aboutsummaryrefslogtreecommitdiff
/**
 * This file is part of Haketilo.
 *
 * Function: Main background script.
 *
 * Copyright (C) 2021 Wojtek Kosior
 * Redistribution terms are gathered in the `copyright' file.
 */

/*
 * IMPORTS_START
 * IMPORT TYPE_PREFIX
 * IMPORT get_storage
 * IMPORT light_storage
 * IMPORT start_storage_server
 * IMPORT start_page_actions_server
 * IMPORT browser
 * IMPORT is_privileged_url
 * IMPORT query_best
 * IMPORT gen_nonce
 * IMPORT inject_csp_headers
 * IMPORT apply_stream_filter
 * IMPORT filter_cookie_headers
 * IMPORT is_chrome
 * IMPORTS_END
 */

start_storage_server();
start_page_actions_server();

async function init_ext(install_details)
{
    if (install_details.reason != "install")
	return;

    let storage = await get_storage();

    await storage.clear();

    /*
     * Below we add sample settings to the extension.
     */

    for (let setting of // The next line is replaced with the contents of /default_settings.json by the build script
        `DEFAULT SETTINGS`
    ) {
	let [key, value] = Object.entries(setting)[0];
	storage.set(key[0], key.substring(1), value);
    }
}

browser.runtime.onInstalled.addListener(init_ext);


let storage;
let policy_observable = {};

function on_headers_received(details)
{
    const url = details.url;
    if (is_privileged_url(details.url))
	return;

    const [pattern, settings] = query_best(storage, details.url);
    const has_payload = !!(settings && settings.components);
    const allow = !has_payload &&
	  !!(settings ? settings.allow : policy_observable.value);
    const nonce = gen_nonce();
    const policy = {allow, url, nonce, has_payload};

    let headers = details.responseHeaders;
    let skip = false;
    for (const header of headers) {
	if ((header.name.toLowerCase().trim() === "content-disposition" &&
	     /^\s*attachment\s*(;.*)$/i.test(header.value)))
	    skip = true;
    }

    headers = inject_csp_headers(headers, policy);

    skip = skip || (details.statusCode >= 300 && details.statusCode < 400);
    if (!skip) {
	/* Check for API availability. */
	if (browser.webRequest.filterResponseData)
	    headers = apply_stream_filter(details, headers, policy);
    }

    return {responseHeaders: headers};
}

function on_before_send_headers(details)
{
    let headers = details.requestHeaders;
    headers = filter_cookie_headers(headers);
    return {requestHeaders: headers};
}

const all_types = [
    "main_frame", "sub_frame", "stylesheet", "script", "image", "font",
    "object", "xmlhttprequest", "ping", "csp_report", "media", "websocket",
    "other", "main_frame", "sub_frame"
];

async function start_webRequest_operations()
{
    storage = await get_storage();

    const extra_opts = ["blocking"];
    if (is_chrome)
	extra_opts.push("extraHeaders");

    browser.webRequest.onHeadersReceived.addListener(
	on_headers_received,
	{urls: ["<all_urls>"], types: ["main_frame", "sub_frame"]},
	extra_opts.concat("responseHeaders")
    );

    browser.webRequest.onBeforeSendHeaders.addListener(
	on_before_send_headers,
	{urls: ["<all_urls>"], types: all_types},
	extra_opts.concat("requestHeaders")
    );

    policy_observable = await light_storage.observe_var("default_allow");
}

start_webRequest_operations();
generated by cgit