Commit Graph

55 Commits

Author SHA1 Message Date
Raymond Hill 4a83b80328
[mv3] Properly enforce generic cosmetic exception filters
Related issue:
- https://github.com/uBlockOrigin/uBOL-issues/issues/58
2023-07-11 14:38:35 -04:00
Raymond Hill 0f6400c160
[mv3] Add support for `permissions=` filter option
Related discussion:
https://github.com/uBlockOrigin/uBlock-issues/discussions/2714
2023-07-10 11:56:57 -04:00
Raymond Hill 872eafa378
[mv3] Add support for highly generic cosmetic filters
Related issue:
- https://github.com/uBlockOrigin/uBOL-issues/issues/54
2023-07-06 15:45:45 -04:00
Raymond Hill 7ba85472d7
[mv3] Properly distinguish trust level when compiling scriptlets
Since in uBOL filter lists from various sources are combined into
a single list, there must be a way to turn on/off trust level
inside the resulting combined filter list so as to be able to
validate the trust level of filters requiring trust.

This commit adds new parser directives understood only by MV3
compiler to turn on/off trust flag internally.
2023-06-23 08:27:07 -04:00
Raymond Hill 6a817b8258
Revert back to EasyList Cookie Notices 2023-06-21 10:08:28 -04:00
Raymond Hill 3b70d0e134
[mv3] Drop useless property in generated content scripts 2023-06-18 14:34:43 -04:00
Raymond Hill 4ddfb3f278
[mv3] Add more specific purposed annoyances-related lists
Import country flag-related code from uBO.

Switch to AdGuard annoyance-related lists, as this solves
https://github.com/uBlockOrigin/uBOL-issues/issues/5#issuecomment-1583192594
2023-06-11 09:20:10 -04:00
Raymond Hill 5874312b35
[mv3] Avoid String.replace() to safely replace templates
String.replace() has side effects which are unwelcomed when
replacing template scriplets with code.
2023-06-05 20:17:50 -04:00
Raymond Hill 6dbbb95b04
[mv3] Mitigation: Inject CSS user styles to enforce cosmetic filtering
Related issues:
- https://github.com/uBlockOrigin/uBOL-issues/issues/5#issuecomment-1575425913
- https://github.com/w3c/webextensions/issues/403

Currently, there is no other way to inject CSS user styles than to
wake up the service worker, so that it can inject the CSS styles
itself using the `scripting.insertCSS()` method.

If ever the MV3 API supports injecting CSS user styles directly
from a content script, uBOL will be back to be fully declarative.

At this point the service worker is very lightweight since the
filtering is completely  declarative, so this is not too much of
an issue performance-wise except for the fact that waking up the
service worker for the sole purpose of injecting CSS user styles
and nothing else introduces a pointless overhead.

Hopefully the MV3 API will mature to address such inefficiency.
2023-06-04 11:32:55 -04:00
Raymond Hill 72726a4759
[mv3] Refactor content scripts related to specific cosmetic filtering
Specifically, avoid long list of hostnames for the `matches`
property[1] when registering the content scripts, as this was causing
whole browser freeze for long seconds in Chromium-based browsers
(reason unknown).

The content scripts themselves will sort out which cosmetic filters to
apply on which websites.

This change makes it now possible to support annoyances-related lists,
and thus two lists have been added:
- EasyList -- Annoyances
- EasyList -- Cookies

Related issue:
- https://github.com/uBlockOrigin/uBOL-issues/issues/5

These annoyances-related lists contains many thousands of specific
cosmetic filters and as a result, before the above change this was
causing long seconds of whole browser freeze when simply modifying
the blocking mode of a specific site via the slider in the popup
panel.

It is now virtually instantaneous, at the cost of injecting larger
cosmetic filtering-related content scripts (which typically should
be garbage-collected within single-digit milliseconds).

Also, added support for entity-based cosmetic filters. (They were
previously discarded).

---

[1] https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/scripting/RegisteredContentScript
2023-06-03 22:08:42 -04:00
Raymond Hill b163097399
[mv3] Extend scriplet filtering support to all scriptlets
Source code of scriplets is now fetched directly from uBO
project, so there is no longer the need to keep duplicate
versions of scriplet code.

All scriplet filters are now supported.
2023-06-02 17:04:15 -04:00
Raymond Hill ea15cef524
[mv3] Also log salvaged rules using entity-based domains
Some filters with entity-based domain option can be salvaged
when there are non-entity-based domain option, but since we are
throwing away the entity-based entries, we are only partially
converting to DNR. This commit will log a warning about this
in log.txt. Before this commit, only non-salvageable filters
were logged.
2023-05-26 13:18:20 -04:00
Raymond Hill 13a4f869d2
Fix sticky blocking mode
Related issue:
- https://github.com/uBlockOrigin/uBOL-issues/issues/42

Take into account that subdomains inherit the blocking mode
of their parent domain when toggling blocking mode of specific
hostnames.
2023-05-19 15:08:23 -04:00
Raymond Hill cbfd2ad942
Create a MVP version of uBOLite for Firefox
What does not work at the time of commit:

Cosmetic filtering does not work:

The content scripts responsible for cosmetic filtering fail when
trying to inject the stylesheets through document.adoptedStyleSheets,
with the following error message:

  XrayWrapper denied access to property Symbol.iterator
  (reason: object is not safely Xrayable).
  See https://developer.mozilla.org/en-US/docs/Xray_vision for more
  information. ... css-declarative.js:106:8

A possible solution is to inject those content scripts in the
MAIN world. However Firefox scripting API does not support MAIN
world injection at the moment.

Scriptlet-filtering does not work:

Because scriptlet code needs to be injected in the MAIN world,
and this is currently not supported by Firefox's scripting API,
see https://bugzilla.mozilla.org/show_bug.cgi?id=1736575

There is no count badge on the toolbar icon in Firefox, as it
currently does not support the `DNR.setExtensionActionOptions`
method.

Other than the above issues, it does appear uBO is blocking
properly with no error reported in the dev console.

The adoptedStyleSheets issue though is worrisome, as the
cosmetic filtering content scripts were designed with ISOLATED
world injection in mind. Being forced to inject in MAIN world
(when available) make things a bit more complicated as uBO
has to ensure it's global variables do not leak into the page.
2023-04-07 10:19:43 -04:00
Raymond Hill 8ea3b0f64c
Rewrite static filtering parser
This commit is a rewrite of the static filtering parser into a
tree-based data structure, for easier maintenance and better
abstraction of parsed filters.

This simplifies greatly syntax coloring of filters and also
simplify extending filter syntax.

The minimum version of Chromium-based browsers has been raised
to version 73 because of usage of String.matchAll().
2023-01-23 16:53:18 -05:00
Raymond Hill 73c50a4077
[mv3] Remove "AdGuard CNAME-cloaked Trackers" list
Related issue:
- https://github.com/uBlockOrigin/uBOL-issues/issues/21
2022-12-20 11:23:42 -05:00
Raymond Hill b7b53eef14
[mv3] Add support for no-xhr-if/no-fetch-if scriptlets 2022-11-09 11:25:18 -05:00
Raymond Hill 6f90596e3b
[mv3] Add support for csp= filters
Network filters with csp= option will now be enforced.

Caveat: DNR API does not have support for exception csp= rules,
so excepted csp= filters are currently rejected at conversion time.
2022-11-05 11:09:06 -04:00
Raymond Hill 2d3d57fbc8
Use our own mirror for Easylist lists 2022-10-27 14:15:57 -04:00
Raymond Hill 433adac6ff
[mv3] Add ability to handle entity-based CSS and scriptlet injection filters
This commit adds the ability to inject entity-based plain CSS
filters and also a set of the most commonly used entity-based
scriptlet injection filters.

Since the scripting API is not compatible with entity patterns,
the entity-related content scripts are injected in all documents
and the entity-matching is done by the content script themselves.

Given this, entity-based content scripts are enabled only when
working in the Complete filtering mode, there won't be any
entity-based filters injected in lower modes.

Also, since there is no way to reasonably have access to the
Public Suffix List in the content scripts, the entity-matching
algorithm is an approximation, though I expect false positives
to be rare (time will tell). In the event of such false
positive, simply falling back to Optimal mode will fix the
issue.

The following issues have been fixed at the same time:

Fixed the no-filtering mode related rules having lower priority
then redirect rules, i.e. redirect rules would still be applied
despite disabling all filtering on a site.

Fixed improper detection of changes to the generic-related CSS
content script, potentially causing undue delays when for example
trying to access the popup panel while working in Complete mode.
The scripting MV3 can be quite slow when registering/updating
large content scripts, so uBOL does its best to call the API only
if really needed, but there had been a regression in the recent
builds preventing uBO from properly detecting unchanged content
script parameters.
2022-10-20 15:48:06 -04:00
Raymond Hill 9879b7d03c
[mv3] Fix overwriting valid DNR rules with invalid entries
This fixes a flaw which has existed since the first version of
uBO Lite.

Related issue:
- https://github.com/uBlockOrigin/uBOL-issues/issues/11

Related commit:
- a559f5f271
2022-10-18 16:12:30 -04:00
Raymond Hill 25b0a2c90c
[mv3] Use the most up-to-date version of lists 2022-10-16 13:27:43 -04:00
Raymond Hill 985ea24e82
[mv3] Add support for redirect= filters
This adds support for `redirect=` filters. As with `removeparam=`
filters, `redirect=` filters can only be enforced when the
default filtering mode is set to Optimal or Complete, since these
filters require broad host permissions to be enforced by the DNR
engine.

`redirect-rule=` filters are not supported since there is no
corresponding DNR syntax.

Additionally, fixed the dropping of whole network filters even though
those filters are still useful despite not being completely
enforceable -- for example a filter with a single (unsupported) domain
using entity syntax in its `domain=` option should not be wholly
dropped when there are other valid domains in the list.
2022-10-16 12:05:24 -04:00
Raymond Hill 1db3748ab1
[mv3] General code review
Re-arranged resources in a more tidy way. General code review of
various code paths.
2022-10-15 13:05:20 -04:00
Raymond Hill 9781292e92
[mv3] Add ubol-filters.txt to default set 2022-10-12 10:40:02 -04:00
Raymond Hill 873c2e7264
[mv3] Support conditional `env_mv3` directive to parser
Related issue:
- https://github.com/uBlockOrigin/uBOL-issues/issues/1
2022-10-11 12:02:33 -04:00
Raymond Hill 8eb28a446c
[mv3] Introduce per-site filtering modes in lieu of per-site toggle switch 2022-10-10 12:28:24 -04:00
Raymond Hill 2a40e67577
[mv3] Various fixes and code review
Fixed trusted sites not being excluded from declarative
scripting.

Assign "uBOL_"-prefixed name to anonymous scripting functions
so that they can be easily found in performance profiler results
in dev tools.

Imrpove spread of chunks of filters across declarative scripting
files.
2022-09-30 14:55:36 -04:00
Raymond Hill 1a9a19a91f
[mv3] Open options page at first install
To be sure first time users are properly informed about the
possibility to enable broad permissions for better filtering.
2022-09-30 09:18:52 -04:00
Raymond Hill 28aee736a5
[mv3] Add support for removeparam= filter option
Consequently, AdGuard URL Tracking Protection (AUTP) has been
added to the set of available filter lists.

However, removeparam= equivalent DNR rules can only be enforced
when granting uBOL broad permissions. If broad permissions are
not granted, removeparam= equivalent DNR rules are ignored.

Exception removeparam= filters are not supported, and these are
present in AUTP and meant to unbreak some websites which are
known to break as a result of removing query parameters.

This is issue might be mitigated in the future by making the
conversion from filters to DNR rules more complicated but this
can never replace the accuracy of uBO's filtering engine being
able to fully enforce arbitrary exception removeparam= filters.

Also, it is not possible to translate regex-based removeparam=
values to DNR rules, so these are dropped at conversion time.

As with other filters to DNR rules conversion, the converter
coallesce many distinct removeparam= filters into fewer DNR
rules.
2022-09-29 19:51:33 -04:00
Raymond Hill d4b7169421
Fix bad rules making it into the final ruleset files 2022-09-27 10:57:43 -04:00
Raymond Hill 51c2e22c7a
[mv3] Fix procedural operator matches-media()
The failure was caused by the fact that there is no
window.matchMedia() API available in Nodejs. The validation
is now done using cssTree.
2022-09-27 07:46:24 -04:00
Raymond Hill ffc46534ac
[mv3] Skip some regional lists for the time being 2022-09-24 18:36:28 -04:00
Raymond Hill 07178e6416
Fix typo 2022-09-24 14:10:29 -04:00
Raymond Hill a7b5f5127f
[mv3] Do not include lists with empty ruleset 2022-09-24 12:23:01 -04:00
Raymond Hill 966a157d19
[mv3] Add support for procedural cosmetic filtering 2022-09-24 11:33:04 -04:00
Raymond Hill a71b71e4c8
New cosmetic filter parser using CSSTree library
The new parser no longer uses the browser DOM to validate
that a cosmetic filter is valid or not, this is now done
through a JS library, CSSTree.

This means filter list authors will have to be more careful
to ensure that a cosmetic filter is really valid, as there is
no more guarantee that a cosmetic filter which works for a
given browser/version will still work properly on another
browser, or different version of the same browser.

This change has become necessary because of many reasons,
one of them being the flakiness of the previous parser as
exposed by many issues lately:

- https://github.com/uBlockOrigin/uBlock-issues/issues/2262
- https://github.com/uBlockOrigin/uBlock-issues/issues/2228

The new parser introduces breaking changes, there was no way
to do otherwise. Some current procedural cosmetic filters will
be shown as invalid with this change. This occurs because the
CSSTree library gets confused with some syntax which was
previously allowed by the previous parser because it was more
permissive.

Mainly the issue is with the arguments passed to some procedural
cosmetic filters, and these issues can be solved as follow:

Use quotes around the argument. You can use either single or
double-quotes, whichever is most convenient. If your argument
contains a single quote, use double-quotes, and vice versa.

Additionally, try to escape a quote inside an argument using
backslash. THis may work, but if not, use quotes around the
argument.

When the parser encounter quotes around an argument, it will
discard them before trying to process the argument, same with
escaped quotes inside the argument. Examples:

Breakage:

    ...##^script:has-text(toscr')

Fix:

    ...##^script:has-text(toscr\')

Breakage:

    ...##:xpath(//*[contains(text(),"VPN")]):upward(2)

Fix:

    ...##:xpath('//*[contains(text(),"VPN")]'):upward(2)

There are not many filters which break in the default set of
filter lists, so this should be workable for default lists.

Unfortunately those fixes will break the filter for previous
versions of uBO since these to not deal with quoted argument.
In such case, it may be necessary to keep the previous filter,
which will be discarded as broken on newer version of uBO.

THis was a necessary change as the old parser was becoming
more and more flaky after being constantly patched for new
cases arising, The new parser should be far more robust and
stay robist through expanding procedural cosmetic filter
syntax.

Additionally, in the MV3 version, filters are pre-compiled
using a Nodejs script, i.e. outside the browser, so validating
cosmetic filters using a live DOM no longer made sense.

This new parser will have to be tested throughly before stable
release.
2022-09-23 16:03:13 -04:00
Raymond Hill 70a0de9d00
[mv3] Mind trusted-site directives when registering content scripts 2022-09-20 08:24:01 -04:00
Raymond Hill f374c05753
[mv3] Stick to int32 instead of 8-char hex strings for file hashes 2022-09-19 20:21:10 -04:00
Raymond Hill 7116bf9a46
GitHub Actions stuff 2022-09-19 11:53:04 -04:00
Raymond Hill adb5d503d9
[mv3] Add GitHub action to build mv3 separately form uBO 2022-09-19 11:08:34 -04:00
Raymond Hill 4bd02c0fb6
[mv3] Inject specific cosmetic filters through scriptlet injection
This solves the following remaining issues regarding specific cosmetic
filtering:
- High rate of false positives in last build
- High number of generated content css files in the package
2022-09-19 08:55:45 -04:00
Raymond Hill 89566bc397
[mv3] Further reduce the number of distinct generated scriptlets 2022-09-18 17:07:02 -04:00
Raymond Hill 5ddd3aaac6
[mv3] More work toward improving declarative css/js injection 2022-09-18 09:31:44 -04:00
Raymond Hill e1b54514cc
[mv3] Add badge reflecting number of injectable content on current site
Additonally, general code review.
2022-09-17 08:26:41 -04:00
Raymond Hill 22d03906fb
[mv3] For the time being assemble defautl lists manually 2022-09-16 16:36:09 -04:00
Raymond Hill 232c44eeb2
[mv3] Add scriptlet support; improve reliability of cosmetic filtering
First iteration of adding scriptlet support. As with cosmetic
filtering, scriptlet niijection occurs only on sites for which
uBO Lite was granted extended permissions.

At the moment, only three scriptlets are supported:
- abort-current-script
- json-prune
- set-constant

More will be added in the future.
2022-09-16 15:56:35 -04:00
Raymond Hill 34aab95107
[mv3] Add support for specific cosmetic filtering
Specific plain CSS cosmetic filters are now supported.

Cosmetic filtering will occur only after the user explicitly
grant uBO extended permissions for a given site, so that it
can inject CSS on the site.

A new button in the popup panel allows a user to grant/revoke
extended permissions to/from uBO Lite for the current site.

More capabilities will be carefully added for when extended
permissions are granted on a site, so specific cosmetic
filtering through plain CSS is the first implemented capability.

Generic and procedural cosmetic filtering is not implemented.

The current implementation for plain CSS cosmetic filters is
through declarative content injection, which does not require
the service worker to be alive, the browser takes care to
inject the cosmetic filters.

However declarative CSS injection does not support user
styles, so the injected cosmetic filters are "weak". I consider
this is a browser issue, since user styles are supported by
Chromium, there is just no way in the API to specify user
styles for the injected content.

Also:
- Fixed dark theme issues
- Added Steven Black's hosts file

Keep in mind all this is very experimental and implementation
details in this release may (will) greatly change in the future.
2022-09-15 13:14:08 -04:00
Raymond Hill e31637af78
[mv3] Add ability to enable/disable filter lists 2022-09-13 17:44:24 -04:00
Raymond Hill c583a2e4b0
Fire tune build steps for mv3 version 2022-09-10 14:20:07 -04:00