Commit Graph

844 Commits

Author SHA1 Message Date
Raymond Hill f6d1c6402f
Add support for removal of cloud storage entries 2020-08-21 09:18:33 -04:00
Raymond Hill d8b6b31eca
Add support for cloud storage compression
Cloud storage is a limited resource, and thus it
makes sense to support data compression before
sending the data to cloud storage.

A new hidden setting allows to toggle on
cloud storage compression:

name: cloudStorageCompression
default: false

By default, this hidden setting is `false`, and a
user must set it to `true` to enable compression
of cloud storage items.

This hidden setting will eventually be toggled
to `true` by default, when there is good confidence
a majority of users are using a version of uBO
which can properly handle compressed cloud storage
items.

A cursory assessment shows that compressed items
are roughly 40-50% smaller in size.
2020-08-16 11:59:27 -04:00
Raymond Hill 2afcc13ca6
Add widget to convey the amount of sync storage in use 2020-08-14 15:29:25 -04:00
Raymond Hill b01cc6ca4f
Fix cloud storage errors not reported in user interface
Related feedback:
- https://www.reddit.com/r/uBlockOrigin/comments/i6e7lr/
2020-08-10 08:30:52 -04:00
Raymond Hill 39190ff469
Add Chromium detection for Chromium-based MS Edge
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/1174
2020-07-24 12:32:47 -04:00
Raymond Hill 5c68867b92
Deprecate pseudo user styles code
The pseudo user styles code served only browsers based
on Chromium 65 and earlier -- Chromium 66 supports
native user styles and was first released more than two
years ago.

In Chromium-based browsers, the pseudo user styles code
is being unconditionally injected in every page/frame
just in case the browser is version 65 or earlier.

Removing pseudo user styles reduce uBO's main content
script in Chromium-based browsers by more than 20K.

Related thread:
- https://github.com/NanoAdblocker/NanoCore/issues/348#issuecomment-653646507
2020-07-22 10:21:16 -04:00
Raymond Hill 221983646e
Injects user styles and content scripts in `about:blank` frames
Related issues:
- https://github.com/uBlockOrigin/uBlock-issues/issues/688
- https://github.com/uBlockOrigin/uBlock-issues/issues/1164

`match_about_blank` is now used for content scripts and
user styles.
2020-07-19 09:06:19 -04:00
Raymond Hill feabfe3793
Do let grow subframe dictionary grow unbound
Related discussion:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1652925

It's not clear the code here will fix the reported
issue, but I did identify that the subframe
dictionary of a very long-lived web page can
theoretically grow unbound.
2020-07-18 07:44:26 -04:00
Raymond Hill a5ba668c38
Fix infinitely appending style property
Related issue:
- https://github.com/NanoAdblocker/NanoCore/issues/348
2020-07-03 15:07:52 -04:00
Raymond Hill 64cfc5779d
Use `default_public_interface_only` in Chromium-based browser
Related feedback:
- https://www.reddit.com/r/uBlockOrigin/comments/hbea3z/

It appears the implementation of the `disable_non_proxied_udp`
setting changed in Chromium, leading to WebRTC becoming
wholly unfunctional. Fall back to use `default_public_interface_only`
in Chromium-based browsers.
2020-06-18 11:30:05 -04:00
Raymond Hill eeae4b2cab
Add ability to open the dashboard with a keyboard shortcut
Related feedback:
- https://github.com/gorhill/uBlock/commit/9a6feb34d546#commitcomment-38852663
2020-04-30 10:31:23 -04:00
Raymond Hill b295d4a0d0
Make the new "fenix" popup panel the default one
The old "classic" popup panel will still be used
when at least one of the following is true:

- advanced setting `uiFlavor` is set to `classic`; or
- the browser is Chromium 65 or older; or
- the browser is Firefox 67 or older

The default configuration of the new popup panel
at installation time is to show the power button,
statistics and the basic tool icons, i.e. access
to dashboard, logger, pickers.

For existing installations, the new popup panel
will be configured by respecting the existing
configuration of the classic one.

The new popup panel is currently already in use
on Firefox for Android, and the visual redesign
was made according to suggestions and feedback
from <https://github.com/brampitoyo> to be
optimal for Firefox for Android.

The new popup panel will allow closing the following
pending issues:

- https://github.com/uBlockOrigin/uBlock-issues/issues/255
- https://github.com/uBlockOrigin/uBlock-issues/issues/178
2020-04-30 06:54:51 -04:00
Raymond Hill bdf9030a98
Fix hostname extraction when URL has port
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/1001

The issue affected only the uncloaking of canonical
names, when the authority part of a URL contained
port information.
2020-04-27 18:30:49 -04:00
Raymond Hill 7f999b759f
Fix broken DOM inspector [regression]
Regression from:
- 0bcf04d3dd

Related feedback:
- https://github.com/gorhill/uBlock/commit/0bcf04d3dda2#commitcomment-38594585

The DOM inspector client code is injected as
content script, thus it must be categorized as
non-privileged code.
2020-04-19 08:33:09 -04:00
Raymond Hill 0bcf04d3dd
Centralize access to browser.storage.local('localStorage')
Related commit:
- 2ac288397c

Instead of having the `localStorage` data being accessed
from different locations, all accesses are now funnelled
to the main process.

Doing so simplifies the code in auxiliary processes and
also remove the need for browser.storage.local.onChanged()
listeners.

No longer using an onChanged() listener also happens to
remove spurious warnings from the Firefox console.
2020-04-15 15:55:29 -04:00
Raymond Hill 72bb700568
Add procedural cosmetic operators remove() and upward()
***

New procedural cosmetic operator: `:remove()`

Related issue:
- https://github.com/gorhill/uBlock/issues/2252

The purpose is to outright remove elements from the
DOM tree. Since `:remove()` is an "action" operator,
it must only be used as a trailing operator (just
like the `:style()` operator).

AdGuard's cosmetic filter syntax `{ remove: true; }`
will be converted to uBO's `:remove()` operator
internally.

***

New procedural cosmetic operator: `:upward(...)`

The purpose is to lookup an ancestor element.

When used with an integer argument, it is synonym of
`:nth-ancestor()`, which will be deprecated and which
will no longer be supported once no longer used in
mainstream filter lists.

Filter lists maintainers must only use `:upward(int)`
instead of `:nth-ancestor(int)` once the new operator
become available in all stable releases of uBO.

`:upward()` can also accept a CSS selector as argument,
in which case the nearest ancestor which matches the
CSS selector will be selected.
2020-03-07 14:25:06 -05:00
Raymond Hill 08d370d32e
Catch possible exceptions when accessing window.localStorage
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/899

This is a code review of previous commits related to
the above issue.
2020-03-03 11:31:14 -05:00
Raymond Hill a1dabf3c1a
Use `disable_non_proxied_udp` for `webRTCIPHandlingPolicy`
The stricter mode `disable_non_proxied_udp` is preferable
to `default_public_interface_only` to prevent local IP
address leakage through WebRTC.

This mode is properly supported since Firefox 70, so the
less strict `default_public_interface_only` will now be
used only for Firefox 69 and older.
2020-02-28 14:30:40 -05:00
Raymond Hill 953e0c3197
Use getItemAsync() instead of getItem
Related commit:
- da0ef9454a

vAPI.localStorage.getItemAsync() was added after
the above commit.
2020-02-25 07:37:12 -05:00
Raymond Hill c17a9c8a93
Fix spurious warning when force-reloading the dashboard
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/905

Additionally, minor changes to avoid spurious errors in
browser console.
2020-02-24 09:59:35 -05:00
Raymond Hill 2ac288397c
Remove usage of synchronous localStorage API
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/899

browser.storage.local is now used to store non-critical
local settings.

These settings are all collated under the key
`localStorage`, and vAPI.localStorage is an API to
handle access to these values stored under this key.

vAPI.localStorage.getItem() is still synchronous but
its purpose is to return internally cached values --
this minimizes code changes throughout uBO.
2020-02-21 15:34:54 -05:00
Raymond Hill 4f75a07b9c
Work toward removing use of localStorage
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/899
2020-02-21 07:48:45 -05:00
Raymond Hill da0ef9454a
Neutralize `localStorage` access on mobile platform
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/899

window.localStorage is synchronous and thus should be
avoided at launch time. Currently the avoidance is only
for mobile platforms.
2020-02-20 16:40:29 -05:00
Raymond Hill bc6e585b5d
Rephrase `author` entry in manifest 2020-01-30 12:46:54 -05:00
Raymond Hill 9637ab56a9
Insert icon badge text in icon title only if needed
This is to fix the rendering of the menu entry in
Firefox Fenix, which displays both the icon title
and badge text as a menu entry:

Before the fix:
    uBlock Origin (76)         76

After the fix:
    uBlock Origin              76

The badge text will still be part of the icon title
when the icon badge is disabled by the user or when
the platform does not supprt browserAction.setIcon()
(as is the case on current Firefox for Android).
2020-01-23 09:16:09 -05:00
Raymond Hill d0738c0835
Visually distinguish canonical names in popup panel
Further fine-tuning support for canonical names.

Aliased canonical names will be rendered blue
in the dynamic filtering pane of the popup panel.
2019-12-31 16:36:51 -05:00
Raymond Hill a16e4161de
Fine tune hostname uncloaking through CNAME-lookup
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/780

Related commit:
- https://github.com/gorhill/uBlock/commit/3a564c199260

This adds two new advanced settings:

- cnameIgnoreRootDocument
  - Default to `true`
  - Tells uBO to skip CNAME-lookup for root document.

- cnameReplayFullURL
  - Default to `false`
  - Tells uBO whether to replay the whole URL or just
    the origin part of it.
    Replaying only the origin part is meant to lower
    undue breakage and improve performance by avoiding
    repeating the pattern-matching of the whole URL --
    which pattern-matching was most likely already
    accomplished with the original request.

This commit is meant to explore enabling CNAME-lookup
by default for the next stable release while:

- Eliminating a development burden by removing the
  need to create a new filtering syntax to deal with
  undesirable CNAME-cloaked hostnames

- Eliminating a filter list maintainer burden by
  removing the need to find/deal with all base
  domains which engage in undesirable CNAME-cloaked
  hostnames

The hope is that the approach implemented in this
commit should require at most a few unbreak rules
with no further need for special filtering syntax
or filter list maintance efforts.
2019-11-23 13:07:23 -05:00
Raymond Hill 563aed0d93
Code review for dns lookup code
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/780

- Handle DNS lookup failure

- Skip DNS lookup for non network-based URLs

- Benchmark code to be able to provide an estimate
  based on objective measurements regarding added
  overhead when DNS lookup is enabled
  (quick answer: a complete non-issue)
2019-11-20 10:45:17 -05:00
Raymond Hill 3a564c1992
Add ability to uncloak CNAME records
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/780

New webext permission added: `dns`, which purpose is
to allow an extension to fetch the DNS record of
specific hostnames, reference documentation:

https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/dns

The webext API `dns` is available in Firefox 60+ only.

The new API will enable uBO to "uncloak" the actual
hostname used in network requests. The ability is
currently disabled by default for now -- this is only
a first commit related to the above issue to allow
advanced users to immediately use the new ability.

Four advanced settings have been created to control the
uncloaking of actual hostnames:

cnameAliasList: a space-separated list of hostnames.
Default value: unset => empty list.
Special value: * => all hostnames.
A space-separated list of hostnames => this tells uBO
to "uncloak" the  hostnames in the list will.

cnameIgnoreList: a space-separated list of hostnames.
Default value: unset => empty list.
Special value: * => all hostnames.
A space-separated list of hostnames => this tells uBO
to NOT re-run the network request through uBO's
filtering engine with the CNAME hostname. This is
useful to exclude commonly used actual hostnames
from being re-run through uBO's filtering engine, so
as to avoid pointless overhead.

cnameIgnore1stParty: boolean.
Default value: true.
Whether uBO should ignore to re-run a network request
through the filtering engine when the CNAME hostname
is 1st-party to the alias hostname.

cnameMaxTTL: number of minutes.
Default value: 120.
This tells uBO to clear its CNAME cache after the
specified time. For efficiency purpose, uBO will
cache alias=>CNAME associations for reuse so as
to reduce calls to `browser.dns.resolve`. All the
associations will be cleared after the specified time
to ensure the map does not grow too large and too
ensure uBO uses up to date CNAME information.
2019-11-19 12:05:33 -05:00
Raymond Hill a69b301d81
Fine-tune new bidi-trie code
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/761
2019-10-29 10:26:34 -04:00
Raymond Hill b79445320d
Force-unsuspend when starting webRequest listener
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/759

If for some reasons the launch code throws, uBO could
find itself in permanent suspend mode, thus preventing
web pages from loading in Firefox.

Though uBO should not have exceptions thrown during
it's initialization code, this commit will ensure
uBO complete its initialization process should it
ever happen for whatever reason.
2019-10-27 11:41:08 -04:00
Raymond Hill 35cb0eb377
Do not bypass network listener in suspended mode
Tabless network requests were bypassing uBO's
onBeforeRequest's listener when in suspended
mode. Suspend mode occurs during the time the
filter lists are all reloaded.

Regression from:
- 1dfdc40e09 (diff-d04c15ee6bff6a6269c6aee25a7c7522R1122)
2019-10-07 08:13:37 -04:00
Raymond Hill 41ab06a47b
Fix regression in cosmetic filtering
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/740

Related commit:
- 3f074d7908
2019-09-30 10:40:56 -04:00
Raymond Hill 3f074d7908
Use `self` when testing for `vAPI` presence 2019-09-30 07:50:35 -04:00
Raymond Hill efa4ff3bcf
Code review re. dynamically loaded vapi-client-extra.js
Related commit:
- 87d0e456f1

Ensure that the code which depends on extending
`vapi-client.js` is ready to deal with
`vapi-client-extra.js` failing to load.
2019-09-26 15:57:55 -04:00
Raymond Hill 733b2330de
Prevent spurious error messages to browser console
These spurious error messages can occur when a
extension framework API method return a
rejected Promise. In uBO the results of
browserAction methods is not used so it can be
safely discarded.
2019-09-23 09:29:17 -04:00
Raymond Hill f204d24bf4
Match static popup filter against local context
Related feedback:
- https://www.reddit.com/r/uBlockOrigin/comments/d6zbqv/

For static filter `popup` filter purpose, the URL of the
embedded frame from which the popup was launched will
be used in the matching algorithm.
2019-09-23 08:25:23 -04:00
Raymond Hill 010635acd6
Add support for `ping` static filter option
Related issue:
- https://github.com/gorhill/uBlock/issues/1493

Documentation:
- https://help.eyeo.com/adblockplus/how-to-write-filters#type-options

Test page:
- https://testpages.adblockplus.org/en/filters/ping

Additionally, network requests of type `beacon` will
be mapped to `ping` by the static filtering engine.
2019-09-22 09:11:55 -04:00
Raymond Hill 350e436c08
Remove remnants of `chrome` references...
... from platform-independent code.

This should complete the de-chromiumification of
uBO. Next step will be to swap the content of the
`platform/chromium` and `platform/firefox`
folders so as to reflect that Firefox is the
natural platform for uBO.
2019-09-21 12:06:57 -04:00
Raymond Hill 0c6407c082
Use `webext.menus`, not `browser.contextMenus` (oops) 2019-09-20 07:59:21 -04:00
Raymond Hill 58620fb051
Work toward modernizing code base: promisification
Swathes of code have been converted to use
Promises/async/await.

Related commits:
- 022951547c
- 3224d9b5cc
- 26235d80d0
- 0051f3b5c7
- eec53c0154
- 915687fddb
- 55cc0c6997
- e27328f931
2019-09-19 16:41:44 -04:00
Raymond Hill 5f60c31f77
Fix copyright dates as per commit history
vapi.js
-https://github.com/gorhill/uBlock/commits/master/platform/chromium/vapi.js

vapi-common-js
- https://github.com/gorhill/uBlock/commits/master/platform/chromium/vapi-common.js
- 266f62914f/meta/crx/vapi-common.js
- 8444923c0c/src/js/vapi-common.js

vapi-background.js
- https://github.com/gorhill/uBlock/commits/master/platform/chromium/vapi-background.js
- 266f62914f/meta/crx/vapi-background.js
- 8444923c0c/src/js/vapi-background.js

vapi-client.js
- https://github.com/gorhill/uBlock/commits/master/platform/chromium/vapi-client.js
- 266f62914f/meta/crx/vapi-client.js
- 8444923c0c/src/js/vapi-client.js
2019-09-19 11:04:12 -04:00
Raymond Hill 60aa80b571
Fix erroneous copyright date
As per commit history:
266f62914f/meta/crx/vapi-client.js
2019-09-19 09:12:51 -04:00
Raymond Hill a45a962517
Fix property name inconsistency
Addtionally, fixed erroneous copyright date, as per
commit history:
https://github.com/gorhill/uBlock/commits/master/platform/chromium/vapi-client.js
2019-09-19 09:07:55 -04:00
Raymond Hill 87d0e456f1
Simplify client messaging code
Little-used code from vapi-client.js has been moved
to vapi-client-extra.js. Given that vapi-client.js
is injected in all web pages, this means less dead
code being injected in all pages.

Swathes of code in vapi-client.js was used only in
a few very specific cases, such as when the logger's
DOM inspector is opened or when the "Filter lists"
pane in the dashboard is opened -- and thus to avoid
that little used code to be loaded in every web page
unconditionally, it has been moved to its own
separate file, vapi-client.extra.js.

vapi-client-extra.js is loaded declaratively or
programmatically only where needed.
2019-09-19 08:31:38 -04:00
Raymond Hill 022951547c
Work toward modernizing code base: promisification
Swathes of code have been converted to use
Promises/async/await.

Related commits:
- 3224d9b5cc
- 26235d80d0
- 0051f3b5c7
- eec53c0154
- 915687fddb
- 55cc0c6997
- e27328f931
2019-09-18 08:34:55 -04:00
Raymond Hill ed99d52bc4
Simplify slightly messaging code
- No need to hold onto channel name and message data while
  waiting for response to resolve
- Use more representative `msgId` instead of `auxProcessId`
2019-09-17 17:43:52 -04:00
Raymond Hill 3224d9b5cc
Work toward modernizing code base: promisification
Swathes of code have been converted to use
Promises/async/await.

Related commits:
- 26235d80d0
- 0051f3b5c7
- eec53c0154
- 915687fddb
- 55cc0c6997
- e27328f931
2019-09-17 15:15:01 -04:00
Raymond Hill 0051f3b5c7
Work toward modernizing code base: promisification
Swathes of code have been converted to use
Promises/async/await. More left to do.

Related commits:
- eec53c0154
- 915687fddb
- 55cc0c6997
- e27328f931
2019-09-16 16:17:48 -04:00
Raymond Hill eec53c0154
Work toward modernizing code base: promisification
Swathes of code have been converted to use
Promises/async/await. More left to do.

Related commits:
- 915687fddb
- 55cc0c6997
- e27328f931
2019-09-16 09:45:17 -04:00
Raymond Hill e27328f931
Work toward modernizing code base: promisification
Swathes of code have been converted to use
Promises/async/await. More left to do.

In the process, a regression affecting the fix to
<https://github.com/uBlockOrigin/uBlock-issues/issues/682>
has been fixed.
2019-09-15 07:58:28 -04:00
Raymond Hill e393a52442
Fix icon title always showing `(0)` when badge is disabled
Related feedback:
- https://www.reddit.com/r/uBlockOrigin/comments/d33d37/
2019-09-12 12:26:09 -04:00
Raymond Hill 93f438f55e
Add advanced setting for extension reload on update
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/717

Related feedback:
- https://github.com/uBlockOrigin/uBlock-issues/issues/717#issuecomment-530275655

New advanced setting: `extensionUpdateForceReload`

Default value: `false`

If set to `true`, the extension will unconditionally reload
when an update is available; otherwise the extension will
reload only when being explicitly disabled then enabled, or
when the browser is restarted.
2019-09-11 08:00:55 -04:00
Raymond Hill c8c2e11d09
Prevent reload if updated version is higher than current
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/717

Related feedback:
- https://github.com/uBlockOrigin/uBlock-issues/issues/717#issuecomment-528921730
2019-09-06 13:03:06 -04:00
Raymond Hill bcf5ac1fee
Add advanced setting to control logger popup type
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/663

The advanced setting `loggerPopupType` has been added, to
control the type of window to be used when the logger is
launched as a separate window.

The default value is `popup`, it can be changed to any of
the values documented at:

https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/windows/CreateType
2019-09-06 11:41:07 -04:00
Raymond Hill 5688888ec1
Remove pointless local scoping 2019-09-06 10:38:17 -04:00
Raymond Hill 59bdf2b4cc
Prevent uBO from being reloaded mid-session
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/717

Just registering a onUpdateAvailable() listener prevents
the browser from reloading the extension mid-session.

Ref:
- https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/runtime/onUpdateAvailable
2019-09-04 10:24:24 -04:00
Raymond Hill ca9b29c7ec
Distinguish between priviledge and unprivileged messages
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/710

Messages from unprivileged ports (i.e. from content scripts)
are no longer relayed to message handlers which are to be
strictly used to execute privileged code.

The last remaining case of unprivileged messages which
should be converted into a privileged ones will be taken
care of when the following issue is fixed:
- https://github.com/gorhill/uBlock/issues/3497
2019-09-01 12:43:12 -04:00
Raymond Hill 7ff750eaf6
Reflect blocking mode in badge color of toolbar icon
Related feedback:
- https://www.reddit.com/r/uBlockOrigin/comments/cmh910/

Additionally, the `3p` rule has been made distinct from
`3p-script`/`3p-frame` for the purpose of
"Relax blocking mode" command.

The badge color will hint at the current blocking mode.
There are four colors for the four following blocking
modes:
- JavaScript wholly disabled
- All 3rd parties blocked
- 3rd-party scripts and frames blocked
- None of the above

The default badge color will be used when JavaScript is not
wholly disabled and when there are no rules for `3p`,
`3p-script` or `3p-frame`.

A new advanced setting has been added to let the user choose
the badge colors for the various blocking modes,
`blockingProfileColors`. The value *must* be a sequence of
4 valid CSS color values that match 6 hexadecimal digits
prefixed with`#` -- anything else will be ignored.
2019-08-10 10:57:24 -04:00
Raymond Hill aaee898d95
Ensure icon & context menu are up to date on window focus change
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/151

Related feedback:
- https://github.com/uBlockOrigin/uBlock-issues/issues/680#issuecomment-515215220
2019-07-26 08:53:20 -04:00
Raymond Hill 066440534d
Prevent popup panel to close when forcing a tab reload
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/672

Additionally, this commit add the ability to press F5 to
force a reload while the popup panel is opened.
2019-07-21 11:50:15 -04:00
Raymond Hill e1dd7f7043
Ensure toolbar icon reflect updated whitelist directives
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/680

Opportunistically, vAPI.tabs has been refactored toward
ES6 syntax.
2019-07-21 10:48:44 -04:00
Raymond Hill 7e1868b1c3
Add virtuous signal that remote code execution is not possible
Related Chromium issue:
- https://bugs.chromium.org/p/chromium/issues/detail?id=985759

By expressly restricting JavaScript execution to only code
from the extension package, this explicitly tells code reviewer
that uBO can't execute remote code.

I also had to add `object-src 'self'`, otherwise Chromium
refused to load the extension with the following error message:

> 'content_security_policy': CSP directive 'object-src' must be specified

`object-src 'self'` is the default value.
2019-07-21 10:37:58 -04:00
Raymond Hill 730a83377e
Minor code review re. context menu code
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/151

I have been unsuccessful fixing the above issue, but I will
keep the changes made in the process of trying to fix it.
2019-07-02 09:43:26 -04:00
Raymond Hill 1dfdc40e09
Add ability to suspend network request handler at will
This works only for platforms supporting the return of
Promise by network listeners, i.e. only Firefox at this
point.

When filter lists are reloaded[1], there is a small
time window in which some network requests which should
have normally been blocked are not being blocked
because the static network filtering engine may not
have yet loaded all the filters in memory

This is now addressed by suspending the network request
handler when filter lists are reloaded -- again, this
works only on supported platforms.

[1] Examples: when a filter list update session
    completes; when user filters change, when
    adding/removing filter lists.
2019-06-30 10:09:27 -04:00
Raymond Hill 6c34b3c3c9
Use "relax" instead of "toggle"
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/371
2019-06-27 08:16:18 -04:00
Raymond Hill 693687fd74
Add keyboard support for toggling down blocking profile
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/371

By default, no specific keyboard shortcut is predefined,
this will have to be assigned by the user. The command
name in English is "Toggle blocking profile".

The default behavior is to toggle down according to one
of the following scenarios.

a) If script execution is disabled through the no-scripting
switch, the no-scripting switch will be locally toggled
so as to allow script execution. The page will be
automatically reloaded.

b) If script execution is not blocked but the 3rd-party
script and/or frame cells are blocked, local no-op rules
will be set so as to no longer block 3rd-party scripts
and/or frames. The page will be automatically reloaded.

Given this, it may take more than one toggle down command
to reach the lowest blocking profile, which is one where
JavaScript execution is not blocked and 3rd-party scripts
and frames resources block rules, if any, are bypassed
with local no-op rules.

TODO: At this point, I haven't yet decided whether
toggling from the lowest profile should restore the
original highest blocking profile.
2019-06-26 07:47:14 -04:00
Raymond Hill 793aca7ddb
Fix internal cosmetic filter being reported in the logger
Regression from:
- 62387fb87a

Repro steps were:
- Open the logger
- Navigate to `https://news.ycombinator.com/`
- Select an element using the element picker
- Click "Preview"

An attribute selector used internally by uBO to
hide targeted nodes was being reported in the
logger.
2019-06-20 07:14:34 -04:00
Raymond Hill 184e4f7a42
Avoid reloading the dashboard tab if it is already present
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/592
2019-05-24 20:15:40 -04:00
Raymond Hill eed13194fb
Handle possible exceptions in vAPI.messaging.broadcast()
I had exceptions thrown by that code once in a while,
about the `port` object not being connected; possibly
occurs only when using dev tools with breakpoints
in uBO's code. Even if this can be reproduced randomly
only when debugging uBO, it costs nothing to add code
in there to handle exceptions.
2019-05-21 14:07:38 -04:00
Raymond Hill 1386429382
Fix regression in applying procedural cosmetic filters
Related commit:
- 3573b6b32c
2019-05-16 17:22:20 -04:00
Raymond Hill 3573b6b32c
Add ability to report exception cosmetic filters in the logger
Related issue:
- https://github.com/gorhill/uBlock/issues/127

Additionally, the extended exception filters in the
logger will be rendered with a line-through to more
easily distinguish them from non-exception ones.

Also, opportunistically converted revisited code to
ES6 syntax.
2019-05-16 13:44:49 -04:00
Raymond Hill b87b242384
Use per-request secret rather than time-based secret
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/550
2019-05-01 07:41:04 -04:00
Raymond Hill 99212e3264
Code review: use function arrow properly 2019-05-01 06:35:47 -04:00
Raymond Hill 016625465e
Simplify a bit 9e43852 by using Array.every() 2019-04-30 16:18:40 -04:00
Raymond Hill 0714aceaaf
Simplify secret generation introduced in 9e4385243c 2019-04-30 15:19:10 -04:00
Raymond Hill 9e4385243c
Web accessible secrets can be used for at most one second
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/550

Related Chromium issue (I can't access it):
- https://bugs.chromium.org/p/chromium/issues/detail?id=957866

Findings so far: affects browsers based on Chromium 74.
I could not reproduce the issue with either Chromium 73 or
Google Chrome 75.

This commit is a mitigation: to prevent sites from using
uBO's internal WAR secret for tracking purpose. A secret
can be used for at most one second, after which a new secret
is generated.

The original issue related to the implementation of
secret-gated web accessible resources is:
- https://github.com/gorhill/uBlock/issues/2823
2019-04-30 14:36:07 -04:00
Raymond Hill 367cdd6666
Make use of `X-DNS-Prefetch-Control` in Chromium-based browsers
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/548

The fix applies only to Chromium-based browsers -- a
`X-DNS-Prefetch-Control` header[1] will be unconditionally
injected when uBO's "Disable pre-fetching" setting is
enabled (it is by default).

This is a mitigation, this does not completely fix the issue
of the setting "Disable pre-fetching" being disregarded on
Chromium-based browsers when sites use
`preconnect`/`preload`.

[1] https://developer.mozilla.org/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control
2019-04-27 13:12:33 -04:00
Raymond Hill 977178bef2
Use a lower WebRTC mode on Firefox to hide private IP addresses
Releated issue:
- https://github.com/gorhill/uBlock/issues/3009

Firefox implements differently the behavior of `disable_non_proxied_udp`,
and this probably leads to more oft-misdiagnosed breakage.

Example:
https://www.reddit.com/r/firefox/comments/b4guyl/gotowebmeeting_same_unsupported_bs/
2019-03-23 16:23:42 -03:00
Raymond Hill 0d369cda21
Allow use of browser.storage.local as cache storage backend in Firefox
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/409

By default `indexedDB` is used in Firefox for purpose of cache storage
backend.

This commit allows to force the use of `browser.storage.local` instead
as cache storage backend. For this to happen, set `cacheStorageAPI` to
`browser.storage.local` in advanced settings.

Additionally, should `indexedDB` not be available for whatever reason,
uBO will automatically fallback to `browser.storage.local`.
2019-02-17 15:40:09 -05:00
Raymond Hill ed7e34fb07
Refactor selfie generation into a more flexible persistence mechanism
The motivation is to address the higher peak memory usage at launch
time with 3rd-gen HNTrie when a selfie was present.

The selfie generation prior to this change was to collect all
filtering data into a single data structure, and then to serialize
that whole structure at once into storage (using JSON.stringify).

However, HNTrie serialization requires that a large UintArray32 be
converted into a plain JS array, which itslef would be indirectly
converted into a JSON string. This was the main reason why peak
memory usage would be higher at launch from selfie, since the JSON
string would need to be wholly unserialized into JS objects, which
themselves would need to be converted into more specialized data
structures (like that Uint32Array one).

The solution to lower peak memory usage at launch is to refactor
selfie generation to allow a more piecemeal approach: each filtering
component is given the ability to serialize itself rather than to be
forced to be embedded in the master selfie. With this approach, the
HNTrie buffer can now serialize to its own storage by converting the
buffer data directly into a string which can be directly sent to
storage. This avoiding expensive intermediate steps such as
converting into a JS array and then to a JSON string.

As part of the refactoring, there was also opportunistic code
upgrade to ES6 and Promise (eventually all of uBO's code will be
proper ES6).

Additionally, the polyfill to bring getBytesInUse() to Firefox has
been revisited to replace the rather expensive previous
implementation with an implementation with virtually no overhead.
2019-02-14 13:33:55 -05:00
Raymond Hill 83a3767a16
Test presence of `firefox` instead of absence of `chromium` 2019-02-12 15:29:20 -05:00
Raymond Hill 8c4249a870
Try to not rely on UA to lookup environment flavor
The environment flavor is used to by uBO to for self-configuration.

For users with spoofed UA at the `about:config` level, this might
cause uBO to misconfigure itself. Avoid UA and strictly rely on
browserInfo() for looking up environment parameters.
2019-02-12 11:11:58 -05:00
Raymond Hill 656203adc7
Minor generic code review of changes since 1.18.2 2019-02-02 08:09:34 -05:00
Raymond Hill 920eee88be
Code review: ensure vAPI.shutdown.exec is called from root context only
This prevents uncaught errors in content scripts when uBO's main
process is terminated (i.e. disabled, updated).
2019-01-28 16:16:52 -05:00
Raymond Hill a6ebcc85be
Reuse both flavors of webRequest wrapper in webext package
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/407

Both flavors will be stitched together into a single
`vapi-qebrequest.js` file.

The decision of which flavor to use will be made at runtime,
according to the browser environment.
2019-01-28 16:12:26 -05:00
Raymond Hill 15100459b3
Harden content script's message Port against spurious disconnections
Those spurious disconnections have been observed to occur at
uBO's launch time.

Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/403

I have observed that this fixes an issue observed on Firefox 64
(current stable).

The reported Waterfox issue *may* be fixed as a result. If not,
the issue he still considered fixed as Waterfox is not
officially supported.
2019-01-27 17:07:40 -05:00
Raymond Hill 41548be6be
Move early blocking of requests out of experimental status on Firefox
Related issues:
- https://github.com/gorhill/uBlock/issues/2067
- https://github.com/uBlockOrigin/uBlock-issues/issues/128

Related mozbug issue:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1503721
2018-12-23 17:59:31 -05:00
Raymond Hill 5b7a3c9983
fix https://github.com/uBlockOrigin/uBlock-issues/issues/256; add regex support in logger filter field 2018-12-14 11:01:21 -05:00
Raymond Hill 9b27a98f90
Fix https://github.com/gorhill/uBlock/issues/3654
Additionally, there has been refactoring work done regarding
filtering context used throughout uBO, motivated by the fix
here.
2018-12-13 12:30:54 -05:00
Raymond Hill 5c33a57158
fix reported extension error in Chrome 72.0.3622.0
Apparently the "file:///" permission is redundant to the declared
"<all_urls>" permission.
2018-12-05 14:46:35 -05:00
Raymond Hill ec55191a25
fix regression reported at https://www.reddit.com/r/uBlockOrigin/comments/9vcrk3/bug_in_ubo_1173_betas_when_saving_files_hosted_on/ 2018-11-08 19:58:45 -02:00
Raymond Hill 649f82f901
fix https://github.com/uBlockOrigin/uBlock-issues/issues/296 2018-11-02 08:55:15 -03:00
Raymond Hill 9039874fc9
refactor some webRequest-related code (now that firefox legacy is out of the way) 2018-10-28 10:58:25 -03:00
Raymond Hill fee65bec57
fix another case of https://github.com/uBlockOrigin/uBlock-issues/issues/167 2018-09-29 18:56:59 -04:00
Raymond Hill 6dd6dc5f1d
fix https://www.reddit.com/r/uBlockOrigin/comments/9gwrna/when_you_right_click_and_go_to_options_it_keeps/ 2018-09-18 20:14:09 -04:00
Raymond Hill 3ef4005f63
remove obstacle to modernize codebase with ES6 syntax: bump up min version for Chromium 2018-09-03 14:03:38 -04:00
Raymond Hill c00297680b
fix https://www.reddit.com/r/uMatrix/comments/8lc9ia/ 2018-08-25 12:57:21 -04:00
Raymond Hill 273f1db297
fix <https://github.com/uBlockOrigin/uBlock-issues/issues/168>: Firefox for Android does not support the windows API 2018-08-14 18:56:08 -04:00
Raymond Hill dc430f1eff
fix https://github.com/uBlockOrigin/uBlock-issues/issues/167 2018-08-14 14:32:56 -04:00