lib/filterClasses.js - Issue 29680689: [$csp2 adblockpluscore] Issue 6329 - Add the CSP filter type

Unified Diff: lib/filterClasses.js

Issue 29680689: [$csp2 adblockpluscore] Issue 6329 - Add the CSP filter type (Closed)

Patch Set: Check for report-to and report-uri directives more carefully Created March 6, 2018, 3:34 p.m.

Use n/p to move between diff chunks; N/P to move between comments.

Jump to:

View side-by-side diff with in-line comments

Index: lib/filterClasses.js

diff --git a/lib/filterClasses.js b/lib/filterClasses.js

index 1498ad8db2da7975ef3dce4916ef843d29d51420..a2d41ae80737b9ca59d6d5dcd8e24d9b9e1ac8b5 100644

--- a/lib/filterClasses.js

+++ b/lib/filterClasses.js

@@ -97,7 +97,7 @@ Filter.regexpRegExp = /^(@@)?\/.*\/(?:\$~?[\w-]+(?:=[^,\s]+)?(?:,~?[\w-]+(?:=[^,

* Regular expression that options on a RegExp filter should match

* @type {RegExp}

-Filter.optionsRegExp = /\$(~?[\w-]+(?:=[^,\s]+)?(?:,~?[\w-]+(?:=[^,\s]+)?)*)$/;

+Filter.optionsRegExp = /\$(~?[\w-]+(?:=[^,]+)?(?:,~?[\w-]+(?:=[^,]+)?)*)$/;

/**

* Creates a filter of correct type from its text representation - does the

@@ -187,7 +187,7 @@ Filter.normalize = function(text)

let [, domain, separator, selector] = /^(.*?)(#@?#?)(.*)$/.exec(text);

return domain.replace(/\s/g, "") + separator + selector.trim();

}

- return text.replace(/\s/g, "");

+ return text.trim().replace(/\s+/g, " ");

};

/**

@@ -727,11 +727,12 @@ RegExpFilter.fromText = function(text)

let sitekeys = null;

let thirdParty = null;

let collapse = null;

+ let csp = null;

let options;

let match = (text.indexOf("$") >= 0 ? Filter.optionsRegExp.exec(text) : null);

if (match)

{

- options = match[1].toUpperCase().split(",");

+ options = match[1].split(",");

text = match.input.substr(0, match.index);

for (let option of options)

{

@@ -740,14 +741,31 @@ RegExpFilter.fromText = function(text)

if (separatorIndex >= 0)

{

value = option.substr(separatorIndex + 1);

- option = option.substr(0, separatorIndex);

+ option = option.substr(0, separatorIndex).toUpperCase();

+ if (option == "CSP")

Manish Jethani 2018/03/07 00:22:13 I've left a comment on the other patch, I think we

kzar 2018/03/12 13:35:58 Done.

+ value = value.trim();

+ else

+ value = value.replace(/\s/g, "");

}

+ else

+ option = option.toUpperCase();

option = option.replace(/-/, "_");

if (option in RegExpFilter.typeMap)

{

if (contentType == null)

contentType = 0;

contentType |= RegExpFilter.typeMap[option];

+ if (option == "CSP" && typeof value != "undefined")

+ {

+ if (csp === null)

Manish Jethani 2018/03/07 00:22:13 As far as I can tell the strict equality is unnece

kzar 2018/03/12 13:35:58 Done.

+ csp = [value];

+ else

+ csp.push(value);

+ }

}

else if (option[0] == "~" && option.substr(1) in RegExpFilter.typeMap)

{

@@ -760,7 +778,7 @@ RegExpFilter.fromText = function(text)

else if (option == "~MATCH_CASE")

matchCase = false;

else if (option == "DOMAIN" && typeof value != "undefined")

- domains = value;

+ domains = value.toUpperCase();

else if (option == "THIRD_PARTY")

thirdParty = true;

else if (option == "~THIRD_PARTY")

@@ -770,18 +788,30 @@ RegExpFilter.fromText = function(text)

else if (option == "~COLLAPSE")

collapse = false;

else if (option == "SITEKEY" && typeof value != "undefined")

- sitekeys = value;

+ sitekeys = value.toUpperCase();

else

return new InvalidFilter(origText, "filter_unknown_option");

}

+ text = text.replace(/\s/g, "");

try

{

if (blocking)

{

+ if (csp !== null)

+ {

+ csp = csp.join("; ").toLowerCase();

+ // Prevent filters from injecting report-uri or report-to directives

+ // since they are a privacy concern. Regexp based upon reBadCSP[1].

+ // [1] - https://github.com/gorhill/uBlock/blob/67e06f53b4d73df6179f6d320553a55da4ead40e/src/js/static-net-filtering.js#L1362

+ if (/(;|^)\s*report-(to|uri)\b/.test(csp))

+ return new InvalidFilter(origText, "filter_invalid_csp");

+ }

return new BlockingFilter(origText, text, contentType, matchCase, domains,

- thirdParty, sitekeys, collapse);

+ thirdParty, sitekeys, collapse, csp);

}

return new WhitelistFilter(origText, text, contentType, matchCase, domains,

thirdParty, sitekeys);

@@ -805,6 +835,7 @@ RegExpFilter.typeMap = {

DOCUMENT: 64,

WEBSOCKET: 128,

WEBRTC: 256,

+ CSP: 512,

XBL: 1,

PING: 1024,

XMLHTTPREQUEST: 2048,

@@ -821,9 +852,10 @@ RegExpFilter.typeMap = {

GENERICHIDE: 0x80000000

};

-// DOCUMENT, ELEMHIDE, POPUP, GENERICHIDE and GENERICBLOCK options shouldn't

-// be there by default

-RegExpFilter.prototype.contentType &= ~(RegExpFilter.typeMap.DOCUMENT |

+// CSP, DOCUMENT, ELEMHIDE, POPUP, GENERICHIDE and GENERICBLOCK options

+// shouldn't be there by default

+RegExpFilter.prototype.contentType &= ~(RegExpFilter.typeMap.CSP |

+ RegExpFilter.typeMap.DOCUMENT |

RegExpFilter.typeMap.ELEMHIDE |

RegExpFilter.typeMap.POPUP |

RegExpFilter.typeMap.GENERICHIDE |

@@ -840,16 +872,19 @@ RegExpFilter.prototype.contentType &= ~(RegExpFilter.typeMap.DOCUMENT |

* @param {string} sitekeys see RegExpFilter()

* @param {boolean} collapse

* defines whether the filter should collapse blocked content, can be null

+ * @param {string} [csp]

+ * Content Security Policy to inject when the filter matches

* @constructor

* @augments RegExpFilter

function BlockingFilter(text, regexpSource, contentType, matchCase, domains,

- thirdParty, sitekeys, collapse)

+ thirdParty, sitekeys, collapse, csp)

{

RegExpFilter.call(this, text, regexpSource, contentType, matchCase, domains,

thirdParty, sitekeys);

this.collapse = collapse;

+ this.csp = csp;

}

exports.BlockingFilter = BlockingFilter;

@@ -861,7 +896,13 @@ BlockingFilter.prototype = extend(RegExpFilter, {

* Can be null (use the global preference).

* @type {boolean}

- collapse: null

+ collapse: null,

+ /**

+ * Content Security Policy to inject for matching requests.

+ * @type {string}

+ */

+ csp: null

});

/**

« no previous file with comments | « no previous file | test/filterClasses.js » ('j') | no next file with comments »