Issue 1793 - check whether the frame is whitelisted before injecting CSS

src/plugin/PluginTabBase.cpp

 /*
  * This file is part of Adblock Plus <https://adblockplus.org/>,
  * Copyright (C) 2006-2015 Eyeo GmbH
  *
  * Adblock Plus is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 3 as
  * published by the Free Software Foundation.
  *
  * Adblock Plus is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.
  *
  * You should have received a copy of the GNU General Public License
  * along with Adblock Plus.  If not, see <http://www.gnu.org/licenses/>.
  */
 
 #include "PluginStdAfx.h"
-
-#include "PluginClient.h"
+#include "AdblockPlusClient.h"
+#include "PluginClientBase.h"
 #include "PluginSettings.h"
 #include "AdblockPlusDomTraverser.h"
-#include "PluginClass.h"
 #include "PluginTabBase.h"
-#include "PluginUtil.h"
-#include "../shared/IE_version.h"
-#include <dispex.h>
+#include "IeVersion.h"
+#include "../shared/Utils.h"
 #include <Mshtmhst.h>
 
 CPluginTabBase::CPluginTabBase(CPluginClass* plugin)
   : m_plugin(plugin)
   , m_isActivated(false)
   , m_continueThreadRunning(true)
 {
   m_filter = std::auto_ptr<CPluginFilter>(new CPluginFilter());
   m_filter->hideFiltersLoadedEvent = CreateEvent(NULL, true, false, NULL);
 
@@ skipping 66 matching lines @@
     filterLoaderThread.detach(); // TODO: but actually we should wait for the thread in the dtr.
   }
   catch (const std::system_error& ex)
   {
     DEBUG_SYSTEM_EXCEPTION(ex, PLUGIN_ERROR_THREAD, PLUGIN_ERROR_MAIN_THREAD_CREATE_PROCESS,
       "Class::Thread - Failed to start filter loader thread");
   }
   m_traverser->ClearCache();
 }
 
+namespace
+{
+  /**
+   * Determine if the HTML file is one of ours.
+   * The criterion is that it appear in the "html/templates" folder within our installation.
+   *
+   * Warning: This function may fail if the argument is not a "file://" URL.
+   * This is occasionally the case in circumstances yet to be characterized.
+   */
+  bool IsOurHtmlFile(const std::wstring& url)
+  {
+    // Declared static because the value is derived from an installation directory, which won't change during run-time.
+    static auto dir = FileUrl(HtmlFolderPath());
+
+    DEBUG_GENERAL([&]() -> std::wstring {
+      std::wstring log = L"InjectABP. Current URL: ";
+      log += url;
+      log += L", template directory URL: ";
+      log += dir;
+      return log;
+    }());
+
+    /*
+     * The length check here is defensive, in case the document URL is truncated for some reason.
+     */
+    if (url.length() < 5)
+    {
+      // We can't match ".html" at the end of the URL if it's too short.
+      return false;
+    }
+    auto urlCstr = url.c_str();
+    // Check the prefix to match our directory
+    // Check the suffix to be an HTML file
+    return (_wcsnicmp(urlCstr, dir.c_str(), dir.length()) == 0) &&
+      (_wcsnicmp(urlCstr + url.length() - 5, L".html", 5) == 0);
+  }
+}
+
 void CPluginTabBase::InjectABP(IWebBrowser2* browser)
 {
   CriticalSection::Lock lock(m_csInject);
   auto url = GetDocumentUrl();
-
-  std::wstring log = L"InjectABP. Current URL: ";
-  log += url;
-  log += L", settings URL: ";
-  log += UserSettingsFileUrl();
-  DEBUG_GENERAL(log);
-
-  CString urlLegacy = ToCString(url);
-  if (!(0 == urlLegacy.CompareNoCase(CString(UserSettingsFileUrl().c_str())) ||
-      0 == urlLegacy.CompareNoCase(CString(FirstRunPageFileUrl().c_str()))))
-  {
-    DEBUG_GENERAL(L"Not injecting");
+  if (!IsOurHtmlFile(url))
+  {
+    DEBUG_GENERAL(L"InjectABP. Not injecting");
     return;
   }
-  DEBUG_GENERAL(L"Going to inject");
+  DEBUG_GENERAL(L"InjectABP. Injecting");
   CComPtr<IDispatch> pDocDispatch;
   browser->get_Document(&pDocDispatch);
   CComQIPtr<IHTMLDocument2> pDoc2 = pDocDispatch;
   if (!pDoc2)
   {
     DEBUG_ERROR_LOG(0, PLUGIN_ERROR_CREATE_SETTINGS_JAVASCRIPT, PLUGIN_ERROR_CREATE_SETTINGS_JAVASCRIPT_INVOKE, "CPluginTabBase::InjectABP - Failed to QI document");
     return;
   }
   CComPtr<IHTMLWindow2> pWnd2;
   pDoc2->get_parentWindow(&pWnd2);
@@ skipping 37 matching lines @@
 namespace
 {
   ATL::CComPtr<IWebBrowser2> GetParent(IWebBrowser2& browser)
   {
     ATL::CComPtr<IDispatch> parentDispatch;
     if (FAILED(browser.get_Parent(&parentDispatch)) || !parentDispatch)
     {
       return nullptr;
     }
     // The InternetExplorer application always returns a pointer to itself.
+    // https://msdn.microsoft.com/en-us/library/aa752136(v=vs.85).aspx
     if (parentDispatch.IsEqualObject(&browser))
     {
       return nullptr;
     }
     ATL::CComQIPtr<IServiceProvider> parentDocumentServiceProvider = parentDispatch;
     if (!parentDocumentServiceProvider)
     {
       return nullptr;
     }
-    ATL::CComPtr<IWebBrowserApp> webBrowserApp;
-    if (FAILED(parentDocumentServiceProvider->QueryService(IID_IWebBrowserApp, &webBrowserApp)) || !webBrowserApp)
+    ATL::CComPtr<IWebBrowser2> parentBrowser;
+    if (FAILED(parentDocumentServiceProvider->QueryService(SID_SWebBrowserApp, &parentBrowser)))
     {
       return nullptr;
     }
-    return ATL::CComQIPtr<IWebBrowser2>(webBrowserApp);
+    return parentBrowser;
   }
 
   bool IsFrameWhiteListed(ATL::CComPtr<IWebBrowser2> frame)
   {
     if (!frame)
     {
       return false;
     }
     auto url = GetLocationUrl(*frame);
     std::vector<std::string> frameHierarchy;
@@ skipping 189 matching lines @@
           LogQueue::LogPluginError(pluginError.GetErrorCode(), pluginError.GetErrorId(), pluginError.GetErrorSubid(), pluginError.GetErrorDescription(), true, pluginError.GetProcessId(), pluginError.GetThreadId());
         }
 
         // Non-hanging sleep
         Sleep(50);
       }
 
       tabLoopIteration++;
   }
 }