Issue 1530 - Improve detecting of subrequest issued by flash addon

src/plugin/PluginWbPassThrough.cpp

 #include "PluginStdAfx.h"
 
 #include "PluginWbPassThrough.h"
 #include "PluginClient.h"
 #include "PluginClientFactory.h"
 #include "PluginFilter.h"
 #include "PluginSettings.h"
 #include "PluginClass.h"
 #include "PluginSystem.h"
 #include <WinInet.h>
 #include "wtypes.h"
 #include "../shared/Utils.h"
 
 namespace
 {
-  const std::string g_blockedByABPPage = "<!DOCTYPE html>"

[Oleksandr, 2014/11/13 04:44:42]

Unrelated change

[sergei, 2014/11/13 08:49:32]

removed from here

+  std::string g_blockedByABPPage = "<!DOCTYPE html>"
     "<html>"
         "<body>"
           "<!-- blocked by AdblockPlus -->"
         "</body>"
     "</html>";
 
   template <class T>
-  std::pair<T, bool> ExtractHttpHeader(const T& allHeaders, const T& targetHeaderNameWithColon, const T& delimiter)

[Oleksandr, 2014/11/13 04:44:42]

Unrelated change. Also, I think was good enough as it was. What was wrong with
just a check if the returned value is empty? From the looks of it, only Accept
header can be empty, and even when it is we don't really care (you rightfully
didn't change the Accept header handling to be like X-Requested-With).

[sergei, 2014/11/13 08:49:32]

Right, it's not necessary. Reverted.

-  {
-    std::pair<T, bool> notFoundHeader;
+  T ExtractHttpHeader(const T& allHeaders, const T& targetHeaderNameWithColon, const T& delimiter)
+  {
     auto targetHeaderBeginsAt = allHeaders.find(targetHeaderNameWithColon);
     if (targetHeaderBeginsAt == T::npos)
     {
-      return notFoundHeader;
+      return T();
     }
     targetHeaderBeginsAt += targetHeaderNameWithColon.length();
     auto targetHeaderEndsAt = allHeaders.find(delimiter, targetHeaderBeginsAt);
     if (targetHeaderEndsAt == T::npos)
     {
-      return notFoundHeader;
-    }
-    return std::make_pair(allHeaders.substr(targetHeaderBeginsAt, targetHeaderEndsAt - targetHeaderBeginsAt), true);
+      return T();
+    }
+    return allHeaders.substr(targetHeaderBeginsAt, targetHeaderEndsAt - targetHeaderBeginsAt);
   }
 
   std::string ExtractHttpAcceptHeader(IInternetProtocol* internetProtocol)
   {
     // Despite there being HTTP_QUERY_ACCEPT and other query info flags, they don't work here,
     // only HTTP_QUERY_RAW_HEADERS_CRLF | HTTP_QUERY_FLAG_REQUEST_HEADERS does work.
     ATL::CComPtr<IWinInetHttpInfo> winInetHttpInfo;
     HRESULT hr = internetProtocol->QueryInterface(&winInetHttpInfo);
     if (FAILED(hr))
     {
       return "";
     }
     DWORD size = 0;
     DWORD flags = 0;
     DWORD queryOption = HTTP_QUERY_RAW_HEADERS_CRLF | HTTP_QUERY_FLAG_REQUEST_HEADERS;
     hr = winInetHttpInfo->QueryInfo(queryOption, /*buffer*/ nullptr, /*get size*/ &size, &flags, /*reserved*/ 0);
     if (FAILED(hr))
     {
       return "";
     }
     std::string buf(size, '\0');
     hr = winInetHttpInfo->QueryInfo(queryOption, &buf[0], &size, &flags, 0);
     if (FAILED(hr))
     {
       return "";
     }
-    auto acceptHeader = ExtractHttpHeader<std::string>(buf, "Accept:", "\r\n");
-    return acceptHeader.first;
-  }
-
-  bool IsXmlHttpRequest(const std::wstring& additionalHeaders)
-  {
-    auto requestedWithHeader = ExtractHttpHeader<std::wstring>(additionalHeaders, L"X-Requested-With: ", L"\n");

[Oleksandr, 2014/11/13 04:44:42]

X-Requested-With is only part of the story, I think. How about also detecting
CORS requests. By detecting "Origin" header, for example. Also, this deserves to
be separated into it's own issue, IMHO.

-    return requestedWithHeader.second && TrimString(requestedWithHeader.first) == L"XMLHttpRequest";
+    return ExtractHttpHeader<std::string>(buf, "Accept:", "\r\n");
   }
 }
 
 WBPassthruSink::WBPassthruSink()
   : m_currentPositionOfSentPage(0)
   , m_contentType(CFilter::EContentType::contentTypeAny)
   , m_blockedInTransaction(false)
 {
 }
 
@@ skipping 165 matching lines @@
 
 // This is the heuristic which detects the requests issued by Flash.ocx.
 // It turned out that the implementation from ''Flash.ocx'' (tested version is 15.0.0.152)
 // returns quite minimal configuration in comparison with the implementation from Microsofts'
 // libraries (see grfBINDF and bindInfo.dwOptions). The impl from MS often includes something
 // else.
 bool WBPassthruSink::IsFlashRequest(const wchar_t* const* additionalHeaders)
 {
   if (additionalHeaders && *additionalHeaders)
   {
-    auto flashVersionHeader = ExtractHttpHeader<std::wstring>(*additionalHeaders, L"x-flash-version: ", L"\n");
-    if (flashVersionHeader.second)
+    auto flashVersionHeader = ExtractHttpHeader<std::wstring>(*additionalHeaders, L"x-flash-version:", L"\n");
+    if (!TrimString(flashVersionHeader).empty())
     {
       return true;
     }
   }
   ATL::CComPtr<IBindStatusCallback> bscb;
   if (SUCCEEDED(QueryServiceFromClient(&bscb)) && !!bscb)
   {
     DWORD grfBINDF = 0;
     BINDINFO bindInfo = {};
     bindInfo.cbSize = sizeof(bindInfo);
     if (SUCCEEDED(bscb->GetBindInfo(&grfBINDF, &bindInfo)) &&
       (BINDF_ASYNCHRONOUS | BINDF_ASYNCSTORAGE| BINDF_PULLDATA) == grfBINDF &&
       (BINDINFO_OPTIONS_ENABLE_UTF8 | BINDINFO_OPTIONS_USE_IE_ENCODING) == bindInfo.dwOptions
       )
     {
       return true;
     }
   }
   return false;
 }
 
 STDMETHODIMP WBPassthruSink::BeginningTransaction(LPCWSTR szURL, LPCWSTR szHeaders, DWORD dwReserved, LPWSTR* pszAdditionalHeaders)
 {
-  if (!szURL || !szHeaders)
-  {
-    return E_POINTER;
-  }

[Oleksandr, 2014/11/13 04:44:42]

Unrelated change.

[sergei, 2014/11/13 08:49:32]

Removed from here.

   std::wstring src = szURL;
   DEBUG_GENERAL(ToCString(src));
 
   std::string acceptHeader = ExtractHttpAcceptHeader(m_spTargetProtocol);
   m_contentType = GetContentTypeFromMimeType(ATL::CString(acceptHeader.c_str()));
 
   if (pszAdditionalHeaders)
   {
     *pszAdditionalHeaders = nullptr;
   }
 
   CComPtr<IHttpNegotiate> httpNegotiate;
   QueryServiceFromClient(&httpNegotiate);
   // This fills the pszAdditionalHeaders with more headers. One of which is the Referer header, which we need.
   // There doesn't seem to be any other way to get this header before the request has been made.
   HRESULT nativeHr = httpNegotiate ? httpNegotiate->BeginningTransaction(szURL, szHeaders, dwReserved, pszAdditionalHeaders) : S_OK;
 
   if (pszAdditionalHeaders && *pszAdditionalHeaders)
   {
-    m_boundDomain = ExtractHttpHeader<std::wstring>(*pszAdditionalHeaders, L"Referer:", L"\n").first;
+    m_boundDomain = ExtractHttpHeader<std::wstring>(*pszAdditionalHeaders, L"Referer:", L"\n");
   }
   m_boundDomain = TrimString(m_boundDomain);
   CPluginTab* tab = CPluginClass::GetTab(::GetCurrentThreadId());
   CPluginClient* client = CPluginClient::GetInstance();
 
   if (tab && client)
   {
     CString documentUrl = tab->GetDocumentUrl();
     // Page is identical to document => don't block
     if (documentUrl == ToCString(src))
     {
       return nativeHr;
     }
     else if (CPluginSettings::GetInstance()->IsPluginEnabled() && !client->IsWhitelistedUrl(std::wstring(documentUrl)))
     {
       if (tab->IsFrameCached(ToCString(src)))
       {
         m_contentType = CFilter::contentTypeSubdocument;
       }
     }
   }
 
   if (IsFlashRequest(pszAdditionalHeaders))
   {
-    m_contentType = CFilter::EContentType::contentTypeObjectSubrequest;
-  }
-
-  if (pszAdditionalHeaders && IsXmlHttpRequest(*pszAdditionalHeaders))
-  {
-    m_contentType = CFilter::EContentType::contentTypeXmlHttpRequest;
+    m_contentType = CFilter::EContentType::contentTypeObjectSubrequest; 
   }
 
   m_blockedInTransaction = client->ShouldBlock(szURL, m_contentType, m_boundDomain, /*debug flag but must be set*/true);
   if (m_blockedInTransaction)
   {
     return E_ABORT;
   }
   return nativeHr;
 }
 
@@ skipping 53 matching lines @@
 
 STDMETHODIMP WBPassthru::LockRequest(/* [in] */ DWORD options)
 {
   return BaseClass::LockRequest(options);
 }
 
 STDMETHODIMP WBPassthru::UnlockRequest()
 {
   return BaseClass::UnlockRequest();
 }