1
0
mirror of https://github.com/gorhill/uBlock.git synced 2024-11-07 11:22:38 +01:00
Commit Graph

11801 Commits

Author SHA1 Message Date
Raymond Hill
9bd483bec3
Enable "not permissions" filtering expression in logger
Related feedback:
https://github.com/uBlockOrigin/uBlock-issues/discussions/2714#discussioncomment-6959861
2023-10-22 17:50:45 -04:00
Raymond Hill
7ca18f77d9
Make Firefox dev build auto-update 2023-10-22 15:51:26 -04:00
Raymond Hill
9fed114374
New revision for dev build 2023-10-22 15:40:48 -04:00
Raymond Hill
9e2c919c24
Import translation work from https://crowdin.com/project/ublock 2023-10-22 15:40:16 -04:00
Raymond Hill
a9ff41ae55
Add filter expressions for logger output
Related feedback:
https://github.com/uBlockOrigin/uBlock-issues/discussions/2714#discussioncomment-6959761
2023-10-22 15:33:21 -04:00
Raymond Hill
70019e41a6
Make Firefox dev build auto-update 2023-10-22 13:21:19 -04:00
Raymond Hill
52d1357c67
New revision for release candidate 2023-10-22 13:10:33 -04:00
Raymond Hill
86f0d6dd97
Add trusted-prune-outbound-object.js scriptlet
Essentially a complement of `trusted-prune-inbound-object.js` added in
1c9da227d7

To perform object pruning on any object returned synchronously by
any given call.

The arguments for `trusted-prune-outbound-object` in order are:

- The name of the property to trap. Must be a function, and must
  exist when the scriptlet tries to install the trap.

- The properties to prune (as with `json-prune`)

- The properties which must all be present for pruning to occur
  (as with `json-prune`)

The scriptlets `json-prune.js` and `evaldata-prune.js` essentially
perform the same function, and will eventually be rewritten to
internally delegate to generic `trusted-prune-outbound-object.js`.
2023-10-22 12:35:49 -04:00
Raymond Hill
0b9b5a4802
Enable dev console by default in dev build 2023-10-22 12:33:10 -04:00
Raymond Hill
8c283d4d38
Flush the registered scriptlet cache as needed only
Related commit:
e5b438257f
2023-10-22 12:31:33 -04:00
Raymond Hill
f1ce3b2191
Add warning against adding custom filters from untrusted sources
Related discussion:
https://github.com/uBlockOrigin/uBlock-issues/discussions/2895#discussioncomment-7351138
2023-10-22 10:47:52 -04:00
Raymond Hill
e33c0f9d9c
Minor refactoring plus other minor changes
Added more evocative error messages to linter.

Made the content of _My filters_ trusted by default in
dev build.
2023-10-22 08:53:01 -04:00
Raymond Hill
5dd9584da2
Make Firefox dev build auto-update 2023-10-21 19:45:50 -04:00
Raymond Hill
fe36da3525
New revision for release candidate 2023-10-21 19:35:06 -04:00
Raymond Hill
64c1f8767c
Add ability to control trusted status of filter lists
Related discussion:
https://github.com/uBlockOrigin/uBlock-issues/discussions/2895

Changes:

The _content of the My filters_ pane is now considered untrusted by
default, and only uBO's own lists are now trusted by default.

It has been observed that too many people will readily copy-paste
filters from random sources. Copy-pasting filters which require trust
represents a security risk to users with no understanding of how the
filters work and their potential abuse.

Using a filter which requires trust in a filter list from an untrusted
source will cause the filter to be invalid, i.e. shown as an error.

A new advanced setting has been added to control which lists are
considered trustworthy: `trustedListPrefixes`, which is a space-
separated list of tokens. Examples of possible values:

- `ublock-`: trust only uBO lists, exclude everything else including
  content of _My filters_ (default value)

- `ublock- user-`: trust uBO lists and content of _My filters_

- `-`: trust no list, essentially disabling all filters requiring
  trust (admins or people who don't trust us may want to use this)

One can also decide to trust lists maintained elsewhere. For example,
for stock AdGuard lists add ` adguard-`. To trust stock EasyList lists,
add ` easylist-`.

To trust a specific regional stock list, look-up its token in
assets.json and add to `trustedListPrefixes`.

The matching is made with String.startsWith(), hence why `ublock-`
matches all uBO's own filter lists.

This also allows to trust imported lists, for example add
` https://filters.adtidy.org/extension/ublock/filters/` to trust all
non-stock AdGuard lists.

Add the complete URL of a given imported list to trust only that one
list.

URLs not starting with `https://` or `file:///` will be rejected,
i.e. `http://example.org` will be ignored.

Invalid URLs are rejected.
2023-10-21 19:29:10 -04:00
Raymond Hill
801d569585
Make Firefox dev build auto-update 2023-10-21 14:56:27 -04:00
Raymond Hill
e275e1b197
New revision for release candidate 2023-10-21 14:36:38 -04:00
Raymond Hill
e5b438257f
Ensure scriptlet cache is reset when filtering profile changes
Related issue:
https://github.com/uBlockOrigin/uBlock-issues/issues/2896

TODO: Eventually, distinguish between filtering profile increasing
or decreasing so as to avoid flushing caches when increasing
filtering, which should not affect the scriptlets cache.
2023-10-21 14:25:26 -04:00
Raymond Hill
d6bd14d708
Make Firefox dev build auto-update 2023-10-21 10:11:30 -04:00
Raymond Hill
e4490ee92a
New revision for release candidate 2023-10-21 10:00:02 -04:00
Raymond Hill
1c9da227d7
Add trusted-prune-inbound-object scriptlet
As per discussion with filter list maintainers.

To perform object pruning for any given call which has an object
as argument (hence "inbound").

Since `json-prune-stringify` scriptlet is a specific form of
pruning inbound objects, it has been removed.

The arguments for `trusted-prune-inbound-object` in order are:

- The name of the property to trap. Must be a function, and must
  exist when the scriptlet tries to install the trap.

- The position of the object to prune in the argument list when
  the trapped function is called. The position is 1-based and
  must be an integer greater than 0.

- The properties to prune (as with `json-prune`)

- The properties which must all be present for pruning to occur
  (as with `json-prune`)

- Varargs:
  - `, dontOverwrite, 1`: do not modify the target inbound object

Examples:

Remove `title` and `name` properties before passing the object to
`JSON.stringify` call:

  example.org##+js(trusted-prune-inbound-object, JSON.stringify, 1, title name)

Remove `status` property before passing the object to `Object.keys`
call but do not modify caller's instance of the object:

  example.org##+js(trusted-prune-inbound-object, Object.keys, 1, status, , dontOverwrite, 1)
2023-10-21 09:31:50 -04:00
Raymond Hill
287f7711aa
Import translation work from https://crowdin.com/project/ublock 2023-10-21 08:19:28 -04:00
Raymond Hill
6af4494946
[mv3] Honor scriptlets' target world in Firefox
When the target world of a scriptlet is the ISOLATED one,
skip Blob-based injection in Firefox, as the current world
is always the ISOLATED one. This should make ISOLATED
world-based scriptlets more reliable (i.e. execute sooner)
in Firefox.
2023-10-21 07:11:12 -04:00
Raymond Hill
607bba6eaf
Add dontOverwrite vararg to (trusted-)set-cookie scriptlet
When the vararg `, dontOverwrite, 1` is present, the scriptlet will
not modify the cookie if it already exists.

Related discussion:
https://github.com/uBlockOrigin/uAssets/issues/19976#issuecomment-1773466740
2023-10-20 21:38:54 -04:00
Raymond Hill
009c572cb0
Make Firefox dev build auto-update 2023-10-20 20:56:10 -04:00
Raymond Hill
9aaa7ab3f5
New revision for dev build 2023-10-20 20:44:57 -04:00
peace2000
eb66129fbf
Add "on" and "off" values to set-cookie (#3898)
* Add "on" and "off" values to set-cookie

Used on praxisplan.at.

0cd4612e18

* Update scriptlets.js
2023-10-20 20:43:52 -04:00
Raymond Hill
41d91ed080
Fine tune set-local-storage-item as per feedback
Related feedback:
- https://github.com/uBlockOrigin/uAssets/discussions/20194
- https://github.com/gorhill/uBlock/pull/3898
2023-10-20 20:10:35 -04:00
Raymond Hill
f0cd93335e
Revert "Turns out delay does apply to first element"
This reverts commit 906c6eb430.
2023-10-19 17:23:05 -04:00
Raymond Hill
906c6eb430
Turns out delay does apply to first element
Regarding `trusted-click-element`, and as per documentation
and code:
- https://github.com/AdguardTeam/Scriptlets/blob/master/wiki/about-trusted-scriptlets.md#trusted-scriptlets
- https://github.com/AdguardTeam/Scriptlets/blob/master/src/scriptlets/trusted-click-element.js
2023-10-19 14:08:57 -04:00
Raymond Hill
e873fd5378
Add cdn.statically.io as CDN for ublock-quick-fixes (dev build) 2023-10-18 11:38:00 -04:00
Raymond Hill
b219faf3c7
Make Firefox dev build auto-update 2023-10-18 10:51:36 -04:00
Raymond Hill
b73a0bef59
New revision for dev build 2023-10-18 10:18:55 -04:00
Raymond Hill
4dc396ff05
Fix typos in comments 2023-10-18 09:50:58 -04:00
Raymond Hill
9d3acd91b8
Support AdGuard's [trusted-]set-cookie-reload scriptlets
Related issue:
https://github.com/uBlockOrigin/uBlock-issues/issues/2881
2023-10-18 09:48:08 -04:00
Raymond Hill
5bd40b34cd
Support pairing doc with urltransform
Related feedback:
2e4525fe3c (commitcomment-130203742)
2023-10-18 09:06:28 -04:00
Raymond Hill
74a4772e41
Fix comment 2023-10-18 08:55:09 -04:00
Raymond Hill
b0fe6d228a
Use @latest instead of @main for jsDelivr CDN 2023-10-17 23:25:06 -04:00
Raymond Hill
b98ee0f442
Minor code review 2023-10-17 23:11:06 -04:00
Raymond Hill
31bdc9ef0d
Make Firefox dev build auto-update 2023-10-17 17:50:55 -04:00
Raymond Hill
5a471c2a01
New revision for dev build 2023-10-17 17:35:39 -04:00
Raymond Hill
51359c6585
[experimental] Add json-stringify scriptlet
Will be evaluated this current dev cycle and as a result
might be removed before next stable.

Other changes to increase code consistency.
2023-10-17 17:33:49 -04:00
Raymond Hill
c0ea5ebab5
Make Firefox dev build auto-update 2023-10-17 12:41:16 -04:00
Raymond Hill
5827f7161e
New revision for dev build 2023-10-17 12:32:05 -04:00
Raymond Hill
f34855b859
Do not consider same-creation time to be a stale status
Related commit:
7daf31336a
2023-10-17 12:30:06 -04:00
Raymond Hill
7daf31336a
Ignore assets older than cached version when fetching from CDNs
As discussed with filter list volunteers.

https://github.com/uBlockOrigin/uBlock-discussions/discussions/781#discussioncomment-7283981
2023-10-17 12:08:10 -04:00
Raymond Hill
f122ce7320
Add logging ability to trusted-click-element
If the vararg `, log, 1` is present, the scriptlet will log to
the console it's execution steps. Works only in dev build.
2023-10-16 19:53:48 -04:00
Raymond Hill
5a24fad8ad
Make fine-tuned json-prune-[...] scriptlets the default behavior
As discussed with filter list maintainers.
2023-10-16 19:36:16 -04:00
Raymond Hill
05ae51beb2
Minor code review of last commit
Related commit:
027c7a4fb5
2023-10-16 18:05:41 -04:00
Raymond Hill
027c7a4fb5
Support quoting scriptlet parameters with backticks
(In addition to in already supported single- and double-quote).

The parsing of (optionally) quoted arguments from an argument
list has been spinned off into a standalone helper in order to
be reused in other parts of the parser eventually.
2023-10-16 17:38:57 -04:00