From a7f8a07beb27db741e639c022894812ed4db1067 Mon Sep 17 00:00:00 2001 From: Gaming4JC Date: Sat, 23 Jun 2018 18:50:44 -0400 Subject: [PATCH 1/1] re-organize filters, clarify preferences, and bump version --- preferences.json | 14 +++++------ src/resource-filter/process/filter.js | 36 ++++++++++++++++++--------- version_info | 4 +-- 3 files changed, 33 insertions(+), 21 deletions(-) diff --git a/preferences.json b/preferences.json index 6a30931..03ab491 100644 --- a/preferences.json +++ b/preferences.json @@ -4,35 +4,35 @@ ,"type": "bool" ,"value": true ,"title": "Block access to resource:// URIs from Web" - ,"description": "This is the extesion's main feature." + ,"description": "RECOMMENDED for privacy. This is the extesion's main feature." } ,{ "name": "uri.mozext.blocking.enabled" ,"type": "bool" ,"value": true ,"title": "Block access to moz-extension:// URIs from Web" - ,"description": "The possibility for fingerprintable leaks may exist." + ,"description": "RECOMMENDED for privacy. Protects you from precise fingerprinting by blocking access to webextensions (UUID)." } ,{ "name": "uri.ext.blocking.enabled" ,"type": "bool" ,"value": true ,"title": "Block access to extension:// URIs from Web" - ,"description": "Like moz-extension://, the possibility for fingerprintable leaks may exist in webextensions." + ,"description": "Protects you from fingerprinting by blocking access to legacy extensions." } ,{ "name": "uri.chrome.blocking.enabled" ,"type": "bool" ,"value": false - ,"title": "Block Web-exposed subset of chrome:// URIs" - ,"description": "RECOMMENDED for privacy. Enabling it may break certain extensions or badly designed Web sites." + ,"title": "Block access to chrome:// URIs from Web" + ,"description": "RECOMMENDED for privacy. WARNING: Enabling this will break certain extensions, internal browser pages, and/or badly designed web sites. [REQUIRES RESTART]" } ,{ "name": "redirect.enableMasking" ,"type": "bool" ,"value": true ,"title": "Uniformly filter disallowed redirects" - ,"description": "This eliminates one known source of an information leak" + ,"description": "RECOMMENDED for privacy. A specially crafted redirect can be used to access local resources by malicious web sites." } ,{ "name": "uri.resource.exposedList" @@ -46,7 +46,7 @@ ,"type": "string" ,"value": "" ,"title": "Exposed chrome:// domains" - ,"description": "This may harm your privacy: Only for debugging and as temporary measures (Separated with commas)" + ,"description": "This may harm your privacy: Only for debugging and as temporary measures (Separated with commas) [REQUIRES RESTART]" } ,{ "name": "uri.resource.mozextList" diff --git a/src/resource-filter/process/filter.js b/src/resource-filter/process/filter.js index ad2ffe4..7f678c7 100644 --- a/src/resource-filter/process/filter.js +++ b/src/resource-filter/process/filter.js @@ -26,25 +26,37 @@ const policyState = {__proto__: null ,blockExtUris: true ,blockMozextUris: true ,filterRedirects: true - ,whitelistAboutUris: false - ,secureAboutUris: new Set (['addons', 'home', 'preferences', 'support', 'newtab', 'debugging', 'config', 'downloads', 'profiles', 'sessionrestore', 'privatebrowsing', 'plugins']) + ,secureAboutUris: new Set (['addons', 'config', 'debugging', 'downloads', 'home', 'neterror', 'newtab', 'preferences', 'privatebrowsing', 'profiles', 'plugins', 'sessionrestore', 'support']) + ,secureChromeUris: new Set (['pluginproblem']) ,veryInsecureAboutUris: new Set (['blank', 'srcdoc']) ,extWhitelist: new Set ,mozextWhitelist: new Set + ,whitelistAboutUris: false }; - +// ,secureChromeUris: new Set (['browser', 'devtools', 'mozapps', 'pluginproblem', 'global']) // Note: view-source: scheme is no longer accessible from content (thus no leaks) +// TODO: Make secureChromeUris, extWhitelist, mozextWhitelist actually work. const isWhitelistedOrigin = u => (!u) - || u.schemeIs ('chrome') || u.schemeIs ('resource') || u.schemeIs ('view-source') - || u.schemeIs ('extension') || u.schemeIs ('moz-extension') || u.schemeIs ('about') - && (!policyState.veryInsecureAboutUris.has (u.path)) - && (policyState.secureAboutUris.has (u.path) || policyState.extWhitelist.has (u.path) - || policyState.mozextWhitelist.has (u.path) || policyState.whitelistAboutUris); + || u.schemeIs ('chrome') + && (policyState.secureChromeUris.has (u.path)) + || u.schemeIs ('resource') + || u.schemeIs ('view-source') + || u.schemeIs ('extension') + && (policyState.extWhitelist.has (u.path)) + || u.schemeIs ('moz-extension') + && (policyState.mozextWhitelist.has (u.path)) + || u.schemeIs ('about') + && (policyState.veryInsecureAboutUris.has (u.path)) + && (policyState.secureAboutUris.has (u.path) || policyState.whitelistAboutUris); +// TODO: Fix Logic +// Init blockChromeUris: This should block all chrome:// URI excluding exposedChromeDomains (user set) and secureChromeUris (set above). +// Doesn't whitelist properly, but better to be aggressive on blocking than not. const shouldBeBlocked = u => (!u) || policyState.blockChromeUris - && u.schemeIs ('chrome') && (!policyState.exposedChromeDomains.has (u.host)) + && u.schemeIs ('chrome') + && (!policyState.exposedChromeDomains.has (u.host)) || policyState.blockResourceUris && u.schemeIs ('resource') && (!policyState.exposedResourceDomains.has (u.host)) || policyState.exposedExtDomains @@ -116,8 +128,8 @@ try { observerService.removeObserver (requestObserver, 'http-on-examine-response')); } catch (e) {} -const setPolicy = ({enableRedirectMasking, blockChromeURIs, blockResourceURIs, blockExtUris, blockMozextUris - , enableDebug, restrictAboutPages, exposedChromeDomains, exposedResourceDomains, exposedExtDomains, exposedMozextDomains}) => +const setPolicy = ({enableRedirectMasking, blockChromeURIs, blockResourceURIs, blockExtURIs, blockMozextURIs + , enableDebug, exposedChromeDomains, exposedResourceDomains, exposedExtDomains, exposedMozextDomains, restrictAboutPages}) => { policyState.filterRedirects = !!enableRedirectMasking; policyState.blockChromeUris = !!blockChromeURIs; @@ -125,11 +137,11 @@ const setPolicy = ({enableRedirectMasking, blockChromeURIs, blockResourceURIs, b policyState.blockExtUris = !!blockExtURIs; policyState.blockMozextUris = !!blockMozextURIs; policyState.debug = !!enableDebug; - policyState.whitelistAboutUris = !restrictAboutPages; policyState.exposedChromeDomains = new Set (exposedChromeDomains || []); policyState.exposedResourceDomains = new Set (exposedResourceDomains || []); policyState.exposedExtDomains = new Set (exposedExtDomains || []); policyState.exposedMozextDomains = new Set (exposedMozextDomains || []); + policyState.whitelistAboutUris = !restrictAboutPages; }; try { diff --git a/version_info b/version_info index cc58b6a..ee3324a 100644 --- a/version_info +++ b/version_info @@ -22,7 +22,7 @@ addon_id="no-resource-uri-leak" # Canonical version of the addon (may be converted into different formats on build) -addon_version="1.2.2" +addon_version="1.2.3" # Alpha versions (may not be feature complete): x.y.z~a1, x.y.z~a2, ... # Beta versions (feature-frozen): x.y.z~b1, x.y.z~b2, ... @@ -35,7 +35,7 @@ addon_name="No Resource URI Leak" addon_author="Desktopd Project" addon_license_id='GPL-3.0+' -addon_description="Deny access to local URI paths in omni.jar: Very important to privacy. A direct workaround for bugzil.la/863246 and bugzil.la/1372288" +addon_description="Deny access to local URI paths in omni.ja!: Very important for privacy. A direct workaround for bugzil.la/863246 and bugzil.la/1372288" addon_website_uri="https://notabug.org/desktopd/no-resource-uri-leak" -- 2.17.1