1
0
mirror of https://github.com/gorhill/uBlock.git synced 2024-11-17 07:52:42 +01:00
Commit Graph

12404 Commits

Author SHA1 Message Date
Raymond Hill
9666eeb9cf
Do not treat selectors as "common" when char 0x09-0x0D are in attr value 2024-02-17 20:25:41 -05:00
Raymond Hill
0096b74d46
Make Firefox dev build auto-update 2024-02-17 20:06:02 -05:00
Raymond Hill
a7e8485b32
Update changelog 2024-02-17 20:01:42 -05:00
Raymond Hill
e6e01d96a4
New revision for dev build 2024-02-17 19:59:53 -05:00
Raymond Hill
be3e366019
Escape special whitespace characters in attribute values
Related issue:
https://github.com/uBlockOrigin/uBlock-issues/issues/3127

Reference:
https://mathiasbynens.be/notes/css-escapes
2024-02-17 19:57:44 -05:00
Raymond Hill
33749d2d3f
Use requestIdleCallback() in href-sanitizer scriptlet
Instead of requestAnimationFrame().
2024-02-17 12:53:57 -05:00
Raymond Hill
4af57e3e60
Import translation work from https://crowdin.com/project/ublock 2024-02-17 09:34:41 -05:00
Raymond Hill
557d8075a2
New version for stable release 2024-02-17 09:28:38 -05:00
Raymond Hill
d8fc4b6c68
Make Firefox dev build auto-update 2024-02-15 14:46:13 -05:00
Raymond Hill
f6d68be858
New revision for release candidate 2024-02-15 14:40:25 -05:00
Raymond Hill
0f4078901a
Update changelog 2024-02-15 14:39:50 -05:00
Raymond Hill
2a5a444482
Mind that multiple uritransform may apply to a single request
Related issue:
https://github.com/uBlockOrigin/uBlock-issues/issues/3125
2024-02-15 14:34:50 -05:00
Raymond Hill
9bff0c2f94
Fix incorrect built-in filtering expression in logger
Related issue:
https://github.com/uBlockOrigin/uBlock-issues/issues/3126
2024-02-15 14:03:15 -05:00
Raymond Hill
4832821715
Minor code review 2024-02-15 10:05:10 -05:00
Raymond Hill
84481fcd98
Fix typo in log message 2024-02-15 09:47:15 -05:00
Raymond Hill
7e00046b8e
[mv3] Salvage rule ids for all rulesets 2024-02-15 08:02:46 -05:00
Raymond Hill
8d47eac6e6
[mv3] Indent rulesets with fewer rules 2024-02-14 15:48:59 -05:00
Raymond Hill
88d9064a30
Put back proper account id 2024-02-14 15:09:03 -05:00
Raymond Hill
c6eefe3992
Make Firefox dev build auto-update 2024-02-14 15:06:10 -05:00
Raymond Hill
57c387af36
Update changelog 2024-02-14 14:57:56 -05:00
Raymond Hill
a2ced90398
Update changelog 2024-02-14 14:54:13 -05:00
Raymond Hill
bc0248bd07
Merge remote-tracking branch 'origin/master' 2024-02-14 14:51:43 -05:00
Raymond Hill
41511726dc
Further improve detection of forbidden report-xxx usage in filters
As per feedback from https://github.com/distinctmondaylila

Related commit:
https://github.com/gorhill/uBlock/commit/db5656f607
2024-02-14 14:48:31 -05:00
Raymond Hill
e8194aecf0
Further improve detection of forbidden report-xxx usage in filters
As per feedback from https://github.com/distinctmondaylila
2024-02-14 14:43:29 -05:00
Raymond Hill
1ef2ea0e93
Update changelog 2024-02-14 14:34:23 -05:00
Raymond Hill
b39dac34b1
New revision for release candidate 2024-02-14 14:33:25 -05:00
Raymond Hill
21ec5a277c
Fix improper invalidation of valid uritransform exception filters
Related feedback:
https://github.com/uBlockOrigin/uBlock-discussions/discussions/831#discussioncomment-8461847
2024-02-14 14:30:05 -05:00
Raymond Hill
f2d7413a42
[mv3] Reuse rule ids across release where possible
This is to reduce the diff size of rulesets in new
releases. Beside smaller diff size, this also makes it
easier to investigate rule changes across releases.
2024-02-14 14:27:36 -05:00
Raymond Hill
d6b88d5d6e
Make Firefox dev build auto-update 2024-02-14 11:50:43 -05:00
Raymond Hill
65b71f2e19
New revision for release candidate 2024-02-14 11:43:39 -05:00
Raymond Hill
ebb110fb3e
Fix logging code in trusted-replace-argument scriptlet
Related feedback:
https://github.com/uBlockOrigin/uBlock-discussions/discussions/859#discussioncomment-8368839
2024-02-14 11:41:58 -05:00
Raymond Hill
e16cedb18d
Make Firefox dev build auto-update 2024-02-14 09:11:15 -05:00
Raymond Hill
71eccf94dc
Update changelog 2024-02-14 08:46:40 -05:00
Raymond Hill
f2c1e72661
New revision for release candidate 2024-02-14 08:40:09 -05:00
Raymond Hill
50ebfb9932
Mind that attribute names are case-insensitive
Related issue:
https://github.com/uBlockOrigin/uBlock-issues/issues/3121
2024-02-14 08:37:01 -05:00
Raymond Hill
b22b3d729b
Improve prevent-addEventListener scriptlet
Related feedback:
https://github.com/uBlockOrigin/uBlock-issues/issues/3061#issuecomment-1899042062
2024-02-14 08:23:16 -05:00
Raymond Hill
068b625bef
In set-attr, restrict on... attributes to empty string only
As per feedback from https://github.com/distinctmondaylilac

Related commit:
https://github.com/gorhill/uBlock/commit/3037ae5f04

Additionally, added logging ability to the scriptlet.
2024-02-13 19:41:25 -05:00
Raymond Hill
68186a9242
Minor code review 2024-02-13 17:52:05 -05:00
Raymond Hill
e2d40cc446
Make Firefox dev build auto-update 2024-02-13 17:00:29 -05:00
Raymond Hill
9e1e19bdf3
New revision for release candidate 2024-02-13 16:49:00 -05:00
Raymond Hill
d80a3e30f8
Minor code review 2024-02-13 16:41:45 -05:00
Fanboynz
397d6d47b9
Fix Chartbeat flicker control div's (#3913) 2024-02-13 16:35:20 -05:00
Raymond Hill
6551cab525
Improve loggger output of prevent-fetch scriptlet
Related feedback:
https://github.com/uBlockOrigin/uBlock-issues/discussions/3115
2024-02-13 16:12:11 -05:00
Raymond Hill
246ae91c79
Make Firefox dev build auto-update 2024-02-13 15:46:21 -05:00
Raymond Hill
a7786a0a32
Import translation work from https://crowdin.com/project/ublock 2024-02-13 15:36:10 -05:00
Raymond Hill
00d90570a3
Update changelog 2024-02-13 15:16:11 -05:00
Raymond Hill
cc1199f4b6
New revision for dev build 2024-02-13 15:13:40 -05:00
Raymond Hill
7b138b58c6
Fix potential exfiltration of browsing history by a rogue list author through permissions=
As with `csp=` option, reporting capabilities need to be taken
into account with `permissions=` option.

Reference:
https://github.com/w3c/webappsec-permissions-policy/blob/main/reporting.md

This commit ensures that `permissions=` option using `report-to` are
marked as invalid.
2024-02-13 15:09:38 -05:00
Raymond Hill
3037ae5f04
Ignore event handler-related attributes in set-attr scriptlet
As suggested by https://github.com/distinctmondaylilac in internal
email to ubo-security:

> As a sidenote, it may be worth considering if `set-attr` should
> be able to set event handler attributes. It could potentially
> be used to copy the contents of e.g. onclick to other event handlers,
> resulting in self-clicking buttons.
2024-02-13 14:59:00 -05:00
Raymond Hill
db5656f607
Fix potential exfiltration of browsing history by a rogue list author through csp=
As reported internally to ubo-security by https://github.com/distinctmondaylila

One issue is a regression from the rewriting of the static filtering
parser in version 1.47.0, specifically the following commit:
https://github.com/gorhill/uBlock/commit/8ea3b0f64c
The existing regex was no longer suitable to properly detect
some usage of `report-xxx` in the rwritten parser.

Another issue which predates 1.47.0 is that the regex used for
validation was case-sensititive, while the `report-uri` directive
can be written using uppercase letters, i.e. `Report-uri`.
2024-02-13 14:35:08 -05:00