Commit Graph

4723 Commits

Author SHA1 Message Date
Raymond Hill e18a3707c7
Add an entry in _Report_ page for badware/phishing category
Related issue:
https://github.com/uBlockOrigin/uBlock-issues/issues/3151

Entry:
"Add an entry in the reporting tool for badware issues"
2024-09-15 13:20:47 -04:00
Raymond Hill 266ec4894b
New static network filter option `urlskip=`
Related issue:
https://github.com/uBlockOrigin/uBlock-issues/issues/3206

The main purpose is to bypass URLs designed to track whether a user
visited a specific URL, typically used in click-tracking links.

The `urlskip=` option ...

- ... is valid only when used in a trusted filter list
- ... is enforced only on top documents
- ... is enforced on both blocked and non-blocked documents
- ... is a modifier, i.e. it cannot be used along with other
      modifier options in a single filter

The syntax is `urlskip=[steps]`, where steps is a space-separated
list of extraction directives detailing what action to perform on
the current URL.

The only supported directive in this first commit is `?name`,
which purpose is to extract the value of a named URL parameter
and use the result as the new URL. Example:

  ||example.com/path/to/tracker$urlskip=?url

The above filter will cause navigation to

  https://example.com/path/to/tracker?url=https://example.org/

to automatically bypass navigation to `example.com` and navigate
directly to

  https://example.org/

It is possible to recursively extract URL parameters by using
more than one directive, example:

  ||example.com/path/to/tracker$urlskip=?url ?to

More extraction capabilities may be added in the future.
2024-09-15 09:17:19 -04:00
Raymond Hill 4b285c0593
Dynamically load DNR conversion module on-demand
DNR conversion module is a dev tool, no point loading it by
default. This was done this way because in a distant past uBO
had to be compatible with browsers not supporting dynamically
loaded modules.

Currently all supported browser versions support dynamically
loaded modules.
2024-09-14 12:13:47 -04:00
Raymond Hill c265e849e0
Fetch and cache cname of collated hostnames in page store
Related feedback:
https://github.com/uBlockOrigin/uBlock-issues/discussions/3376
2024-09-14 11:50:10 -04:00
Raymond Hill f936dfa648
Fix potential failure to unregister scriptlet
In Firefox-specific contentScripts API used to register
scriptlets. This could potentially occurs when there are
registrations pending during a reload of filter lists.
2024-09-14 09:32:37 -04:00
Raymond Hill 41d49921c8
Minor code review 2024-09-14 09:20:54 -04:00
Raymond Hill 5e6f78a902
Fix regression re. `mp4` filter option
Related issue:
https://github.com/uBlockOrigin/uBlock-issues/issues/3375
2024-09-14 00:10:34 -04:00
Raymond Hill 8fadfb2c5e
Import translation work from https://crowdin.com/project/ublock 2024-09-12 15:40:24 -04:00
Raymond Hill 6acf97bf51
Rewrite cname uncloaking code to account for new `ipaddress=` option
This commit makes the DNS resolution code better suited for both
filtering on cname and ip address. The change allows early availability
of ip address so that `ipaddress=` option can be matched at
onBeforeRequest time.

As a result, it is now possible to block root document using
`ipaddress=` option -- so long as an ip address can be extracted
before first onBeforeRequest() call.

Related issue:
https://github.com/uBlockOrigin/uBlock-issues/issues/2792

Caveat
------

the ip address used is the first one among the list of ip
addresses returned by dns.resolve() method. There is no way for uBO
to know which exact ip address will be used by the browser when
sending the request, so this is at most a best guess. The exact IP
address used by the browser is available at onHeadersReceived time,
and uBO will also filter according to this value, but by then the
network request has already been sent to the remote server.

Possibly a future improvement would make available the whole list
of ip addresses to the filtering engine, but even then it's impossible
to know with certainty which ip address will ultimately be used by the
browser -- it is entirely possible that the ip address used by the
browser might not be in the list received through dns.resolve().
2024-09-12 11:19:57 -04:00
Raymond Hill 099b9852cd
Code review for `ipaddress=` filter option
If an IP address can be extracted from the hostname portion of
a URL, the IP address matching will be performed at onBeforeRequest()
time.

Regardless, IP address matching will subsequently always be performed
at onHeadersReceived() time as the request details at that point
contain a reliable IP address value on supported platforms (Firefox-
only as of now).

The `cap_ipaddress` now evaluates to `true` in Chromium-based
browsers. Even though these browsers are unable to provide reliable
IP address value at onHeadersReceived() time, they can still
perform IP address matching for IP address extracted from hostname
portion of a URL.
2024-09-11 09:56:44 -04:00
Raymond Hill d5f14ffa32
Avoid using dns.resolve() for proxied DNS resolution
Related issue:
https://github.com/uBlockOrigin/uBlock-issues/issues/1743
2024-09-10 14:58:40 -04:00
Raymond Hill 401d2e8ea9
[mv3] Mind unsupported `header=`/`ipaddress` options in DNR API
Properly report unsupported `header=` and `ipaddress=` option in
log file.

`header=` support may become possible soon with Chromium 128
introducing blocking according to response headers content.
2024-09-10 11:50:09 -04:00
Raymond Hill 030d7334e4
Add support for `lan`/`loopback` values to `ipaddress=` option
Related issue:
https://github.com/uBlockOrigin/uBlock-issues/issues/1070
2024-09-10 11:11:11 -04:00
Raymond Hill c6dedd253f
New static network filter option `ipaddress=`
The purpose is to block according to the ip address of a network
request. In the current implementation, the filter option can only
be enforced at onHeadersReceived time.

The new filter option cannot be enforced in Chromium-based browsers
since the ip address of network requests is available only at
onResponseStarted time, which is not blocking.

The value assigned to `ipaddress` can either be a plain string which
must match exactly a given ip address, or a regex which will be
matched against the ip address.

The `ipaddress` option can only be enforced when the extension
framework does provide a valid ip address in a onHeadersReceived
listener. For instance, cached resources do not have a valid ip
address and thus can't be a match to `ipaddress` option.

Example:

  *$script,ipaddress=93.184.215.14
2024-09-09 09:35:23 -04:00
Raymond Hill 20115697e5
Add ability to quote static network option values
For the sake of convenience for filter list maintainers, this commit
add ability to quote static network option values, so as to avoid the
need to escape commas when parser ambiguity arises.

The quotes can be `"`, `'`, or backticks.

Example, the following filter requires escaping commas:

  example.com$xhr,replace=/"loremIpsum.*?([A-Z]"\}|"\}{2\,4})\}\]\,//,1p

Can be now rewritten with no need to escape when using quotes:

  example.com$xhr,replace='/"loremIpsum.*?([A-Z]"\}|"\}{2,4})\}\],//',1p
2024-09-08 10:01:13 -04:00
Raymond Hill 89f02098fd
Apply CSP/PP injections to `object` resources
Related feedback:
https://old.reddit.com/r/uBlockOrigin/comments/1f84tc5/
2024-09-04 11:28:45 -04:00
Raymond Hill 91125d29cf
Add support for `application/dash+xml` in `replace=` option
Related feedback:
https://github.com/uBlockOrigin/uAssets/issues/25164#issuecomment-2326358453
2024-09-03 10:14:15 -04:00
Raymond Hill b7ed3b45ed
Add ability to directly evaluate static network filtering engine
Related issue:
https://github.com/uBlockOrigin/uBlock-issues/issues/3362

There used to be a way to test URL against the network filtering engine,
but this was removed in a distant past during refactoring.

The ability has been brought back through uBO's own developer tools,
accessible through the _More_ button in the _Support_ pane in the
dashboard.

To query the static network filtering engine, enter the following
in the text editor:

snfe?url-to-test [type] [url-of-context]

`snfe?` is a prompt indicating the intent to query the static network
filtering engine.

At a minimum there must be a URL to test.

Optionally the type of the resource to match, default to `xhr` if
none specified. Also optionally, the context from within which the
request is made. Example:

Enter:
snfe?https://www.google-analytics.com/analytics.js

Result:
url: https://www.google-analytics.com/analytics.js
blocked: ||google-analytics.com^

Enter:
snfe?https://www.google-analytics.com/analytics.js script

Result:
url: https://www.google-analytics.com/analytics.js
type: script
blocked: ||google-analytics.com^
modified: ||google-analytics.com/analytics.js$script,redirect-rule=google-analytics_analytics.js:5

Enter:
snfe?https://example.com/

Result:
url: https://example.com/
not blocked

Enter:
snfe?https://example.com/ ping

Result:
url: https://example.com/
type: ping
blocked: *$ping,3p
2024-09-02 19:32:56 -04:00
Raymond Hill 59a9a43a83
Add noop resources for redirect purpose
Related discussion:
https://github.com/uBlockOrigin/uAssets/issues/25014#issuecomment-2307982886
2024-08-24 12:11:35 -04:00
Raymond Hill 09fef54959
[mv3] Ensure `redirect` has priority over`block`
Related issue:
https://github.com/uBlockOrigin/uBOL-home/issues/187#issuecomment-2301450418
2024-08-21 10:56:18 -04:00
Raymond Hill 34047daa06
Import translation work from https://crowdin.com/project/ublock 2024-08-19 12:02:00 -04:00
Raymond Hill 6891037758
[mv3] Fix exception filters not overriding redirect filters
Related issue:
https://github.com/uBlockOrigin/uBOL-home/issues/185
2024-08-17 11:00:42 -04:00
Raymond Hill 1cb660b94e
Fix plain exceptions not overriding block filters using `header=` option
Related issue:
https://github.com/uBlockOrigin/uBlock-issues/issues/3347
2024-08-17 10:11:18 -04:00
Raymond Hill 1822d1503f
Import translation work from https://crowdin.com/project/ublock 2024-08-12 10:54:11 -04:00
Raymond Hill a0de43aba9
Import translation work from https://crowdin.com/project/ublock 2024-07-29 16:05:15 -04:00
Raymond Hill c7b54af0a2
[mv3] Add minimal ability to diagnose ruleset issue
A new icon has been added to the popup panel, to open a popup
window with a terse list of DNR events for the current tab, in
reverse chronological order (most recent DNR event appears at
the top).

The new ability is available only when the extension is sideloaded,
as per `declarativeNetRequestFeedback` documentation. Ref:
https://developer.chrome.com/docs/extensions/reference/api/declarativeNetRequest#event-onRuleMatchedDebug

Purposefully minimal, so as to have something rather than nothing
when having to diagnose filtering issue with the DNR API. Example:
https://github.com/uBlockOrigin/uBOL-home/issues/156

The content of the popup window does not dynamically update, force
a refresh (F5) to get the most recent DNR events. This might be
improved in the future.

The DNR event buffer is not persisted, so the buffer is empty when
service worker is restarted. This might be improved in the future
by using session storage API.

There is no output filtering ability in this first draft. This
might be improved in the future.

DNR rules are reported. The filter from which a DNR rule
originates is not reported. Given that the rulesets are optimized
after conversion from original filter lists to reduce the DNR rule
count, this is unlikely to ever be possible.
2024-07-29 14:54:46 -04:00
Raymond Hill c90f4933df
Fix CSP/PP header injection in non-document resources
Related feedback:
https://github.com/uBlockOrigin/uBlock-issues/issues/229#issuecomment-2220354261
https://old.reddit.com/r/uBlockOrigin/comments/1dz6du7/

Regression from:
https://github.com/gorhill/uBlock/commit/7c3e060c01
2024-07-10 11:41:55 -04:00
Raymond Hill b98ef8141a
Fix CSP injection in non-document resources
Related feedback:
https://github.com/uBlockOrigin/uBlock-issues/issues/229#issuecomment-2220354261
https://old.reddit.com/r/uBlockOrigin/comments/1dz6du7/

Regression from:
https://github.com/gorhill/uBlock/commit/7c3e060c01
2024-07-10 10:09:59 -04:00
Raymond Hill 2bdbac1b84
Import translation work from https://crowdin.com/project/ublock 2024-07-09 13:16:17 -04:00
Raymond Hill 9569969b55
Fix distance calculation in picker
Related issue:
https://github.com/uBlockOrigin/uBlock-issues/issues/3279
2024-07-05 10:20:33 -04:00
Raymond Hill 8c5918dec7
Prevent resizing of title bar in popup menu
Related issue:
https://github.com/uBlockOrigin/uBlock-issues/issues/3284
2024-07-05 10:11:27 -04:00
Raymond Hill c154aaa69c
Fix bad serialization of Date objects
Related issue:
https://github.com/uBlockOrigin/uBlock-issues/issues/3283
2024-06-28 13:40:19 -04:00
Raymond Hill 896737d098
Fix race condition when loading redirect/scriptlet resources
Related feedback:
https://github.com/uBlockOrigin/uAssets/issues/23806#issuecomment-2190491767
2024-06-26 11:00:50 -04:00
Raymond Hill 47b985a056
Fix `:matches-prop()` operator when no value provided 2024-06-20 09:21:43 -04:00
Raymond Hill aca7674bac
Add `:matches-prop()` pseudo CSS operator
`subject:matches-prop(arg)`

Description: Allows to select an element by a property name (or chain of
properties), and optionally the property value.

Chainable: Yes.

`subject`: Can be a plain CSS selector, or a procedural cosmetic filter.

`arg`: A declaration in the form `chain=value`, where `chain` is a dot-
  separated string for the target property, and `value` is the optional
  property value to match. `value` can be literal text or literal regular
  expression. When no `value` is declared, the operator only tests for
  the presence of the target property

Example:

  example.org##div:matches-prop(imanad)
  example.org##img:matches-prop(naturalWidth=160)
2024-06-19 19:06:53 -04:00
Raymond Hill 91ee5bdeae
Improve `prevent-addEventListener` scriptlet
Related issue:
https://github.com/uBlockOrigin/uBlock-issues/issues/3061#issuecomment-2159662039
2024-06-11 07:44:43 -04:00
Raymond Hill d5208ee5dd
Add `isodate` as available placeholder for auto-comment
Related issue:
https://github.com/uBlockOrigin/uBlock-issues/issues/3265
2024-06-07 08:52:30 -04:00
Raymond Hill 8f81833efc
Classify generic cosmetic filters with comma as highly generic
Related discussion:
https://old.reddit.com/r/uBlockOrigin/comments/1d3ezoy/
2024-06-01 10:46:18 -04:00
Raymond Hill 82a3992896
Raise max buffer size for response body filtering
Related discussion:
https://github.com/uBlockOrigin/uBlock-discussions/discussions/891
2024-06-01 10:42:14 -04:00
Raymond Hill 8ea1bac80b
Trim end of class tokens in generic cosmetic filtering's surveyor
Related issue:
https://github.com/uBlockOrigin/uBlock-issues/issues/3257
2024-05-28 18:42:06 -04:00
Raymond Hill 3e7eca364b
Make logger console filter expression case-insensitive 2024-05-14 11:58:53 -04:00
Raymond Hill e738eaa447
Import translation work from https://crowdin.com/project/ublock 2024-05-12 15:51:46 -04:00
Raymond Hill 0e6d607484
Add checksum validation when loading trie buffers in selfie
Related issue:
https://github.com/uBlockOrigin/uBlock-issues/issues/3217#issuecomment-2103048654
2024-05-09 21:29:24 -04:00
Raymond Hill c098eb8625
Fix potential corruption when reading serialized data
Corrpution would occur when reading back serialized data which
contained multiple references to same instance of an object.

The issue could manifest when reading cache storage-related
data from the browser storage API, since the serializer is not
used when reading from indexedDB. Private/incognito mode
fall back on using browser storage API as cache storage.

Off the top of my head, I think the following conditions all
together could result in high likelihood of malfunction caused
by improperly deserializing data at launch time:

- Load from a selfie
- Selfie created after uBO ran for a while
- Selfie loaded from browser storage API (not the case by
  default)

Possibly related to reports of uBO malfunctioning:
https://github.com/uBlockOrigin/uBlock-issues/issues/3217#event-12686416838
2024-05-02 20:21:47 -04:00
Raymond Hill e891465775
Add more console logging for cache storage code 2024-05-02 20:15:46 -04:00
Raymond Hill 4c530b732f
Adjust element picker visuals
Related issue:
https://github.com/uBlockOrigin/uBlock-issues/issues/3220
2024-04-22 06:08:49 -04:00
Raymond Hill 6152f5269e
Improve dashboard layout at high zoom factor
Related issue:
https://github.com/uBlockOrigin/uBlock-issues/issues/3211
2024-04-16 11:21:06 -04:00
Raymond Hill 539938969d
Ensure reading last data written
Related discussion:
https://github.com/uBlockOrigin/uBlock-discussions/discussions/888
2024-04-13 16:03:17 -04:00
Raymond Hill 6e61a13e40
Open details pane only when clicking non-interactive elements
Related feedback:
https://github.com/uBlockOrigin/uBlock-issues/discussions/3202
2024-04-11 11:12:37 -04:00
Raymond Hill 3b4f02db21
Add a console pane to the logger
The console pane will report logging information reported by
scriptlets.

Related feedback:
https://github.com/uBlockOrigin/uBlock-issues/discussions/3096#discussioncomment-8748932

Plus other changes.
2024-04-10 11:27:40 -04:00