Issue 6544 - Prevent requests sent by Chrome or Adblock Plus from being blocked

lib/requestBlocker.js

 /*
  * This file is part of Adblock Plus <https://adblockplus.org/>,
  * Copyright (C) 2006-present eyeo GmbH
  *
  * Adblock Plus is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 3 as
  * published by the Free Software Foundation.
  *
  * Adblock Plus is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.
  *
  * You should have received a copy of the GNU General Public License
  * along with Adblock Plus.  If not, see <http://www.gnu.org/licenses/>.
  */
 
 /** @module requestBlocker */
 
 "use strict";
 
-const {Filter, RegExpFilter, BlockingFilter} = require("filterClasses");
-const {Subscription} = require("subscriptionClasses");
-const {defaultMatcher} = require("matcher");
-const {FilterNotifier} = require("filterNotifier");
-const {Prefs} = require("prefs");
-const {checkWhitelisted, getKey} = require("whitelisting");
-const {stringifyURL, extractHostFromFrame, isThirdParty} = require("url");
-const {port} = require("messaging");
-const devtools = require("devtools");
+const {Filter, RegExpFilter, BlockingFilter} =
+  require("../adblockpluscore/lib/filterClasses");
+const {Subscription} = require("../adblockpluscore/lib/subscriptionClasses");
+const {defaultMatcher} = require("../adblockpluscore/lib/matcher");
+const {FilterNotifier} = require("../adblockpluscore/lib/filterNotifier");
+const {Prefs} = require("./prefs");
+const {checkWhitelisted, getKey} = require("./whitelisting");
+const {stringifyURL, extractHostFromFrame, isThirdParty} = require("./url");
+const {port} = require("./messaging");
+const devtools = require("./devtools");
 
 const extensionProtocol = new URL(browser.extension.getURL("")).protocol;
 
 // Chrome can't distinguish between OBJECT_SUBREQUEST and OBJECT requests.
 if (!browser.webRequest.ResourceType ||
     !("OBJECT_SUBREQUEST" in browser.webRequest.ResourceType))
 {
   RegExpFilter.typeMap.OBJECT_SUBREQUEST = RegExpFilter.typeMap.OBJECT;
 }
 
@@ skipping 35 matching lines @@
 }());
 
 function getRelatedTabIds(details)
 {
   // This is the common case, the request is associated with a single tab.
   // If tabId is -1, its not (e.g. the request was sent by
   // a Service/Shared Worker) and we have to identify the related tabs.
   if (details.tabId != -1)
     return Promise.resolve([details.tabId]);
 
-  // Firefox >=48 provides "originUrl" indicating the URL of the tab
-  // that caused this request. In case of Service/Shared Worker,
-  // this is URL of the tab that caused the worker to be spawned.
-  if (details.originUrl)
-    return browser.tabs.query({url: details.originUrl}).then(
-      tabs => tabs.map(tab => tab.id)
-    );
-
-  // Chromium >=63 provides "intiator" which is equivalent to "originUrl" on
-  // Firefox except that its not a full URL but just an origin (proto + host).
-  // So we have to find each tab with an URL of the same origin.
-  if (details.initiator)
-    return browser.tabs.query({}).then(tabs =>
-    {
-      let tabIds = [];
-      for (let tab of tabs)
-      {
-        if (new URL(tab.url).origin == details.initiator)
-          tabIds.push(tab.id);
-      }
-      return tabIds;
-    });
-
-  return Promise.resolve([]);
+  let url;                    // Firefox provides "originUrl" indicating the
+  if (details.originUrl)      // URL of the tab that caused this request.
+    url = details.originUrl;  // In case of Service/Shared Worker, this is the
+                              // URL of the tab that caused the worker to spawn.
+
+  else if (details.initiator)        // Chromium >=63 provides "intiator" which
+    url = details.initiator + "/*";  // is equivalent to "originUrl" on Firefox
+                                     // except that its not a full URL but just
+                                     // an origin (proto + host).
+  else
+    return Promise.resolve([]);
+
+  return browser.tabs.query({url}).then(tabs => tabs.map(tab => tab.id));
 }
 
 function logRequest(details, url, type, docDomain, thirdParty,
                     sitekey, specificOnly, filter)
 {
   getRelatedTabIds(details).then(tabIds =>
   {
     if (filter)
       FilterNotifier.emit("filter.hitCount", filter, 0, 0, tabIds);
 
@@ skipping 20 matching lines @@
   if (url.protocol != "http:" && url.protocol != "https:" &&
       url.protocol != "ws:" && url.protocol != "wss:")
     return;
 
   // Firefox provides us with the full origin URL, while Chromium (>=63)
   // provides only the protocol + host of the (top-level) document which
   // the request originates from through the "initiator" property.
   let originUrl = details.originUrl ? new URL(details.originUrl) :
                   details.initiator ? new URL(details.initiator) : null;
 
-  // Firefox allows to intercept requests sent by all extensions or
-  // the browser, while Chromium only allows interecepting of requests
-  // sent by this extension. We don't want to block any of these.
-  if (originUrl && (originUrl.protocol == extensionProtocol ||
-                    originUrl.protocol == "chrome:"))
+  // Ignore requests sent by extensions or by the browser itself:
+  // * Firefox intercepts requests sent by any extensions, indicated with
+  //   an "originURL" starting with "moz-extension:".
+  // * Chromium intercepts requests sent by this extension only, indicated
+  //   on Chromium >=63 with an "initiator" starting with "chrome-extension:".
+  // * On Firefox, requests that don't relate to any document or extension are
+  //   indicated with an "originUrl" starting with "chrome:".
+  // * On Chromium >=63, requests that don't relate to any document or extension
+  //   have no "initiator". But since on older Chromium versions, no request
+  //   has an "initiator", we have to check for the tabId as well.
+  if (originUrl)
+  {
+    if (originUrl.protocol == extensionProtocol ||
+        originUrl.protocol == "chrome:")
+      return;
+  }
+  else if (details.tabId == -1)
     return;
 
   let page = null;
   let frame = null;
   if (details.tabId != -1)
   {
     page = new ext.Page({id: details.tabId});
     frame = ext.getFrame(
       details.tabId,
       // We are looking for the frame that contains the element which
@@ skipping 107 matching lines @@
 
 port.on("request.blockedByRTCWrapper", (msg, sender) =>
 {
   return ext.webRequest.onBeforeRequest._dispatch(
      new URL(msg.url),
      "webrtc",
      sender.page,
      sender.frame
   ).includes(false);
 });