make Haketilo buildable again (for Mozilla)

How cool it is to throw away 5755 lines of code...

7 files changed, 5 insertions, 742 deletions

diff --git a/content/activity_info_server.js b/content/activity_info_server.js
deleted file mode 100644
index 6c0badc..0000000
--- a/content/activity_info_server.js
+++ /dev/null
@@ -1,128 +0,0 @@
-/**
- * This file is part of Haketilo.
- *
- * Function: Informing the popup about what happens in the content script
- *     (script injection, script blocking, etc.).
- *
- * Copyright (C) 2021 Wojtek Kosior
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * As additional permission under GNU GPL version 3 section 7, you
- * may distribute forms of that code without the copy of the GNU
- * GPL normally required by section 4, provided you include this
- * license notice and, in case of non-source distribution, a URL
- * through which recipients can access the Corresponding Source.
- * If you modify file(s) with this exception, you may extend this
- * exception to your version of the file(s), but you are not
- * obligated to do so. If you do not wish to do so, delete this
- * exception statement from your version.
- *
- * As a special exception to the GPL, any HTML file which merely
- * makes function calls to this code, and for that purpose
- * includes it by reference shall be deemed a separate work for
- * copyright law purposes. If you modify this code, you may extend
- * this exception to your version of the code, but you are not
- * obligated to do so. If you do not wish to do so, delete this
- * exception statement from your version.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <https://www.gnu.org/licenses/>.
- *
- * I, Wojtek Kosior, thereby promise not to sue for violation of this file's
- * license. Although I request that you do not make use of this code in a
- * proprietary program, I am not going to enforce this in court.
- */
-
-#IMPORT common/connection_types.js   AS CONNECTION_TYPE
-#IMPORT content/repo_query.js
-
-#FROM common/message_server.js IMPORT listen_for_connection
-
-var activities = [];
-var ports = new Set();
-
-function report_activity_oneshot(name, data, port)
-{
-    port.postMessage([name, data]);
-}
-
-function report_activity(name, data)
-{
-    const activity = [name, data];
-    activities.push(activity);
-
-    for (const port of ports)
-	port.postMessage(activity);
-}
-
-function report_script(script_data)
-{
-    report_activity("script", script_data);
-}
-#EXPORT report_script
-
-function report_settings(settings)
-{
-    const settings_clone = {};
-    Object.assign(settings_clone, settings)
-    report_activity("settings", settings_clone);
-}
-#EXPORT report_settings
-
-function report_document_type(is_html)
-{
-    report_activity("is_html", is_html);
-}
-#EXPORT report_document_type
-
-function report_repo_query_action(update, port)
-{
-    report_activity_oneshot("repo_query_action", update, port);
-}
-
-function trigger_repo_query(query_specifier)
-{
-    repo_query.query(...query_specifier);
-}
-
-function handle_disconnect(port, report_action)
-{
-    ports.delete(port)
-    repo_query.unsubscribe_results(report_action);
-}
-
-function new_connection(port)
-{
-    console.log("new activity info connection!");
-
-    ports.add(port);
-
-    for (const activity of activities)
-	port.postMessage(activity);
-
-    const report_action = u => report_repo_query_action(u, port);
-    repo_query.subscribe_results(report_action);
-
-    /*
-     * So far the only thing we expect to receive is repo query order. Once more
-     * possibilities arrive, we will need to complicate this listener.
-     */
-    port.onMessage.addListener(trigger_repo_query);
-
-    port.onDisconnect.addListener(() => handle_disconnect(port, report_action));
-}
-
-function start()
-{
-    listen_for_connection(CONNECTION_TYPE.ACTIVITY_INFO, new_connection);
-}
-#EXPORT start
diff --git a/content/content.js b/content/content.js
index feef5db..c501187 100644
--- a/content/content.js
+++ b/content/content.js
@@ -74,7 +74,7 @@ globalThis.haketilo_content_script_main = async function() {
 
     const policy = decide_policy(globalThis.haketilo_pattern_tree,
 				 document.URL,
-				 globalThis.haketilo_defualt_allow,
+				 globalThis.haketilo_default_allow,
 				 globalThis.haketilo_secret);
     const page_info = Object.assign({url: document.URL}, policy);
     ["csp", "nonce"].forEach(prop => delete page_info[prop]);
@@ -93,7 +93,7 @@ globalThis.haketilo_content_script_main = async function() {
 	    resolve_page_info(Object.assign(page_info, script_response));
 	    return;
 	} else {
-	    for (const script_contents of script_response) {
+	    for (const script_contents of script_response.files) {
 		const html_ns = "http://www.w3.org/1999/xhtml";
 		const script = document.createElementNS(html_ns, "script");
 
diff --git a/content/main.js b/content/main.js
deleted file mode 100644
index 8b24323..0000000
--- a/content/main.js
+++ /dev/null
@@ -1,357 +0,0 @@
-/**
- * This file is part of Haketilo.
- *
- * Function: Main content script that runs in all frames.
- *
- * Copyright (C) 2021 Wojtek Kosior
- * Copyright (C) 2021 jahoti
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * As additional permission under GNU GPL version 3 section 7, you
- * may distribute forms of that code without the copy of the GNU
- * GPL normally required by section 4, provided you include this
- * license notice and, in case of non-source distribution, a URL
- * through which recipients can access the Corresponding Source.
- * If you modify file(s) with this exception, you may extend this
- * exception to your version of the file(s), but you are not
- * obligated to do so. If you do not wish to do so, delete this
- * exception statement from your version.
- *
- * As a special exception to the GPL, any HTML file which merely
- * makes function calls to this code, and for that purpose
- * includes it by reference shall be deemed a separate work for
- * copyright law purposes. If you modify this code, you may extend
- * this exception to your version of the code, but you are not
- * obligated to do so. If you do not wish to do so, delete this
- * exception statement from your version.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <https://www.gnu.org/licenses/>.
- *
- * I, Wojtek Kosior, thereby promise not to sue for violation of this file's
- * license. Although I request that you do not make use of this code in a
- * proprietary program, I am not going to enforce this in court.
- */
-
-#IMPORT content/activity_info_server.js
-
-#FROM content/page_actions.js IMPORT handle_page_actions
-#FROM common/misc.js          IMPORT gen_nonce, is_privileged_url, \
-                                     csp_header_regex
-#FROM common/browser.js       IMPORT browser
-
-/* CSP rule that blocks scripts according to policy's needs. */
-function make_csp_rule(policy)
-{
-    let rule = "prefetch-src 'none'; script-src-attr 'none';";
-    const script_src = policy.nonce !== undefined ?
-         `'nonce-${policy.nonce}'` : "'none'";
-    rule += ` script-src ${script_src}; script-src-elem ${script_src};`;
-    return rule;
-}
-
-document.content_loaded = document.readyState === "complete";
-const wait_loaded = e => e.content_loaded ? Promise.resolve() :
-      new Promise(c => e.addEventListener("DOMContentLoaded", c, {once: true}));
-
-wait_loaded(document).then(() => document.content_loaded = true);
-
-/*
- * In the case of HTML documents:
- * 1. When injecting some payload we need to sanitize <meta> CSP tags before
- *    they reach the document.
- * 2. Only <meta> tags inside <head> are considered valid by the browser and
- *    need to be considered.
- * 3. We want to detach <html> from document, wait until its <head> completes
- *    loading, sanitize it and re-attach <html>.
- * 4. We shall wait for anything to appear in or after <body> and take that as
- *    a sign <head> has finished loading.
- * 5. Otherwise, getting the `DOMContentLoaded' event on the document shall also
- *    be a sign that <head> is fully loaded.
- */
-
-function make_body_start_observer(DOM_element, waiting)
-{
-    const observer = new MutationObserver(() => try_body_started(waiting));
-    observer.observe(DOM_element, {childList: true});
-    return observer;
-}
-
-function try_body_started(waiting)
-{
-    const body = waiting.detached_html.querySelector("body");
-
-    if ((body && (body.firstChild || body.nextSibling)) ||
-	waiting.doc.documentElement.nextSibling) {
-	finish_waiting(waiting);
-	return true;
-    }
-
-    if (body && waiting.observers.length < 2)
-	waiting.observers.push(make_body_start_observer(body, waiting));
-}
-
-function finish_waiting(waiting)
-{
-    if (waiting.finished)
-	return;
-    waiting.finished = true;
-    waiting.observers.forEach(observer => observer.disconnect());
-    setTimeout(waiting.callback, 0);
-}
-
-function _wait_for_head(doc, detached_html, callback)
-{
-    const waiting = {doc, detached_html, callback, observers: []};
-
-    if (try_body_started(waiting))
-	return;
-
-    waiting.observers = [make_body_start_observer(detached_html, waiting)];
-
-    wait_loaded(doc).then(() => finish_waiting(waiting));
-}
-
-function wait_for_head(doc, detached_html)
-{
-    return new Promise(cb => _wait_for_head(doc, detached_html, cb));
-}
-
-const blocked_str = "blocked";
-
-function block_attribute(node, attr, ns=null)
-{
-    const [hasa, geta, seta, rema] = ["has", "get", "set", "remove"]
-	  .map(m => (n, ...args) => typeof ns === "string" ?
-	       n[`${m}AttributeNS`](ns, ...args) : n[`${m}Attribute`](...args));
-    /*
-     * Disabling attributes by prepending `-blocked' allows them to still be
-     * relatively easily accessed in case they contain some useful data.
-     */
-    const construct_name = [attr];
-    while (hasa(node, construct_name.join("")))
-	construct_name.unshift(blocked_str);
-
-    while (construct_name.length > 1) {
-	construct_name.shift();
-	const name = construct_name.join("");
-	seta(node, `${blocked_str}-${name}`, geta(node, name));
-    }
-
-    rema(node, attr);
-}
-
-/*
- * Used to disable `<script>'s and `<meta>'s that have not yet been added to
- * live DOM (doesn't work for those already added).
- */
-function sanitize_meta(meta)
-{
-    if (csp_header_regex.test(meta.httpEquiv) && meta.content)
-	block_attribute(meta, "content");
-}
-
-function sanitize_script(script)
-{
-    script.haketilo_blocked_type = script.getAttribute("type");
-    script.type = "text/plain";
-}
-
-/*
- * Executed after `<script>' has been connected to the DOM, when it is no longer
- * eligible for being executed by the browser.
- */
-function desanitize_script(script)
-{
-    script.setAttribute("type", script.haketilo_blocked_type);
-
-    if ([null, undefined].includes(script.haketilo_blocked_type))
-	script.removeAttribute("type");
-
-    delete script.haketilo_blocked_type;
-}
-
-const bad_url_reg = /^data:([^,;]*ml|unknown-content-type)/i;
-function sanitize_urls(element)
-{
-    for (const attr of [...element.attributes || []]
-	       .filter(attr => /^(href|src|data)$/i.test(attr.localName))
-	       .filter(attr => bad_url_reg.test(attr.value)))
-	block_attribute(element, attr.localName, attr.namespaceURI);
-}
-
-function start_data_urls_sanitizing(doc)
-{
-    doc.querySelectorAll("*[href], *[src], *[data]").forEach(sanitize_urls);
-    if (!doc.content_loaded) {
-	const mutation_handler = m => m.addedNodes.forEach(sanitize_urls);
-	const mo = new MutationObserver(ms => ms.forEach(mutation_handler));
-	mo.observe(doc, {childList: true, subtree: true});
-	wait_loaded(doc).then(() => mo.disconnect());
-    }
-}
-
-/*
- * Normally, we block scripts with CSP. However, Mozilla does optimizations that
- * cause part of the DOM to be loaded when our content scripts get to run. Thus,
- * before the CSP rules we inject (for non-HTTP pages) become effective, we need
- * to somehow block the execution of `<script>'s and intrinsics that were
- * already there. Additionally, some browsers (IceCat 60) seem to have problems
- * applying this CSP to non-inline `<scripts>' in certain scenarios.
- */
-function prevent_script_execution(event)
-{
-    if (!event.target.haketilo_payload)
-	event.preventDefault();
-}
-
-function mozilla_initial_block(doc)
-{
-    doc.addEventListener("beforescriptexecute", prevent_script_execution);
-
-    for (const elem of doc.querySelectorAll("*")) {
-	[...elem.attributes].map(attr => attr.localName)
-	    .filter(attr => /^on/.test(attr) && elem.wrappedJSObject[attr])
-	    .forEach(attr => elem.wrappedJSObject[attr] = null);
-    }
-}
-
-/*
- * Here we block all scripts of a document which might be either and
- * HTMLDocument or an XMLDocument. Modifying an XML document might disrupt
- * Mozilla's XML preview. This is an unfortunate thing we have to accept for
- * now. XML documents *have to* be sanitized as well because they might
- * contain `<script>' tags (or on* attributes) with namespace declared as
- * "http://www.w3.org/1999/xhtml" or "http://www.w3.org/2000/svg" which allows
- * javascript execution.
- */
-async function sanitize_document(doc, policy)
-{
-#IF MOZILLA
-    /*
-     * Blocking of scripts that are in the DOM from the beginning. Needed for
-     * Mozilla.
-     */
-    mozilla_initial_block(doc);
-#ENDIF
-
-    /*
-     * Ensure our CSP rules are employed from the beginning. This CSP injection
-     * method is, when possible, going to be applied together with CSP rules
-     * injected using webRequest.
-     * Using elements namespaced as HTML makes this CSP injection also work for
-     * non-HTML documents.
-     */
-    const html = new DOMParser().parseFromString(`<html><head><meta \
-http-equiv="Content-Security-Policy" content="${make_csp_rule(policy)}"\
-/></head><body>Loading...</body></html>`, "text/html").documentElement;
-
-    /*
-     * Root node gets hijacked now, to be re-attached after <head> is loaded
-     * and sanitized.
-     */
-    const root = doc.documentElement;
-    root.replaceWith(html);
-
-    /*
-     * When we don't inject payload, we neither block document's CSP `<meta>'
-     * tags nor wait for `<head>' to be parsed.
-     */
-    if (policy.has_payload) {
-	await wait_for_head(doc, root);
-
-	root.querySelectorAll("head meta")
-	    .forEach(m => sanitize_meta(m, policy));
-    }
-
-    root.querySelectorAll("script").forEach(s => sanitize_script(s, policy));
-    html.replaceWith(root);
-    root.querySelectorAll("script").forEach(s => desanitize_script(s, policy));
-
-    start_data_urls_sanitizing(doc);
-}
-
-async function _disable_service_workers()
-{
-    if (!navigator.serviceWorker)
-	return;
-
-    const registrations = await navigator.serviceWorker.getRegistrations();
-    if (registrations.length === 0)
-	return;
-
-    console.warn("Service Workers detected on this page! Unregistering and reloading.");
-
-    try {
-	await Promise.all(registrations.map(r => r.unregister()));
-    } finally {
-	location.reload();
-    }
-
-    /* Never actually return! */
-    return new Promise(() => 0);
-}
-
-/*
- * Trying to use servce workers APIs might result in exceptions, for example
- * when in a non-HTML document. Because of this, we wrap the function that does
- * the actual work in a try {} block.
- */
-async function disable_service_workers()
-{
-    try {
-	await _disable_service_workers()
-    } catch (e) {
-	console.debug("Exception thrown during an attempt to detect and disable service workers.", e);
-    }
-}
-
-function synchronously_get_policy(url)
-{
-    const encoded_url = encodeURIComponent(url);
-    const request_url = `${browser.runtime.getURL("dummy")}?url=${encoded_url}`;
-
-    try {
-	var xhttp = new XMLHttpRequest();
-	xhttp.open("GET", request_url, false);
-	xhttp.send();
-    } catch(e) {
-	console.error("Failure to synchronously fetch policy for url.", e);
-	return {allow: false};
-    }
-
-    const policy = /^[^?]*\?settings=(.*)$/.exec(xhttp.responseURL)[1];
-    return JSON.parse(decodeURIComponent(policy));
-}
-
-if (!is_privileged_url(document.URL)) {
-    const policy = synchronously_get_policy(document.URL);
-
-    if (!(document instanceof HTMLDocument))
-	delete policy.payload;
-
-    console.debug("current policy", policy);
-
-    activity_info_server.report_settings(policy);
-
-    policy.nonce = gen_nonce();
-
-    const doc_ready = Promise.all([
-	policy.allow ? Promise.resolve() : sanitize_document(document, policy),
-	policy.allow ? Promise.resolve() : disable_service_workers(),
-	wait_loaded(document)
-    ]);
-
-    handle_page_actions(policy, doc_ready);
-
-    activity_info_server.start();
-}
diff --git a/content/page_actions.js b/content/page_actions.js
deleted file mode 100644
index b1ecd42..0000000
--- a/content/page_actions.js
+++ /dev/null
@@ -1,113 +0,0 @@
-/**
- * This file is part of Haketilo.
- *
- * Function: Handle page actions in a content script.
- *
- * Copyright (C) 2021 Wojtek Kosior
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * As additional permission under GNU GPL version 3 section 7, you
- * may distribute forms of that code without the copy of the GNU
- * GPL normally required by section 4, provided you include this
- * license notice and, in case of non-source distribution, a URL
- * through which recipients can access the Corresponding Source.
- * If you modify file(s) with this exception, you may extend this
- * exception to your version of the file(s), but you are not
- * obligated to do so. If you do not wish to do so, delete this
- * exception statement from your version.
- *
- * As a special exception to the GPL, any HTML file which merely
- * makes function calls to this code, and for that purpose
- * includes it by reference shall be deemed a separate work for
- * copyright law purposes. If you modify this code, you may extend
- * this exception to your version of the code, but you are not
- * obligated to do so. If you do not wish to do so, delete this
- * exception statement from your version.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <https://www.gnu.org/licenses/>.
- *
- * I, Wojtek Kosior, thereby promise not to sue for violation of this file's
- * license. Although I request that you do not make use of this code in a
- * proprietary program, I am not going to enforce this in court.
- */
-
-#IMPORT common/connection_types.js AS CONNECTION_TYPE
-
-#FROM common/browser.js               IMPORT browser
-#FROM content/activity_info_server.js IMPORT report_script, report_document_type
-
-let policy;
-/* Snapshot url and content type early; these can be changed by other code. */
-let url;
-let is_html;
-let port;
-let loaded = false;
-let scripts_awaiting = [];
-
-function handle_message(message)
-{
-    const [action, data] = message;
-
-    if (action === "inject") {
-	for (let script_text of data) {
-	    if (loaded)
-		add_script(script_text);
-	    else
-		scripts_awaiting.push(script_text);
-	}
-    }
-    else {
-	console.error(`Bad page action '${action}'.`);
-    }
-}
-
-function document_ready(event)
-{
-    loaded = true;
-
-    for (let script_text of scripts_awaiting)
-	add_script(script_text);
-
-    scripts_awaiting = undefined;
-}
-
-function add_script(script_text)
-{
-    if (!is_html)
-	return;
-
-    let script = document.createElement("script");
-    script.textContent = script_text;
-    script.setAttribute("nonce", policy.nonce);
-    script.haketilo_payload = true;
-    document.body.appendChild(script);
-
-    report_script(script_text);
-}
-
-function handle_page_actions(_policy, doc_ready_promise) {
-    policy = _policy;
-
-    url = document.URL;
-    is_html = document instanceof HTMLDocument;
-    report_document_type(is_html);
-
-    doc_ready_promise.then(document_ready);
-
-    if (policy.payload) {
-	port = browser.runtime.connect({name : CONNECTION_TYPE.PAGE_ACTIONS});
-	port.onMessage.addListener(handle_message);
-	port.postMessage({payload: policy.payload});
-    }
-}
-#EXPORT handle_page_actions
diff --git a/content/policy_enforcing.js b/content/policy_enforcing.js
index 8e26afb..320b6d0 100644
--- a/content/policy_enforcing.js
+++ b/content/policy_enforcing.js
@@ -43,7 +43,7 @@
  * proprietary program, I am not going to enforce this in court.
  */
 
-#FROM common/misc.js IMPORT gen_nonce
+#FROM common/misc.js IMPORT gen_nonce, csp_header_regex
 
 document.content_loaded = document.readyState === "complete";
 const wait_loaded = e => e.content_loaded ? Promise.resolve() :
@@ -237,7 +237,7 @@ function prevent_script_execution(event) {
 #ENDIF
 
 /*
- * Here we block all scripts of a document which might be either and
+ * Here we block all scripts of a document which might be either an
  * HTMLDocument or an XMLDocument. Modifying an XML document might disrupt
  * Mozilla's XML preview. This is an unfortunate thing we have to accept for
  * now. XML documents *have to* be sanitized as well because they might
diff --git a/content/repo_query.js b/content/repo_query.js
deleted file mode 100644
index 5f1adda..0000000
--- a/content/repo_query.js
+++ /dev/null
@@ -1,140 +0,0 @@
-/**
- * This file is part of Haketilo.
- *
- * Function: Getting available content for site from remote repositories.
- *
- * Copyright (C) 2021 Wojtek Kosior
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * As additional permission under GNU GPL version 3 section 7, you
- * may distribute forms of that code without the copy of the GNU
- * GPL normally required by section 4, provided you include this
- * license notice and, in case of non-source distribution, a URL
- * through which recipients can access the Corresponding Source.
- * If you modify file(s) with this exception, you may extend this
- * exception to your version of the file(s), but you are not
- * obligated to do so. If you do not wish to do so, delete this
- * exception statement from your version.
- *
- * As a special exception to the GPL, any HTML file which merely
- * makes function calls to this code, and for that purpose
- * includes it by reference shall be deemed a separate work for
- * copyright law purposes. If you modify this code, you may extend
- * this exception to your version of the code, but you are not
- * obligated to do so. If you do not wish to do so, delete this
- * exception statement from your version.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <https://www.gnu.org/licenses/>.
- *
- * I, Wojtek Kosior, thereby promise not to sue for violation of this file's
- * license. Although I request that you do not make use of this code in a
- * proprietary program, I am not going to enforce this in court.
- */
-
-#IMPORT common/observables.js
-
-#FROM common/ajax.js           IMPORT make_ajax_request
-#FROM common/stored_types.js   IMPORT TYPE_PREFIX
-#FROM common/sanitize_JSON.js  IMPORT parse_json_with_schema
-#FROM common/misc.js           IMPORT matchers
-
-const paths = {
-    [TYPE_PREFIX.PAGE]: "/pattern",
-    [TYPE_PREFIX.BAG]: "/bag",
-    [TYPE_PREFIX.SCRIPT]: "/script",
-    [TYPE_PREFIX.URL]: "/query"
-};
-
-const queried_items = new Map();
-const observable = observables.make();
-
-function repo_query(prefix, item, repo_urls)
-{
-    const key = prefix + item;
-
-    const results = queried_items.get(key) || {};
-    queried_items.set(key, results);
-
-    for (const repo_url of repo_urls)
-	perform_query_against(key, repo_url, results);
-}
-#EXPORT  repo_query  AS query
-
-const page_schema = {
-    pattern: matchers.nonempty_string,
-    payload: ["optional", matchers.component, "default", undefined]
-};
-const bag_schema = {
-    name: matchers.nonempty_string,
-    components: ["optional", [matchers.component, "repeat"], "default", []]
-};
-const script_schema = {
-    name: matchers.nonempty_string,
-    location: matchers.nonempty_string,
-    sha256: matchers.sha256,
-};
-const search_result_schema = [page_schema, "repeat"];
-
-const schemas = {
-    [TYPE_PREFIX.PAGE]: page_schema,
-    [TYPE_PREFIX.BAG]: bag_schema,
-    [TYPE_PREFIX.SCRIPT]: script_schema,
-    [TYPE_PREFIX.URL]: search_result_schema
-}
-
-async function perform_query_against(key, repo_url, results)
-{
-    if (results[repo_url] !== undefined)
-	return;
-
-    const prefix = key[0];
-    const item = key.substring(1);
-    const result = {state: "started"};
-    results[repo_url] = result;
-
-    const broadcast_msg = {prefix, item, results: {[repo_url]: result}};
-    observables.broadcast(observable, broadcast_msg);
-
-    let state = "connection_error";
-    const query_url =
-	  `${repo_url}${paths[prefix]}?n=${encodeURIComponent(item)}`;
-
-    try {
-	let xhttp = await make_ajax_request("GET", query_url);
-	if (xhttp.status === 200) {
-	    state = "parse_error";
-	    result.response =
-		parse_json_with_schema(schemas[prefix], xhttp.responseText);
-	    state = "completed";
-	}
-    } catch (e) {
-	console.log(e);
-    }
-
-    result.state = state;
-    observables.broadcast(observable, broadcast_msg);
-}
-
-function subscribe_results(cb)
-{
-    observables.subscribe(observable, cb);
-    for (const [key, results] of queried_items.entries())
-	cb({prefix: key[0], item: key.substring(1), results});
-}
-#EXPORT subscribe_results
-
-function unsubscribe_results(cb)
-{
-    observables.unsubscribe(observable, cb);
-}
-#EXPORT unsubscribe_results
diff --git a/content/repo_query_cacher.js b/content/repo_query_cacher.js
index bdba189..41487e1 100644
--- a/content/repo_query_cacher.js
+++ b/content/repo_query_cacher.js
@@ -82,3 +82,4 @@ function on_repo_query_request([type, url], sender, respond_cb) {
 function start() {
     browser.runtime.onMessage.addListener(on_repo_query_request);
 }
+#EXPORT start