From fe11ff61c8ab9cdd7ccecc2bd23a7f4188edca9b Mon Sep 17 00:00:00 2001 From: Raymond Hill Date: Mon, 2 Apr 2018 09:10:38 -0400 Subject: [PATCH] mind whitelist directives for filterable behind-the-scene requests (#3654) --- platform/chromium/vapi-webrequest.js | 4 +--- platform/webext/vapi-webrequest.js | 3 +-- src/js/traffic.js | 36 ++++++++++++++++++++++++---- 3 files changed, 33 insertions(+), 10 deletions(-) diff --git a/platform/chromium/vapi-webrequest.js b/platform/chromium/vapi-webrequest.js index ace3f8cb8..d57f2e2fe 100644 --- a/platform/chromium/vapi-webrequest.js +++ b/platform/chromium/vapi-webrequest.js @@ -104,14 +104,12 @@ vAPI.net.registerListeners = function() { return ''; }; - var reNetworkURI = /^(?:ftps?|https?|wss?)/; - var normalizeRequestDetails = function(details) { // Chromium 63+ supports the `initiator` property, which contains // the URL of the origin from which the network request was made. if ( details.tabId === vAPI.noTabId && - reNetworkURI.test(details.initiator) + typeof details.initiator === 'string' ) { details.tabId = vAPI.anyTabId; details.documentUrl = details.initiator; diff --git a/platform/webext/vapi-webrequest.js b/platform/webext/vapi-webrequest.js index 30603f07d..92eacc332 100644 --- a/platform/webext/vapi-webrequest.js +++ b/platform/webext/vapi-webrequest.js @@ -100,13 +100,12 @@ vAPI.net.registerListeners = function() { let punycode = self.punycode; let reAsciiHostname = /^https?:\/\/[0-9a-z_.:@-]+[/?#]/; - let reNetworkURI = /^(?:ftps?|https?|wss?)/; let parsedURL = new URL('about:blank'); let normalizeRequestDetails = function(details) { if ( details.tabId === vAPI.noTabId && - reNetworkURI.test(details.documentUrl) + typeof details.documentUrl === 'string' ) { details.tabId = vAPI.anyTabId; } diff --git a/src/js/traffic.js b/src/js/traffic.js index 5d4c75627..56369c894 100644 --- a/src/js/traffic.js +++ b/src/js/traffic.js @@ -339,21 +339,26 @@ var onBeforeBehindTheSceneRequest = function(details) { pageStore = µb.pageStoreFromTabId(details.tabId); if ( pageStore === null ) { return; } - var context = pageStore.createContextFromPage(), + var µburi = µb.URI, + context = pageStore.createContextFromPage(), requestType = details.type, requestURL = details.url; context.requestURL = requestURL; - context.requestHostname = µb.URI.hostnameFromURI(requestURL); + context.requestHostname = µburi.hostnameFromURI(requestURL); context.requestType = requestType; + var normalURL; if ( details.tabId === vAPI.anyTabId && context.pageHostname === '' ) { - context.pageHostname = µb.URI.hostnameFromURI(details.documentUrl); - context.pageDomain = µb.URI.domainFromHostname(context.pageHostname); + normalURL = µb.normalizePageURL(0, details.documentUrl); + context.pageHostname = µburi.hostnameFromURI(normalURL); + context.pageDomain = µburi.domainFromHostname(context.pageHostname); context.rootHostname = context.pageHostname; context.rootDomain = context.pageDomain; } + pageStore.logData = undefined; + // https://bugs.chromium.org/p/chromium/issues/detail?id=637577#c15 // Do not filter behind-the-scene network request of type `beacon`: there // is no point. In any case, this will become a non-issue once @@ -373,7 +378,28 @@ var onBeforeBehindTheSceneRequest = function(details) { // requests. Hopefully this will not break stuff as it used to be the // case. - var result = pageStore.filterRequest(context); + var result = 0; + + if ( + µburi.isNetworkURI(details.documentUrl) || + µb.userSettings.advancedUserEnabled || + requestType === 'csp_report' + ) { + result = pageStore.filterRequest(context); + + // The "any-tab" scope is not whitelist-able, and in such case we must + // use the origin URL as the scope. Most such requests aren't going to + // be blocked, so we further test for whitelisting and modify the + // result only when the request is being blocked. + if ( + result === 1 && + normalURL !== undefined && + µb.getNetFilteringSwitch(normalURL) === false + ) { + result = 2; + pageStore.logData = { engine: 'u', result: 2, raw: 'whitelisted' }; + } + } pageStore.journalAddRequest(context.requestHostname, result);