled() ) {
|
||||
this.logData = { result: 1, source: 'global', raw: 'no-spurious-csp-report' };
|
||||
this.logData = {
|
||||
result: 1,
|
||||
source: 'global',
|
||||
raw: 'no-spurious-csp-report'
|
||||
};
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
if ( requestType.endsWith('font') ) {
|
||||
if ( requestType === 'font' ) {
|
||||
this.remoteFontCount += 1;
|
||||
|
|
|
@ -382,6 +382,97 @@ var onBeforeBehindTheSceneRequest = function(details) {
|
|||
|
||||
/******************************************************************************/
|
||||
|
||||
// https://github.com/gorhill/uBlock/issues/3140
|
||||
|
||||
var onBeforeMaybeSpuriousCSPReport = function(details) {
|
||||
var tabId = details.tabId;
|
||||
|
||||
// Ignore behind-the-scene requests.
|
||||
if ( vAPI.isBehindTheSceneTabId(tabId) ) { return; }
|
||||
|
||||
// Lookup the page store associated with this tab id.
|
||||
var µb = µBlock,
|
||||
pageStore = µb.pageStoreFromTabId(tabId);
|
||||
if ( pageStore === null ) { return; }
|
||||
|
||||
// If uBO is disabled for the page, it can't possibly causes CSP reports
|
||||
// to be triggered.
|
||||
if ( pageStore.getNetFilteringSwitch() === false ) { return; }
|
||||
|
||||
// A resource was redirected to a neutered one?
|
||||
// TODO: mind injected scripts/styles as well.
|
||||
if ( pageStore.internalRedirectionCount === 0 ) { return; }
|
||||
|
||||
var textDecoder = onBeforeMaybeSpuriousCSPReport.textDecoder;
|
||||
if (
|
||||
textDecoder === undefined &&
|
||||
typeof self.TextDecoder === 'function'
|
||||
) {
|
||||
textDecoder =
|
||||
onBeforeMaybeSpuriousCSPReport.textDecoder = new TextDecoder();
|
||||
}
|
||||
|
||||
// Find out whether the CSP report is a potentially spurious CSP report.
|
||||
// If from this point on we are unable to parse the CSP report data, the
|
||||
// safest assumption to protect users is to assume the CSP report is
|
||||
// spurious.
|
||||
if (
|
||||
textDecoder !== undefined &&
|
||||
details.method === 'POST'
|
||||
) {
|
||||
var raw = details.requestBody && details.requestBody.raw;
|
||||
if (
|
||||
Array.isArray(raw) &&
|
||||
raw.length !== 0 &&
|
||||
raw[0] instanceof Object &&
|
||||
raw[0].bytes instanceof ArrayBuffer
|
||||
) {
|
||||
var data;
|
||||
try {
|
||||
data = JSON.parse(textDecoder.decode(raw[0].bytes));
|
||||
} catch (ex) {
|
||||
}
|
||||
if ( data instanceof Object ) {
|
||||
var report = data['csp-report'];
|
||||
if ( report instanceof Object ) {
|
||||
var blockedURI = report['blocked-uri'] ||
|
||||
report['blockedURI'],
|
||||
sourceFile = report['source-file'] ||
|
||||
report['sourceFile'];
|
||||
if (
|
||||
(typeof blockedURI !== 'string' ||
|
||||
blockedURI.startsWith('data') === false) &&
|
||||
(typeof sourceFile !== 'string' ||
|
||||
sourceFile.startsWith('data') === false)
|
||||
) {
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Potentially spurious CSP report.
|
||||
if ( µb.logger.isEnabled() ) {
|
||||
var hostname = µb.URI.hostnameFromURI(details.url);
|
||||
µb.logger.writeOne(
|
||||
tabId,
|
||||
'net',
|
||||
{ result: 1, source: 'global', raw: 'no-spurious-csp-report' },
|
||||
'csp_report',
|
||||
details.url,
|
||||
hostname,
|
||||
hostname
|
||||
);
|
||||
}
|
||||
|
||||
return { cancel: true };
|
||||
};
|
||||
|
||||
onBeforeMaybeSpuriousCSPReport.textDecoder = undefined;
|
||||
|
||||
/******************************************************************************/
|
||||
|
||||
// To handle:
|
||||
// - inline script tags
|
||||
// - websockets
|
||||
|
@ -647,6 +738,10 @@ vAPI.net.onBeforeRequest = {
|
|||
callback: onBeforeRequest
|
||||
};
|
||||
|
||||
vAPI.net.onBeforeMaybeSpuriousCSPReport = {
|
||||
callback: onBeforeMaybeSpuriousCSPReport
|
||||
};
|
||||
|
||||
vAPI.net.onHeadersReceived = {
|
||||
urls: [
|
||||
'http://*/*',
|
||||
|
|
Loading…
Reference in New Issue