Left: | ||
Right: |
OLD | NEW |
---|---|
1 /* | 1 /* |
2 * This file is part of Adblock Plus <https://adblockplus.org/>, | 2 * This file is part of Adblock Plus <https://adblockplus.org/>, |
3 * Copyright (C) 2006-present eyeo GmbH | 3 * Copyright (C) 2006-present eyeo GmbH |
4 * | 4 * |
5 * Adblock Plus is free software: you can redistribute it and/or modify | 5 * Adblock Plus is free software: you can redistribute it and/or modify |
6 * it under the terms of the GNU General Public License version 3 as | 6 * it under the terms of the GNU General Public License version 3 as |
7 * published by the Free Software Foundation. | 7 * published by the Free Software Foundation. |
8 * | 8 * |
9 * Adblock Plus is distributed in the hope that it will be useful, | 9 * Adblock Plus is distributed in the hope that it will be useful, |
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of | 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of |
(...skipping 79 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
90 Filter.elemhideRegExp = /^([^/*|@"!]*?)#([@?])?#(.+)$/; | 90 Filter.elemhideRegExp = /^([^/*|@"!]*?)#([@?])?#(.+)$/; |
91 /** | 91 /** |
92 * Regular expression that RegExp filters specified as RegExps should match | 92 * Regular expression that RegExp filters specified as RegExps should match |
93 * @type {RegExp} | 93 * @type {RegExp} |
94 */ | 94 */ |
95 Filter.regexpRegExp = /^(@@)?\/.*\/(?:\$~?[\w-]+(?:=[^,\s]+)?(?:,~?[\w-]+(?:=[^, \s]+)?)*)?$/; | 95 Filter.regexpRegExp = /^(@@)?\/.*\/(?:\$~?[\w-]+(?:=[^,\s]+)?(?:,~?[\w-]+(?:=[^, \s]+)?)*)?$/; |
96 /** | 96 /** |
97 * Regular expression that options on a RegExp filter should match | 97 * Regular expression that options on a RegExp filter should match |
98 * @type {RegExp} | 98 * @type {RegExp} |
99 */ | 99 */ |
100 Filter.optionsRegExp = /\$(~?[\w-]+(?:=[^,\s]+)?(?:,~?[\w-]+(?:=[^,\s]+)?)*)$/; | 100 Filter.optionsRegExp = /\$(~?[\w-]+(?:=[^,]+)?(?:,~?[\w-]+(?:=[^,]+)?)*)$/; |
101 | 101 |
102 /** | 102 /** |
103 * Creates a filter of correct type from its text representation - does the | 103 * Creates a filter of correct type from its text representation - does the |
104 * basic parsing and calls the right constructor then. | 104 * basic parsing and calls the right constructor then. |
105 * | 105 * |
106 * @param {string} text as in Filter() | 106 * @param {string} text as in Filter() |
107 * @return {Filter} | 107 * @return {Filter} |
108 */ | 108 */ |
109 Filter.fromText = function(text) | 109 Filter.fromText = function(text) |
110 { | 110 { |
(...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
165 * Removes unnecessary whitespaces from filter text, will only return null if | 165 * Removes unnecessary whitespaces from filter text, will only return null if |
166 * the input parameter is null. | 166 * the input parameter is null. |
167 * @param {string} text | 167 * @param {string} text |
168 * @return {string} | 168 * @return {string} |
169 */ | 169 */ |
170 Filter.normalize = function(text) | 170 Filter.normalize = function(text) |
171 { | 171 { |
172 if (!text) | 172 if (!text) |
173 return text; | 173 return text; |
174 | 174 |
175 // Remove line breaks and such | 175 // Remove line breaks, tabs etc |
176 text = text.replace(/[^\S ]/g, ""); | 176 text = text.replace(/[^\S ]+/g, ""); |
sergei
2018/03/16 16:49:25
This change (including the same changes below) see
kzar
2018/03/17 14:35:06
I would rather just land this all together (same b
sergei
2018/03/19 15:47:31
OK, however if it gets a bit longer then could you
| |
177 | 177 |
178 if (/^\s*!/.test(text)) | 178 // Don't remove spaces inside comments |
179 if (/^ *!/.test(text)) | |
sergei
2018/03/16 16:49:24
This change seems unrelated too and to tell the tr
kzar
2018/03/17 14:35:07
It is the case since we've already replaced other
sergei
2018/03/19 15:47:32
Acknowledged.
| |
180 return text.trim(); | |
181 | |
182 // Special treatment for element hiding filters, right side is allowed to | |
183 // contain spaces | |
184 if (Filter.elemhideRegExp.test(text)) | |
179 { | 185 { |
180 // Don't remove spaces inside comments | 186 let [, domain, separator, selector] = /^(.*?)(#@?#?)(.*)$/.exec(text); |
181 return text.trim(); | 187 return domain.replace(/ +/g, "") + separator + selector.trim(); |
182 } | 188 } |
183 else if (Filter.elemhideRegExp.test(text)) | 189 |
190 // For most regexp filters we strip all spaces, but $csp filter options | |
191 // are allowed to contain single (non trailing) spaces. | |
192 let strippedText = text.replace(/ +/g, ""); | |
193 if (!strippedText.includes("$") || !/\bcsp=/i.test(strippedText)) | |
194 return strippedText; | |
195 | |
196 let optionsMatch = Filter.optionsRegExp.exec(strippedText); | |
sergei
2018/03/16 16:49:25
I would like to carefully double check what is hap
sergei
2018/03/16 16:49:25
Since parsing time is very important could you ple
kzar
2018/03/17 14:35:07
None in EasyList, 24 in the uBlock filter list[1].
sergei
2018/03/19 15:47:31
Acknowledged. BTW, now it also additionally execut
kzar
2018/03/19 16:38:59
Yes I know.
| |
197 if (!optionsMatch) | |
198 return strippedText; | |
199 | |
200 // For $csp filters we must first separate out the options part of the | |
201 // text, being careful to preserve its spaces. | |
202 let beforeOptions = strippedText.substring(0, optionsMatch.index); | |
203 let optionsText = text; | |
204 for (let i = beforeOptions.split("$").length; i > 0; i--) | |
205 optionsText = optionsText.substr(optionsText.indexOf("$") + 1); | |
206 | |
207 // Then we can normalize spaces in the options part safely | |
208 let options = optionsText.split(","); | |
209 for (let i = 0; i < options.length; i++) | |
184 { | 210 { |
185 // Special treatment for element hiding filters, right side is allowed to | 211 let option = options[i]; |
186 // contain spaces | 212 let cspMatch = /^ *c *s *p *=/i.exec(option); |
187 let [, domain, separator, selector] = /^(.*?)(#@?#?)(.*)$/.exec(text); | 213 if (cspMatch) |
188 return domain.replace(/\s/g, "") + separator + selector.trim(); | 214 { |
215 options[i] = cspMatch[0].replace(/ +/g, "") + | |
216 option.substr(cspMatch[0].length).trim().replace(/ +/g, " "); | |
217 } | |
218 else | |
219 options[i] = option.replace(/ +/g, ""); | |
189 } | 220 } |
190 return text.replace(/\s/g, ""); | 221 |
222 return beforeOptions + "$" + options.join(); | |
191 }; | 223 }; |
192 | 224 |
193 /** | 225 /** |
194 * @see filterToRegExp | 226 * @see filterToRegExp |
195 */ | 227 */ |
196 Filter.toRegExp = filterToRegExp; | 228 Filter.toRegExp = filterToRegExp; |
197 | 229 |
198 /** | 230 /** |
199 * Class for invalid filters | 231 * Class for invalid filters |
200 * @param {string} text see Filter() | 232 * @param {string} text see Filter() |
(...skipping 519 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
720 blocking = false; | 752 blocking = false; |
721 text = text.substr(2); | 753 text = text.substr(2); |
722 } | 754 } |
723 | 755 |
724 let contentType = null; | 756 let contentType = null; |
725 let matchCase = null; | 757 let matchCase = null; |
726 let domains = null; | 758 let domains = null; |
727 let sitekeys = null; | 759 let sitekeys = null; |
728 let thirdParty = null; | 760 let thirdParty = null; |
729 let collapse = null; | 761 let collapse = null; |
762 let csp = null; | |
730 let options; | 763 let options; |
731 let match = (text.indexOf("$") >= 0 ? Filter.optionsRegExp.exec(text) : null); | 764 let match = (text.indexOf("$") >= 0 ? Filter.optionsRegExp.exec(text) : null); |
732 if (match) | 765 if (match) |
733 { | 766 { |
734 options = match[1].toUpperCase().split(","); | 767 options = match[1].split(","); |
735 text = match.input.substr(0, match.index); | 768 text = match.input.substr(0, match.index); |
736 for (let option of options) | 769 for (let option of options) |
737 { | 770 { |
738 let value = null; | 771 let value = null; |
739 let separatorIndex = option.indexOf("="); | 772 let separatorIndex = option.indexOf("="); |
740 if (separatorIndex >= 0) | 773 if (separatorIndex >= 0) |
741 { | 774 { |
742 value = option.substr(separatorIndex + 1); | 775 value = option.substr(separatorIndex + 1); |
743 option = option.substr(0, separatorIndex); | 776 option = option.substr(0, separatorIndex); |
744 } | 777 } |
745 option = option.replace(/-/, "_"); | 778 option = option.replace(/-/, "_").toUpperCase(); |
746 if (option in RegExpFilter.typeMap) | 779 if (option in RegExpFilter.typeMap) |
747 { | 780 { |
748 if (contentType == null) | 781 if (contentType == null) |
749 contentType = 0; | 782 contentType = 0; |
750 contentType |= RegExpFilter.typeMap[option]; | 783 contentType |= RegExpFilter.typeMap[option]; |
784 | |
785 if (option == "CSP" && typeof value != "undefined") | |
786 { | |
787 if (csp) | |
788 csp.push(value); | |
789 else | |
790 csp = [value]; | |
791 } | |
751 } | 792 } |
752 else if (option[0] == "~" && option.substr(1) in RegExpFilter.typeMap) | 793 else if (option[0] == "~" && option.substr(1) in RegExpFilter.typeMap) |
753 { | 794 { |
754 if (contentType == null) | 795 if (contentType == null) |
755 ({contentType} = RegExpFilter.prototype); | 796 ({contentType} = RegExpFilter.prototype); |
756 contentType &= ~RegExpFilter.typeMap[option.substr(1)]; | 797 contentType &= ~RegExpFilter.typeMap[option.substr(1)]; |
757 } | 798 } |
758 else if (option == "MATCH_CASE") | 799 else if (option == "MATCH_CASE") |
759 matchCase = true; | 800 matchCase = true; |
760 else if (option == "~MATCH_CASE") | 801 else if (option == "~MATCH_CASE") |
761 matchCase = false; | 802 matchCase = false; |
762 else if (option == "DOMAIN" && typeof value != "undefined") | 803 else if (option == "DOMAIN" && typeof value != "undefined") |
763 domains = value; | 804 domains = value.toUpperCase(); |
sergei
2018/03/16 16:49:24
Is this change related to the issue? When I was pr
kzar
2018/03/17 14:35:06
Yes.
| |
764 else if (option == "THIRD_PARTY") | 805 else if (option == "THIRD_PARTY") |
765 thirdParty = true; | 806 thirdParty = true; |
766 else if (option == "~THIRD_PARTY") | 807 else if (option == "~THIRD_PARTY") |
767 thirdParty = false; | 808 thirdParty = false; |
768 else if (option == "COLLAPSE") | 809 else if (option == "COLLAPSE") |
769 collapse = true; | 810 collapse = true; |
770 else if (option == "~COLLAPSE") | 811 else if (option == "~COLLAPSE") |
771 collapse = false; | 812 collapse = false; |
772 else if (option == "SITEKEY" && typeof value != "undefined") | 813 else if (option == "SITEKEY" && typeof value != "undefined") |
773 sitekeys = value; | 814 sitekeys = value.toUpperCase(); |
774 else | 815 else |
775 return new InvalidFilter(origText, "filter_unknown_option"); | 816 return new InvalidFilter(origText, "filter_unknown_option"); |
776 } | 817 } |
777 } | 818 } |
778 | 819 |
779 try | 820 try |
780 { | 821 { |
781 if (blocking) | 822 if (blocking) |
782 { | 823 { |
824 if (csp) | |
825 { | |
826 csp = csp.join("; ").toLowerCase(); | |
827 | |
828 // Prevent injecting directives which could be a privacy concern | |
829 if (/(;|^) ?(report-to|report-uri|referrer)\b/.test(csp)) | |
830 return new InvalidFilter(origText, "filter_invalid_csp"); | |
831 } | |
832 | |
783 return new BlockingFilter(origText, text, contentType, matchCase, domains, | 833 return new BlockingFilter(origText, text, contentType, matchCase, domains, |
784 thirdParty, sitekeys, collapse); | 834 thirdParty, sitekeys, collapse, csp); |
785 } | 835 } |
786 return new WhitelistFilter(origText, text, contentType, matchCase, domains, | 836 return new WhitelistFilter(origText, text, contentType, matchCase, domains, |
787 thirdParty, sitekeys); | 837 thirdParty, sitekeys); |
788 } | 838 } |
789 catch (e) | 839 catch (e) |
790 { | 840 { |
791 return new InvalidFilter(origText, "filter_invalid_regexp"); | 841 return new InvalidFilter(origText, "filter_invalid_regexp"); |
792 } | 842 } |
793 }; | 843 }; |
794 | 844 |
795 /** | 845 /** |
796 * Maps type strings like "SCRIPT" or "OBJECT" to bit masks | 846 * Maps type strings like "SCRIPT" or "OBJECT" to bit masks |
797 */ | 847 */ |
798 RegExpFilter.typeMap = { | 848 RegExpFilter.typeMap = { |
799 OTHER: 1, | 849 OTHER: 1, |
800 SCRIPT: 2, | 850 SCRIPT: 2, |
801 IMAGE: 4, | 851 IMAGE: 4, |
802 STYLESHEET: 8, | 852 STYLESHEET: 8, |
803 OBJECT: 16, | 853 OBJECT: 16, |
804 SUBDOCUMENT: 32, | 854 SUBDOCUMENT: 32, |
805 DOCUMENT: 64, | 855 DOCUMENT: 64, |
806 WEBSOCKET: 128, | 856 WEBSOCKET: 128, |
807 WEBRTC: 256, | 857 WEBRTC: 256, |
858 CSP: 512, | |
808 XBL: 1, | 859 XBL: 1, |
809 PING: 1024, | 860 PING: 1024, |
810 XMLHTTPREQUEST: 2048, | 861 XMLHTTPREQUEST: 2048, |
811 OBJECT_SUBREQUEST: 4096, | 862 OBJECT_SUBREQUEST: 4096, |
812 DTD: 1, | 863 DTD: 1, |
813 MEDIA: 16384, | 864 MEDIA: 16384, |
814 FONT: 32768, | 865 FONT: 32768, |
815 | 866 |
816 BACKGROUND: 4, // Backwards compat, same as IMAGE | 867 BACKGROUND: 4, // Backwards compat, same as IMAGE |
817 | 868 |
818 POPUP: 0x10000000, | 869 POPUP: 0x10000000, |
819 GENERICBLOCK: 0x20000000, | 870 GENERICBLOCK: 0x20000000, |
820 ELEMHIDE: 0x40000000, | 871 ELEMHIDE: 0x40000000, |
821 GENERICHIDE: 0x80000000 | 872 GENERICHIDE: 0x80000000 |
822 }; | 873 }; |
823 | 874 |
824 // DOCUMENT, ELEMHIDE, POPUP, GENERICHIDE and GENERICBLOCK options shouldn't | 875 // CSP, DOCUMENT, ELEMHIDE, POPUP, GENERICHIDE and GENERICBLOCK options |
825 // be there by default | 876 // shouldn't be there by default |
826 RegExpFilter.prototype.contentType &= ~(RegExpFilter.typeMap.DOCUMENT | | 877 RegExpFilter.prototype.contentType &= ~(RegExpFilter.typeMap.CSP | |
878 RegExpFilter.typeMap.DOCUMENT | | |
827 RegExpFilter.typeMap.ELEMHIDE | | 879 RegExpFilter.typeMap.ELEMHIDE | |
828 RegExpFilter.typeMap.POPUP | | 880 RegExpFilter.typeMap.POPUP | |
829 RegExpFilter.typeMap.GENERICHIDE | | 881 RegExpFilter.typeMap.GENERICHIDE | |
830 RegExpFilter.typeMap.GENERICBLOCK); | 882 RegExpFilter.typeMap.GENERICBLOCK); |
831 | 883 |
832 /** | 884 /** |
833 * Class for blocking filters | 885 * Class for blocking filters |
834 * @param {string} text see Filter() | 886 * @param {string} text see Filter() |
835 * @param {string} regexpSource see RegExpFilter() | 887 * @param {string} regexpSource see RegExpFilter() |
836 * @param {number} contentType see RegExpFilter() | 888 * @param {number} contentType see RegExpFilter() |
837 * @param {boolean} matchCase see RegExpFilter() | 889 * @param {boolean} matchCase see RegExpFilter() |
838 * @param {string} domains see RegExpFilter() | 890 * @param {string} domains see RegExpFilter() |
839 * @param {boolean} thirdParty see RegExpFilter() | 891 * @param {boolean} thirdParty see RegExpFilter() |
840 * @param {string} sitekeys see RegExpFilter() | 892 * @param {string} sitekeys see RegExpFilter() |
841 * @param {boolean} collapse | 893 * @param {boolean} collapse |
842 * defines whether the filter should collapse blocked content, can be null | 894 * defines whether the filter should collapse blocked content, can be null |
895 * @param {string} [csp] | |
896 * Content Security Policy to inject when the filter matches | |
843 * @constructor | 897 * @constructor |
844 * @augments RegExpFilter | 898 * @augments RegExpFilter |
845 */ | 899 */ |
846 function BlockingFilter(text, regexpSource, contentType, matchCase, domains, | 900 function BlockingFilter(text, regexpSource, contentType, matchCase, domains, |
847 thirdParty, sitekeys, collapse) | 901 thirdParty, sitekeys, collapse, csp) |
848 { | 902 { |
849 RegExpFilter.call(this, text, regexpSource, contentType, matchCase, domains, | 903 RegExpFilter.call(this, text, regexpSource, contentType, matchCase, domains, |
850 thirdParty, sitekeys); | 904 thirdParty, sitekeys); |
851 | 905 |
852 this.collapse = collapse; | 906 this.collapse = collapse; |
907 this.csp = csp; | |
853 } | 908 } |
854 exports.BlockingFilter = BlockingFilter; | 909 exports.BlockingFilter = BlockingFilter; |
855 | 910 |
856 BlockingFilter.prototype = extend(RegExpFilter, { | 911 BlockingFilter.prototype = extend(RegExpFilter, { |
857 type: "blocking", | 912 type: "blocking", |
858 | 913 |
859 /** | 914 /** |
860 * Defines whether the filter should collapse blocked content. | 915 * Defines whether the filter should collapse blocked content. |
861 * Can be null (use the global preference). | 916 * Can be null (use the global preference). |
862 * @type {boolean} | 917 * @type {boolean} |
863 */ | 918 */ |
864 collapse: null | 919 collapse: null, |
920 | |
921 /** | |
922 * Content Security Policy to inject for matching requests. | |
923 * @type {string} | |
924 */ | |
925 csp: null | |
865 }); | 926 }); |
866 | 927 |
867 /** | 928 /** |
868 * Class for whitelist filters | 929 * Class for whitelist filters |
869 * @param {string} text see Filter() | 930 * @param {string} text see Filter() |
870 * @param {string} regexpSource see RegExpFilter() | 931 * @param {string} regexpSource see RegExpFilter() |
871 * @param {number} contentType see RegExpFilter() | 932 * @param {number} contentType see RegExpFilter() |
872 * @param {boolean} matchCase see RegExpFilter() | 933 * @param {boolean} matchCase see RegExpFilter() |
873 * @param {string} domains see RegExpFilter() | 934 * @param {string} domains see RegExpFilter() |
874 * @param {boolean} thirdParty see RegExpFilter() | 935 * @param {boolean} thirdParty see RegExpFilter() |
(...skipping 144 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1019 */ | 1080 */ |
1020 function ElemHideEmulationFilter(text, domains, selector) | 1081 function ElemHideEmulationFilter(text, domains, selector) |
1021 { | 1082 { |
1022 ElemHideBase.call(this, text, domains, selector); | 1083 ElemHideBase.call(this, text, domains, selector); |
1023 } | 1084 } |
1024 exports.ElemHideEmulationFilter = ElemHideEmulationFilter; | 1085 exports.ElemHideEmulationFilter = ElemHideEmulationFilter; |
1025 | 1086 |
1026 ElemHideEmulationFilter.prototype = extend(ElemHideBase, { | 1087 ElemHideEmulationFilter.prototype = extend(ElemHideBase, { |
1027 type: "elemhideemulation" | 1088 type: "elemhideemulation" |
1028 }); | 1089 }); |
OLD | NEW |