From 7114d8ebb054046c89565a8a8cca6e0a4a1d068a Mon Sep 17 00:00:00 2001 From: Gaming4JC Date: Fri, 22 Jun 2018 20:53:21 -0400 Subject: [PATCH 1/1] adjust filter ordering and bump version --- src/main.js | 22 ++++++++--------- src/resource-filter/process/filter.js | 34 +++++++++++++-------------- version_info | 4 ++-- 3 files changed, 29 insertions(+), 31 deletions(-) diff --git a/src/main.js b/src/main.js index 4df13f8..18f10c3 100644 --- a/src/main.js +++ b/src/main.js @@ -31,14 +31,14 @@ const {enablePolicy} = require ('./resource-filter/init'); /* Preferences keys */ const PREF_REDIRECT_MASKED = 'redirect.enableMasking'; -const PREF_URI_RESOURCE_BLOCKED = 'uri.resource.blocking.enabled'; const PREF_URI_CHROME_BLOCKED = 'uri.chrome.blocking.enabled'; -const PREF_URI_MOZEXT_BLOCKED = 'uri.mozext.blocking.enabled'; +const PREF_URI_RESOURCE_BLOCKED = 'uri.resource.blocking.enabled'; const PREF_URI_EXT_BLOCKED = 'uri.ext.blocking.enabled'; +const PREF_URI_MOZEXT_BLOCKED = 'uri.mozext.blocking.enabled'; const PREF_URI_CHROME_WHITELIST = 'uri.chrome.exposedList'; const PREF_URI_RESOURCE_WHITELIST = 'uri.resource.exposedList'; -const PREF_URI_MOZEXT_WHITELIST = 'uri.resource.mozextList'; const PREF_URI_EXT_WHITELIST = 'uri.resource.extList'; +const PREF_URI_MOZEXT_WHITELIST = 'uri.resource.mozextList'; const PREF_RESTRICT_ABOUT = 'uri.about.restricted'; const PREF_DEBUG_ENABLED = 'debug.enabled'; @@ -51,23 +51,21 @@ const extractListItems = str => const update = $prefs => enablePolicy ({__proto__: null ,enableDebug: !!$prefs[PREF_DEBUG_ENABLED] + ,blockChromeURIs: !!$prefs[PREF_URI_CHROME_BLOCKED] ,blockResourceURIs: !!$prefs[PREF_URI_RESOURCE_BLOCKED] - ,blockMozextURIs: !!$prefs[PREF_URI_MOZEXT_BLOCKED] ,blockExtURIs: !!$prefs[PREF_URI_EXT_BLOCKED] - ,blockChromeURIs: !!$prefs[PREF_URI_CHROME_BLOCKED] + ,blockMozextURIs: !!$prefs[PREF_URI_MOZEXT_BLOCKED] ,enableRedirectMasking: !!$prefs[PREF_REDIRECT_MASKED] ,restrictAboutPages: !!$prefs[PREF_RESTRICT_ABOUT] - ,exposedResourceDomains: - extractListItems ($prefs[PREF_URI_RESOURCE_WHITELIST]) ,exposedChromeDomains: extractListItems ($prefs[PREF_URI_CHROME_WHITELIST]) - ,exposedMozextDomains: - extractListItems ($prefs[PREF_URI_MOZEXT_WHITELIST]) + ,exposedResourceDomains: + extractListItems ($prefs[PREF_URI_RESOURCE_WHITELIST]) ,exposedExtDomains: extractListItems ($prefs[PREF_URI_EXT_WHITELIST]) + ,exposedMozextDomains: + extractListItems ($prefs[PREF_URI_MOZEXT_WHITELIST]) }); update (_$prefs); -require ('sdk/simple-prefs').on ('control.update', () => void update (_$prefs)); - -//Build:git-3e7f3809346d94a85b0dddf30abdc43df7dee6cd \ No newline at end of file +require ('sdk/simple-prefs').on ('control.update', () => void update (_$prefs)); \ No newline at end of file diff --git a/src/resource-filter/process/filter.js b/src/resource-filter/process/filter.js index 9091a96..ad2ffe4 100644 --- a/src/resource-filter/process/filter.js +++ b/src/resource-filter/process/filter.js @@ -17,20 +17,20 @@ const {registerContentPolicy} = require ('./content-policy'); // Default values const policyState = {__proto__: null ,debug: false - ,exposedResourceDomains: new Set ,exposedChromeDomains: new Set + ,exposedResourceDomains: new Set ,exposedMozextDomains: new Set ,exposedExtDomains: new Set + ,blockChromeUris: true ,blockResourceUris: true - ,blockMozextUris: true ,blockExtUris: true - ,blockChromeUris: true + ,blockMozextUris: true ,filterRedirects: true ,whitelistAboutUris: false ,secureAboutUris: new Set (['addons', 'home', 'preferences', 'support', 'newtab', 'debugging', 'config', 'downloads', 'profiles', 'sessionrestore', 'privatebrowsing', 'plugins']) ,veryInsecureAboutUris: new Set (['blank', 'srcdoc']) - ,mozextWhitelist: new Set ,extWhitelist: new Set + ,mozextWhitelist: new Set }; @@ -39,18 +39,18 @@ const isWhitelistedOrigin = u => (!u) || u.schemeIs ('chrome') || u.schemeIs ('resource') || u.schemeIs ('view-source') || u.schemeIs ('extension') || u.schemeIs ('moz-extension') || u.schemeIs ('about') && (!policyState.veryInsecureAboutUris.has (u.path)) - && (policyState.secureAboutUris.has (u.path) || policyState.mozextWhitelist.has (u.path) - || policyState.extWhitelist.has (u.path) || policyState.whitelistAboutUris); + && (policyState.secureAboutUris.has (u.path) || policyState.extWhitelist.has (u.path) + || policyState.mozextWhitelist.has (u.path) || policyState.whitelistAboutUris); const shouldBeBlocked = u => (!u) - || policyState.blockResourceUris - && u.schemeIs ('resource') && (!policyState.exposedResourceDomains.has (u.host)) || policyState.blockChromeUris && u.schemeIs ('chrome') && (!policyState.exposedChromeDomains.has (u.host)) - || policyState.blockMozextUris - && u.schemeIs ('moz-extension') && (!policyState.exposedMozextDomains.has (u.host)) + || policyState.blockResourceUris + && u.schemeIs ('resource') && (!policyState.exposedResourceDomains.has (u.host)) || policyState.exposedExtDomains - && u.schemeIs ('extension') && (!policyState.exposedExtDomains.has (u.host)); + && u.schemeIs ('extension') && (!policyState.exposedExtDomains.has (u.host)) + || policyState.blockMozextUris + && u.schemeIs ('moz-extension') && (!policyState.exposedMozextDomains.has (u.host)); registerContentPolicy ({__proto__: null @@ -105,7 +105,7 @@ const requestObserver = {__proto__: null } } } catch (e) { - //console.exception (e); + console.exception (e); } } }; @@ -116,20 +116,20 @@ try { observerService.removeObserver (requestObserver, 'http-on-examine-response')); } catch (e) {} -const setPolicy = ({enableRedirectMasking, blockChromeURIs, blockMozextUris, blocExtUris, blockResourceURIs - , enableDebug, restrictAboutPages, exposedResourceDomains, exposedChromeDomains, exposedMozextDomains, exposedExtDomains}) => +const setPolicy = ({enableRedirectMasking, blockChromeURIs, blockResourceURIs, blockExtUris, blockMozextUris + , enableDebug, restrictAboutPages, exposedChromeDomains, exposedResourceDomains, exposedExtDomains, exposedMozextDomains}) => { policyState.filterRedirects = !!enableRedirectMasking; policyState.blockChromeUris = !!blockChromeURIs; policyState.blockResourceUris = !!blockResourceURIs; - policyState.blockMozextUris = !!blockMozextURIs; policyState.blockExtUris = !!blockExtURIs; + policyState.blockMozextUris = !!blockMozextURIs; policyState.debug = !!enableDebug; policyState.whitelistAboutUris = !restrictAboutPages; - policyState.exposedResourceDomains = new Set (exposedResourceDomains || []); policyState.exposedChromeDomains = new Set (exposedChromeDomains || []); - policyState.exposedMozextDomains = new Set (exposedMozextDomains || []); + policyState.exposedResourceDomains = new Set (exposedResourceDomains || []); policyState.exposedExtDomains = new Set (exposedExtDomains || []); + policyState.exposedMozextDomains = new Set (exposedMozextDomains || []); }; try { diff --git a/version_info b/version_info index 3907557..cc58b6a 100644 --- a/version_info +++ b/version_info @@ -22,7 +22,7 @@ addon_id="no-resource-uri-leak" # Canonical version of the addon (may be converted into different formats on build) -addon_version="1.2.1" +addon_version="1.2.2" # Alpha versions (may not be feature complete): x.y.z~a1, x.y.z~a2, ... # Beta versions (feature-frozen): x.y.z~b1, x.y.z~b2, ... @@ -35,7 +35,7 @@ addon_name="No Resource URI Leak" addon_author="Desktopd Project" addon_license_id='GPL-3.0+' -addon_description="Deny resource:// access to Web content: We fill the hole to defend against fingerprinting. Very important to Firefox privacy. A direct workaround for bugzil.la/863246" +addon_description="Deny access to local URI paths in omni.jar: Very important to privacy. A direct workaround for bugzil.la/863246 and bugzil.la/1372288" addon_website_uri="https://notabug.org/desktopd/no-resource-uri-leak" -- 2.17.1