Commit Graph

25 Commits

Author SHA1 Message Date
Raymond Hill 1c3b45f75d
Expose ability to toggle on/off cname-uncloaking to all users
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/1513

Prior to this commit, the ability to enable/disable the
uncloaking of canonical names was only available to advanced
users. This commit make it so that the setting can be
toggled from the _Settings_ pane.

The setting is enabled by default. The documentation should
be clear that the setting should not be disabled unless it
actually solves serious network issues, for example:

https://bugzilla.mozilla.org/show_bug.cgi?id=1694404

Also, as a result, the advanced setting `cnameUncloak` is no
longer available from within the advanced settings editor.
2021-03-02 13:00:56 -05:00
Raymond Hill 3059db77c4
Use proxy detection code path only on Firefox 79 and less
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/911

This was fixed in Firefox 80:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1618271
2020-10-14 13:37:09 -04:00
Raymond Hill 11d24abea0
Move proxy-detection code to Firefox-specific code
Related commit:
- https://github.com/uBlockOrigin/uBlock-issues/issues/911

The motivation is to avoid executing code which is
unnecessary on platforms not supporting the browser.dns
API.
2020-03-23 13:31:43 -04:00
Raymond Hill 3f7ece9469
Do not cname-uncloak when a proxy is in use
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/911

Since cname-uncloaking is available only on Firefox
at the moment, the fix is relevant only to Firefox.

By default uBO will no longer cname-uncloak when it
detects that network requests are being being proxied.

This default behavior can be overriden by setting the
new advanced setting `cnameUncloakProxied` to `true`.
The new setting default to `false`, i.e. cname-uncloaking
is disabled when uBO detects that a proxy is in use.

This new advanced setting may disappear once the
following Firefox issue is fixed:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1618271
2020-03-22 14:52:58 -04:00
Raymond Hill d0738c0835
Visually distinguish canonical names in popup panel
Further fine-tuning support for canonical names.

Aliased canonical names will be rendered blue
in the dynamic filtering pane of the popup panel.
2019-12-31 16:36:51 -05:00
Raymond Hill 832ebd360e
Mind that Firefox 59 and less does not support `browser.dns` 2019-12-08 11:08:04 -05:00
Raymond Hill d71f69bd90
Minor code review 2019-12-05 09:21:02 -05:00
Raymond Hill 91e702cebb
Enable CNAME uncloaking by default
Advanced setting `cnameAliasList` has been removed.

New advanced settings:

cnameUncloak:
  Boolean
Default value:
  true
Description:
  Whether to CNAME-uncloak hostnames.

cnameIgnoreExceptions:
  Boolean
Default value:
  true
Description:
  Whether to bypass the uncloaking of network requests
  which were excepted by filters/rules. This is
  necessary so as to avoid undue breakage by having
  exception filters being rendered useless as a result
  of CNAME-uncloaking.
  For example, `google-analytics.com` uncloaks to
  `www-google-analytics.l.google.com` and both hostnames
  appear in Peter Lowe's list, which means exception
  filters for `google-analytics.com` (to fix site
  breakage) would be rendered useless as the uncloaking
  would cause the network request to be ultimately
  blocked.
2019-12-01 12:05:49 -05:00
Raymond Hill a16e4161de
Fine tune hostname uncloaking through CNAME-lookup
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/780

Related commit:
- https://github.com/gorhill/uBlock/commit/3a564c199260

This adds two new advanced settings:

- cnameIgnoreRootDocument
  - Default to `true`
  - Tells uBO to skip CNAME-lookup for root document.

- cnameReplayFullURL
  - Default to `false`
  - Tells uBO whether to replay the whole URL or just
    the origin part of it.
    Replaying only the origin part is meant to lower
    undue breakage and improve performance by avoiding
    repeating the pattern-matching of the whole URL --
    which pattern-matching was most likely already
    accomplished with the original request.

This commit is meant to explore enabling CNAME-lookup
by default for the next stable release while:

- Eliminating a development burden by removing the
  need to create a new filtering syntax to deal with
  undesirable CNAME-cloaked hostnames

- Eliminating a filter list maintainer burden by
  removing the need to find/deal with all base
  domains which engage in undesirable CNAME-cloaked
  hostnames

The hope is that the approach implemented in this
commit should require at most a few unbreak rules
with no further need for special filtering syntax
or filter list maintance efforts.
2019-11-23 13:07:23 -05:00
Raymond Hill 3463a60e6b
Fix incorrect resolved value in promise
This fixes the ability to block when a hostname
had to be cname-resolved the first time it was
encountered. The result being cached allowed
the subsequent requests to be correctly blockable.
2019-11-21 12:04:19 -05:00
Raymond Hill 563aed0d93
Code review for dns lookup code
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/780

- Handle DNS lookup failure

- Skip DNS lookup for non network-based URLs

- Benchmark code to be able to provide an estimate
  based on objective measurements regarding added
  overhead when DNS lookup is enabled
  (quick answer: a complete non-issue)
2019-11-20 10:45:17 -05:00
Raymond Hill 02075ab97a
Test for existence of browser.dns
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/780

browser.dns is not available before Firefox 60,
test for presence.
2019-11-19 16:48:53 -05:00
Raymond Hill 3a564c1992
Add ability to uncloak CNAME records
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/780

New webext permission added: `dns`, which purpose is
to allow an extension to fetch the DNS record of
specific hostnames, reference documentation:

https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/dns

The webext API `dns` is available in Firefox 60+ only.

The new API will enable uBO to "uncloak" the actual
hostname used in network requests. The ability is
currently disabled by default for now -- this is only
a first commit related to the above issue to allow
advanced users to immediately use the new ability.

Four advanced settings have been created to control the
uncloaking of actual hostnames:

cnameAliasList: a space-separated list of hostnames.
Default value: unset => empty list.
Special value: * => all hostnames.
A space-separated list of hostnames => this tells uBO
to "uncloak" the  hostnames in the list will.

cnameIgnoreList: a space-separated list of hostnames.
Default value: unset => empty list.
Special value: * => all hostnames.
A space-separated list of hostnames => this tells uBO
to NOT re-run the network request through uBO's
filtering engine with the CNAME hostname. This is
useful to exclude commonly used actual hostnames
from being re-run through uBO's filtering engine, so
as to avoid pointless overhead.

cnameIgnore1stParty: boolean.
Default value: true.
Whether uBO should ignore to re-run a network request
through the filtering engine when the CNAME hostname
is 1st-party to the alias hostname.

cnameMaxTTL: number of minutes.
Default value: 120.
This tells uBO to clear its CNAME cache after the
specified time. For efficiency purpose, uBO will
cache alias=>CNAME associations for reuse so as
to reduce calls to `browser.dns.resolve`. All the
associations will be cleared after the specified time
to ensure the map does not grow too large and too
ensure uBO uses up to date CNAME information.
2019-11-19 12:05:33 -05:00
Raymond Hill 35cb0eb377
Do not bypass network listener in suspended mode
Tabless network requests were bypassing uBO's
onBeforeRequest's listener when in suspended
mode. Suspend mode occurs during the time the
filter lists are all reloaded.

Regression from:
- 1dfdc40e09 (diff-d04c15ee6bff6a6269c6aee25a7c7522R1122)
2019-10-07 08:13:37 -04:00
Raymond Hill 010635acd6
Add support for `ping` static filter option
Related issue:
- https://github.com/gorhill/uBlock/issues/1493

Documentation:
- https://help.eyeo.com/adblockplus/how-to-write-filters#type-options

Test page:
- https://testpages.adblockplus.org/en/filters/ping

Additionally, network requests of type `beacon` will
be mapped to `ping` by the static filtering engine.
2019-09-22 09:11:55 -04:00
Raymond Hill 1dfdc40e09
Add ability to suspend network request handler at will
This works only for platforms supporting the return of
Promise by network listeners, i.e. only Firefox at this
point.

When filter lists are reloaded[1], there is a small
time window in which some network requests which should
have normally been blocked are not being blocked
because the static network filtering engine may not
have yet loaded all the filters in memory

This is now addressed by suspending the network request
handler when filter lists are reloaded -- again, this
works only on supported platforms.

[1] Examples: when a filter list update session
    completes; when user filters change, when
    adding/removing filter lists.
2019-06-30 10:09:27 -04:00
Raymond Hill e06cf1de9b
Shield early request handler against re-entrance
Unlikely re-entrance is occurring, but there is no harm
shielding against it -- just in case.
2019-02-12 07:13:37 -05:00
Raymond Hill a6ebcc85be
Reuse both flavors of webRequest wrapper in webext package
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/407

Both flavors will be stitched together into a single
`vapi-qebrequest.js` file.

The decision of which flavor to use will be made at runtime,
according to the browser environment.
2019-01-28 16:12:26 -05:00
Raymond Hill 0341a5e1f9
Use URL to proper issue in comments 2018-12-25 13:29:41 -05:00
Raymond Hill be9e7fd11c
Code review related to the early blocking of network requests at launch 2018-12-24 08:56:35 -05:00
Raymond Hill 41548be6be
Move early blocking of requests out of experimental status on Firefox
Related issues:
- https://github.com/gorhill/uBlock/issues/2067
- https://github.com/uBlockOrigin/uBlock-issues/issues/128

Related mozbug issue:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1503721
2018-12-23 17:59:31 -05:00
Raymond Hill ee89f88265
fix https://github.com/uBlockOrigin/uBlock-issues/issues/345 2018-12-16 10:51:25 -05:00
Raymond Hill 9b27a98f90
Fix https://github.com/gorhill/uBlock/issues/3654
Additionally, there has been refactoring work done regarding
filtering context used throughout uBO, motivated by the fix
here.
2018-12-13 12:30:54 -05:00
Raymond Hill 9039874fc9
refactor some webRequest-related code (now that firefox legacy is out of the way) 2018-10-28 10:58:25 -03:00
Raymond Hill c9b14e201a
rename "webext" target to more accurate "firefox" 2018-04-27 12:37:33 -04:00