1
0
mirror of https://github.com/gorhill/uBlock.git synced 2024-11-17 16:02:33 +01:00
uBlock/src/js/traffic.js

483 lines
15 KiB
JavaScript
Raw Normal View History

2014-06-24 00:42:43 +02:00
/*******************************************************************************
2015-03-07 19:20:18 +01:00
µBlock - a browser extension to block requests.
2014-06-24 00:42:43 +02:00
Copyright (C) 2014 Raymond Hill
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see {http://www.gnu.org/licenses/}.
Home: https://github.com/gorhill/uBlock
*/
2014-11-24 23:20:21 +01:00
/* global µBlock, vAPI */
2014-06-24 00:42:43 +02:00
/******************************************************************************/
// Start isolation from global scope
µBlock.webRequest = (function() {
2014-11-24 23:20:21 +01:00
'use strict';
2014-06-24 00:42:43 +02:00
/******************************************************************************/
2015-03-26 00:28:22 +01:00
var exports = {};
/******************************************************************************/
2014-07-26 15:55:12 +02:00
// Intercept and filter web requests.
2014-07-14 17:24:59 +02:00
2014-07-26 01:29:51 +02:00
var onBeforeRequest = function(details) {
2015-02-25 20:15:36 +01:00
//console.debug('µBlock.webRequest/onBeforeRequest(): "%s": %o', details.url, details);
2015-03-13 15:02:33 +01:00
//console.debug('µBlock.webRequest/onBeforeRequest(): "type=%s, id=%d, parent id=%d, url=%s', details.type, details.frameId, details.parentFrameId, details.url);
2014-07-14 17:24:59 +02:00
2014-07-26 01:29:51 +02:00
// Special handling for root document.
2015-04-07 03:26:05 +02:00
// https://github.com/chrisaljoudi/uBlock/issues/1001
// This must be executed regardless of whether the request is
// behind-the-scene
2015-03-21 21:52:35 +01:00
var requestType = details.type;
if ( requestType === 'main_frame' ) {
2015-03-21 21:52:35 +01:00
return onBeforeRootFrameRequest(details);
2014-07-14 17:24:59 +02:00
}
// Special treatment: behind-the-scene requests
2015-03-21 21:52:35 +01:00
var tabId = details.tabId;
if ( vAPI.isBehindTheSceneTabId(tabId) ) {
return onBeforeBehindTheSceneRequest(details);
}
2014-07-26 01:29:51 +02:00
// Lookup the page store associated with this tab id.
2015-03-21 21:52:35 +01:00
var µb = µBlock;
var pageStore = µb.pageStoreFromTabId(tabId);
2014-07-26 01:29:51 +02:00
if ( !pageStore ) {
2015-04-09 00:46:08 +02:00
var tabContext = µb.tabContextManager.lookup(tabId);
if ( vAPI.isBehindTheSceneTabId(tabContext.tabId) ) {
return onBeforeBehindTheSceneRequest(details);
}
2015-04-09 00:46:08 +02:00
vAPI.tabs.onNavigation({ tabId: tabId, frameId: 0, url: tabContext.rawURL });
pageStore = µb.pageStoreFromTabId(tabId);
2014-07-14 20:40:40 +02:00
}
2014-07-15 13:38:34 +02:00
2015-04-07 03:26:05 +02:00
// https://github.com/chrisaljoudi/uBlock/issues/886
2015-02-25 20:15:36 +01:00
// For requests of type `sub_frame`, the parent frame id must be used
// to lookup the proper context:
// > If the document of a (sub-)frame is loaded (type is main_frame or
// > sub_frame), frameId indicates the ID of this frame, not the ID of
// > the outer frame.
// > (ref: https://developer.chrome.com/extensions/webRequest)
2015-03-21 21:52:35 +01:00
var isFrame = requestType === 'sub_frame';
2015-02-25 20:15:36 +01:00
var frameId = isFrame ? details.parentFrameId : details.frameId;
2015-04-09 00:46:08 +02:00
// https://github.com/chrisaljoudi/uBlock/issues/114
var requestContext = pageStore.createContextFromFrameId(frameId);
// Setup context and evaluate
2015-03-21 21:52:35 +01:00
var requestURL = details.url;
requestContext.requestURL = requestURL;
2015-01-21 01:39:13 +01:00
requestContext.requestHostname = details.hostname;
requestContext.requestType = requestType;
var result = pageStore.filterRequest(requestContext);
2014-07-14 17:24:59 +02:00
2015-01-16 18:15:12 +01:00
// Possible outcomes: blocked, allowed-passthru, allowed-mirror
2015-04-09 00:46:08 +02:00
pageStore.logRequest(requestContext, result);
2014-09-14 22:20:40 +02:00
// Not blocked
2015-01-16 18:15:12 +01:00
if ( µb.isAllowResult(result) ) {
2015-01-24 18:06:22 +01:00
//console.debug('traffic.js > onBeforeRequest(): ALLOW "%s" (%o) because "%s"', details.url, details, result);
2015-04-07 03:26:05 +02:00
// https://github.com/chrisaljoudi/uBlock/issues/114
2015-03-02 16:41:51 +01:00
frameId = details.frameId;
if ( frameId > 0 ) {
if ( isFrame ) {
pageStore.setFrame(frameId, requestURL);
} else if ( pageStore.getFrame(frameId) === null ) {
pageStore.setFrame(frameId, requestURL);
}
}
2014-09-14 22:20:40 +02:00
2014-07-14 17:24:59 +02:00
return;
}
2014-07-26 01:29:51 +02:00
// Blocked
2015-03-15 19:04:07 +01:00
//console.debug('traffic.js > onBeforeRequest(): BLOCK "%s" (%o) because "%s"', details.url, details, result);
2015-04-07 03:26:05 +02:00
// https://github.com/chrisaljoudi/uBlock/issues/905#issuecomment-76543649
// No point updating the badge if it's not being displayed.
if ( µb.userSettings.showIconBadge ) {
µb.updateBadgeAsync(tabId);
}
2014-07-26 01:29:51 +02:00
2015-04-07 03:26:05 +02:00
// https://github.com/chrisaljoudi/uBlock/issues/18
2014-07-26 01:29:51 +02:00
// Do not use redirection, we need to block outright to be sure the request
// will not be made. There can be no such guarantee with redirection.
2014-07-14 17:24:59 +02:00
2015-03-26 00:28:22 +01:00
return { cancel: true };
2014-07-14 17:24:59 +02:00
};
/******************************************************************************/
2015-03-21 21:52:35 +01:00
var onBeforeRootFrameRequest = function(details) {
2015-04-09 00:46:08 +02:00
var tabId = details.tabId;
2015-03-31 15:07:14 +02:00
var requestURL = details.url;
2015-04-09 00:46:08 +02:00
var µb = µBlock;
2015-03-31 15:07:14 +02:00
2015-04-09 00:46:08 +02:00
µb.tabContextManager.push(tabId, requestURL);
2015-03-26 00:28:22 +01:00
2015-03-21 21:52:35 +01:00
// Special handling for root document.
2015-04-07 03:26:05 +02:00
// https://github.com/chrisaljoudi/uBlock/issues/1001
2015-03-21 21:52:35 +01:00
// This must be executed regardless of whether the request is
// behind-the-scene
2015-03-26 00:28:22 +01:00
var requestHostname = details.hostname;
var requestDomain = µb.URI.domainFromHostname(requestHostname) || requestHostname;
2015-03-26 00:28:22 +01:00
var context = {
rootHostname: requestHostname,
rootDomain: requestDomain,
pageHostname: requestHostname,
pageDomain: requestDomain,
requestURL: requestURL,
requestHostname: requestHostname,
requestType: 'main_frame'
};
var result = '';
// If the site is whitelisted, disregard strict blocking
if ( µb.getNetFilteringSwitch(requestURL) === false ) {
result = 'ua:whitelisted';
}
2015-03-27 18:00:55 +01:00
// Permanently unrestricted?
if ( result === '' && µb.hnSwitches.evaluateZ('no-strict-blocking', requestHostname) ) {
result = 'ua:no-strict-blocking on';
2015-03-27 18:00:55 +01:00
}
2015-03-26 00:28:22 +01:00
// Temporarily whitelisted?
if ( result === '' ) {
result = isTemporarilyWhitelisted(result, requestHostname);
if ( result.charAt(1) === 'a' ) {
result = 'ua:no-strict-blocking on(temporary)';
}
2015-03-21 21:52:35 +01:00
}
2015-03-26 00:28:22 +01:00
// Filtering
if ( result === '' ) {
2015-03-27 18:00:55 +01:00
result = µb.staticNetFilteringEngine.matchString(context);
2015-04-07 03:26:05 +02:00
// https://github.com/chrisaljoudi/uBlock/issues/1128
2015-03-30 23:42:12 +02:00
// Do not block if the match begins after the hostname.
if ( result !== '' ) {
result = toBlockDocResult(requestURL, requestHostname, result);
}
2015-03-26 00:28:22 +01:00
}
// Log
2015-04-09 00:46:08 +02:00
var pageStore = µb.bindTabToPageStats(tabId, 'beforeRequest');
2015-03-26 00:28:22 +01:00
if ( pageStore ) {
pageStore.logRequest(context, result);
}
// Not blocked
if ( µb.isAllowResult(result) ) {
return;
}
// Blocked
var query = btoa(JSON.stringify({
url: requestURL,
2015-03-30 19:10:29 +02:00
hn: requestHostname,
dn: requestDomain,
2015-03-27 18:00:55 +01:00
why: result
2015-03-26 00:28:22 +01:00
}));
2015-03-27 18:00:55 +01:00
2015-04-09 00:46:08 +02:00
vAPI.tabs.replace(tabId, vAPI.getURL('document-blocked.html?details=') + query);
2015-03-27 18:00:55 +01:00
return { cancel: true };
2015-03-21 21:52:35 +01:00
};
/******************************************************************************/
2015-03-30 23:42:12 +02:00
var toBlockDocResult = function(url, hostname, result) {
if ( result.charAt(1) !== 'b' ) {
return '';
}
// Make a regex out of the result
var reText = result.slice(3);
var pos = reText.indexOf('$');
if ( pos > 0 ) {
reText = reText.slice(0, pos);
}
// We are going to have to take the long way to find out
if ( reText.charAt(0) === '/' && reText.slice(-1) === '/' ) {
reText = reText.slice(1, -1);
} else {
reText = reText
.replace(/\./g, '\\.')
.replace(/\?/g, '\\?')
.replace(/^\|\|/, '')
.replace(/\^/g, '.')
.replace(/^\|/g, '^')
.replace(/\|$/g, '$')
.replace(/\*/g, '.*');
}
var re = new RegExp(reText, 'gi');
var matches = re.exec(url);
if ( matches === null ) {
return '';
}
// https://github.com/chrisaljoudi/uBlock/issues/1128
// https://github.com/chrisaljoudi/uBlock/issues/1212
// Relax the rule: verify that the match is completely before the path part
if ( re.lastIndex <= url.indexOf(hostname) + hostname.length + 1 ) {
2015-03-30 23:42:12 +02:00
return result;
}
return '';
};
/******************************************************************************/
2015-01-24 18:06:22 +01:00
// Intercept and filter behind-the-scene requests.
var onBeforeBehindTheSceneRequest = function(details) {
//console.debug('traffic.js > onBeforeBehindTheSceneRequest(): "%s": %o', details.url, details);
var µb = µBlock;
var pageStore = µb.pageStoreFromTabId(vAPI.noTabId);
if ( !pageStore ) {
return;
}
2015-04-09 00:46:08 +02:00
var context = pageStore.createContextFromPage();
context.requestURL = details.url;
context.requestHostname = details.hostname;
context.requestType = details.type;
2015-01-24 18:06:22 +01:00
// Blocking behind-the-scene requests can break a lot of stuff: prevent
// browser updates, prevent extension updates, prevent extensions from
// working properly, etc.
// So we filter if and only if the "advanced user" mode is selected
var result = '';
if ( µb.userSettings.advancedUserEnabled ) {
2015-04-09 00:46:08 +02:00
result = pageStore.filterRequestNoCache(context);
2015-01-24 18:06:22 +01:00
}
2015-04-09 00:46:08 +02:00
pageStore.logRequest(context, result);
2015-01-24 18:06:22 +01:00
// Not blocked
if ( µb.isAllowResult(result) ) {
//console.debug('traffic.js > onBeforeBehindTheSceneRequest(): ALLOW "%s" (%o) because "%s"', details.url, details, result);
return;
}
// Blocked
2015-03-15 19:04:07 +01:00
//console.debug('traffic.js > onBeforeBehindTheSceneRequest(): BLOCK "%s" (%o) because "%s"', details.url, details, result);
2015-01-24 18:06:22 +01:00
return { 'cancel': true };
};
/******************************************************************************/
2014-09-24 23:38:22 +02:00
// To handle `inline-script`.
var onHeadersReceived = function(details) {
// Do not interfere with behind-the-scene requests.
var tabId = details.tabId;
if ( vAPI.isBehindTheSceneTabId(tabId) ) {
2014-09-24 23:38:22 +02:00
return;
}
2015-04-09 00:46:08 +02:00
// Special handling for root document.
if ( details.type === 'main_frame' ) {
return onRootFrameHeadersReceived(details);
}
// If we reach this point, we are dealing with a sub_frame
2014-09-24 23:38:22 +02:00
// Lookup the page store associated with this tab id.
var µb = µBlock;
var pageStore = µb.pageStoreFromTabId(tabId);
if ( !pageStore ) {
2015-04-09 00:46:08 +02:00
return;
2014-09-24 23:38:22 +02:00
}
// Frame id of frame request is their own id, while the request is made
2015-04-09 00:46:08 +02:00
// in the context of the parent.
var context = pageStore.createContextFromFrameId(details.parentFrameId);
context.requestURL = details.url;
2015-04-09 00:46:08 +02:00
context.requestHostname = details.hostname;
context.requestType = 'inline-script';
var result = pageStore.filterRequestNoCache(context);
pageStore.logRequest(context, result);
2015-01-13 17:54:54 +01:00
2015-04-09 00:46:08 +02:00
// Don't block
if ( µb.isAllowResult(result) ) {
return;
}
µb.updateBadgeAsync(tabId);
details.responseHeaders.push({
'name': 'Content-Security-Policy',
'value': "script-src 'unsafe-eval' *"
});
return { 'responseHeaders': details.responseHeaders };
};
/******************************************************************************/
var onRootFrameHeadersReceived = function(details) {
var tabId = details.tabId;
var µb = µBlock;
2015-01-17 21:03:33 +01:00
2015-04-09 00:46:08 +02:00
// Check if the main_frame is a download
// ...
if ( headerValue(details.responseHeaders, 'content-disposition').lastIndexOf('attachment', 0) === 0 ) {
µb.tabContextManager.unpush(tabId, details.url);
2015-01-17 21:03:33 +01:00
}
2015-04-09 00:46:08 +02:00
// Lookup the page store associated with this tab id.
var pageStore = µb.pageStoreFromTabId(tabId);
if ( !pageStore ) {
pageStore = µb.bindTabToPageStats(tabId, 'beforeRequest');
}
// I can't think of how pageStore could be null at this point.
var context = pageStore.createContextFromPage();
context.requestURL = details.url;
context.requestHostname = details.hostname;
2015-01-17 21:03:33 +01:00
context.requestType = 'inline-script';
var result = pageStore.filterRequestNoCache(context);
2015-01-24 18:06:22 +01:00
pageStore.logRequest(context, result);
// Don't block
if ( µb.isAllowResult(result) ) {
2014-09-24 23:38:22 +02:00
return;
}
µb.updateBadgeAsync(tabId);
details.responseHeaders.push({
'name': 'Content-Security-Policy',
2014-10-06 20:02:44 +02:00
'value': "script-src 'unsafe-eval' *"
2014-09-24 23:38:22 +02:00
});
return { 'responseHeaders': details.responseHeaders };
};
/******************************************************************************/
2015-04-09 00:46:08 +02:00
var headerValue = function(headers, name) {
var i = headers.length;
while ( i-- ) {
if ( headers[i].name.toLowerCase() === name ) {
return headers[i].value.trim();
}
}
return '';
};
/******************************************************************************/
vAPI.net.onBeforeRequest = {
urls: [
'http://*/*',
'https://*/*'
],
types: [
"main_frame",
"sub_frame",
'stylesheet',
"script",
"image",
"object",
"xmlhttprequest",
"other"
],
extra: [ 'blocking' ],
callback: onBeforeRequest
};
vAPI.net.onHeadersReceived = {
urls: [
'http://*/*',
'https://*/*'
],
types: [
2015-01-13 17:54:54 +01:00
"main_frame",
"sub_frame"
],
extra: [ 'blocking', 'responseHeaders' ],
callback: onHeadersReceived
};
vAPI.net.registerListeners();
2014-09-24 23:38:22 +02:00
2015-01-24 18:06:22 +01:00
//console.log('traffic.js > Beginning to intercept net requests at %s', (new Date()).toISOString());
2014-06-24 00:42:43 +02:00
/******************************************************************************/
var isTemporarilyWhitelisted = function(result, hostname) {
var obsolete, pos;
for (;;) {
obsolete = documentWhitelists[hostname];
if ( obsolete !== undefined ) {
if ( obsolete > Date.now() ) {
if ( result === '' ) {
return 'ua:*' + ' ' + hostname + ' doc allow';
}
} else {
delete documentWhitelists[hostname];
}
}
pos = hostname.indexOf('.');
if ( pos === -1 ) {
break;
}
hostname = hostname.slice(pos + 1);
}
return result;
};
2015-04-09 00:46:08 +02:00
var documentWhitelists = Object.create(null);
/******************************************************************************/
exports.temporarilyWhitelistDocument = function(hostname) {
if ( typeof hostname !== 'string' || hostname === '' ) {
2015-03-26 00:28:22 +01:00
return;
}
documentWhitelists[hostname] = Date.now() + 60 * 1000;
};
/******************************************************************************/
return exports;
/******************************************************************************/
2014-06-24 00:42:43 +02:00
})();
/******************************************************************************/