mirror of
https://github.com/gorhill/uBlock.git
synced 2024-07-08 04:49:12 +02:00
Do not cname-uncloak same-origin network requests
Same-origin as per URL address of the main document. Currently the fix only affect top-level pages. Related issue: - https://github.com/uBlockOrigin/uBlock-issues/issues/1062 The previous behavior can be restored by toggling the advanced setting `cnameIgnoreRootDocument` to `false`.
This commit is contained in:
Raymond Hill
parent
44753053c3
commit
161a175bb0
@ -19,7 +19,7 @@
|
|||||||
Home: https://github.com/gorhill/uBlock
|
Home: https://github.com/gorhill/uBlock
|
||||||
*/
|
*/
|
||||||
|
|
||||||
// For background page
|
/* globals browser */
|
||||||
|
|
||||||
'use strict';
|
'use strict';
|
||||||
|
|
||||||
@ -69,7 +69,7 @@ import {
|
|||||||
super();
|
super();
|
||||||
this.pendingRequests = [];
|
this.pendingRequests = [];
|
||||||
this.canUncloakCnames = browser.dns instanceof Object;
|
this.canUncloakCnames = browser.dns instanceof Object;
|
||||||
this.cnames = new Map([ [ '', '' ] ]);
|
this.cnames = new Map([ [ '', null ] ]);
|
||||||
this.cnameIgnoreList = null;
|
this.cnameIgnoreList = null;
|
||||||
this.cnameIgnore1stParty = true;
|
this.cnameIgnore1stParty = true;
|
||||||
this.cnameIgnoreExceptions = true;
|
this.cnameIgnoreExceptions = true;
|
||||||
@ -110,7 +110,7 @@ import {
|
|||||||
if ( 'cnameReplayFullURL' in options ) {
|
if ( 'cnameReplayFullURL' in options ) {
|
||||||
this.cnameReplayFullURL = options.cnameReplayFullURL === true;
|
this.cnameReplayFullURL = options.cnameReplayFullURL === true;
|
||||||
}
|
}
|
||||||
this.cnames.clear(); this.cnames.set('', '');
|
this.cnames.clear(); this.cnames.set('', null);
|
||||||
this.cnameFlushTime = Date.now() + this.cnameMaxTTL * 60000;
|
this.cnameFlushTime = Date.now() + this.cnameMaxTTL * 60000;
|
||||||
// https://github.com/uBlockOrigin/uBlock-issues/issues/911
|
// https://github.com/uBlockOrigin/uBlock-issues/issues/911
|
||||||
// Install/remove proxy detector.
|
// Install/remove proxy detector.
|
||||||
@ -171,16 +171,18 @@ import {
|
|||||||
return Array.from(out);
|
return Array.from(out);
|
||||||
}
|
}
|
||||||
canonicalNameFromHostname(hn) {
|
canonicalNameFromHostname(hn) {
|
||||||
const cn = this.cnames.get(hn);
|
const cnRecord = this.cnames.get(hn);
|
||||||
if ( cn !== undefined && cn !== '' ) {
|
if ( cnRecord !== undefined && cnRecord !== null ) {
|
||||||
return cn;
|
return cnRecord.cname;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
processCanonicalName(hn, cn, details) {
|
processCanonicalName(hn, cnRecord, details) {
|
||||||
|
if ( cnRecord === null ) { return; }
|
||||||
|
if ( cnRecord.isRootDocument ) { return; }
|
||||||
const hnBeg = details.url.indexOf(hn);
|
const hnBeg = details.url.indexOf(hn);
|
||||||
if ( hnBeg === -1 ) { return; }
|
if ( hnBeg === -1 ) { return; }
|
||||||
const oldURL = details.url;
|
const oldURL = details.url;
|
||||||
let newURL = oldURL.slice(0, hnBeg) + cn;
|
let newURL = oldURL.slice(0, hnBeg) + cnRecord.cname;
|
||||||
const hnEnd = hnBeg + hn.length;
|
const hnEnd = hnBeg + hn.length;
|
||||||
if ( this.cnameReplayFullURL ) {
|
if ( this.cnameReplayFullURL ) {
|
||||||
newURL += oldURL.slice(hnEnd);
|
newURL += oldURL.slice(hnEnd);
|
||||||
@ -194,11 +196,11 @@ import {
|
|||||||
details.aliasURL = oldURL;
|
details.aliasURL = oldURL;
|
||||||
return super.onBeforeSuspendableRequest(details);
|
return super.onBeforeSuspendableRequest(details);
|
||||||
}
|
}
|
||||||
recordCanonicalName(hn, record) {
|
recordCanonicalName(hn, record, isRootDocument) {
|
||||||
if ( (this.cnames.size & 0b111111) === 0 ) {
|
if ( (this.cnames.size & 0b111111) === 0 ) {
|
||||||
const now = Date.now();
|
const now = Date.now();
|
||||||
if ( now >= this.cnameFlushTime ) {
|
if ( now >= this.cnameFlushTime ) {
|
||||||
this.cnames.clear(); this.cnames.set('', '');
|
this.cnames.clear(); this.cnames.set('', null);
|
||||||
this.cnameFlushTime = now + this.cnameMaxTTL * 60000;
|
this.cnameFlushTime = now + this.cnameMaxTTL * 60000;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -221,8 +223,9 @@ import {
|
|||||||
) {
|
) {
|
||||||
cname = '';
|
cname = '';
|
||||||
}
|
}
|
||||||
this.cnames.set(hn, cname);
|
const cnRecord = cname !== '' ? { cname, isRootDocument } : null;
|
||||||
return cname;
|
this.cnames.set(hn, cnRecord);
|
||||||
|
return cnRecord;
|
||||||
}
|
}
|
||||||
regexFromStrList(list) {
|
regexFromStrList(list) {
|
||||||
if (
|
if (
|
||||||
@ -257,26 +260,20 @@ import {
|
|||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (
|
const isRootDocument = details.type === 'main_frame' &&
|
||||||
details.type === 'main_frame' &&
|
this.cnameIgnoreRootDocument;
|
||||||
this.cnameIgnoreRootDocument
|
|
||||||
) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
const hn = hostnameFromNetworkURL(details.url);
|
const hn = hostnameFromNetworkURL(details.url);
|
||||||
const cname = this.cnames.get(hn);
|
const cnRecord = this.cnames.get(hn);
|
||||||
if ( cname === '' ) { return; }
|
if ( cnRecord !== undefined ) {
|
||||||
if ( cname !== undefined ) {
|
return this.processCanonicalName(hn, cnRecord, details);
|
||||||
return this.processCanonicalName(hn, cname, details);
|
|
||||||
}
|
}
|
||||||
return browser.dns.resolve(hn, [ 'canonical_name' ]).then(
|
return browser.dns.resolve(hn, [ 'canonical_name' ]).then(
|
||||||
rec => {
|
rec => {
|
||||||
const cname = this.recordCanonicalName(hn, rec);
|
const cnRecord = this.recordCanonicalName(hn, rec, isRootDocument);
|
||||||
if ( cname === '' ) { return; }
|
return this.processCanonicalName(hn, cnRecord, details);
|
||||||
return this.processCanonicalName(hn, cname, details);
|
|
||||||
},
|
},
|
||||||
( ) => {
|
( ) => {
|
||||||
this.cnames.set(hn, '');
|
this.cnames.set(hn, null);
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user