diff options
Diffstat (limited to 'content')
-rw-r--r-- | content/activity_info_server.js | 60 | ||||
-rw-r--r-- | content/main.js | 54 | ||||
-rw-r--r-- | content/page_actions.js | 21 |
3 files changed, 106 insertions, 29 deletions
diff --git a/content/activity_info_server.js b/content/activity_info_server.js new file mode 100644 index 0000000..8435377 --- /dev/null +++ b/content/activity_info_server.js @@ -0,0 +1,60 @@ +/** + * part of Hachette + * Informing about activities performed by content script (script injection, + * script blocking). + * + * Copyright (C) 2021 Wojtek Kosior + * Redistribution terms are gathered in the `copyright' file. + */ + +/* + * IMPORTS_START + * IMPORT listen_for_connection + * IMPORT CONNECTION_TYPE + * IMPORTS_END + */ + +var activities = []; +var ports = new Set(); + +function report_activity(name, data) +{ + const activity = [name, data]; + activities.push(activity); + + for (const port of ports) + port.postMessage(activity); +} + +function report_script(script_data) +{ + report_activity("script", script_data); +} + +function report_settings(settings) +{ + report_activity("settings", settings); +} + +function new_connection(port) +{ + console.log("new activity info connection!"); + + ports.add(port); + + for (const activity of activities) + port.postMessage(activity); +} + +function start_activity_info_server() +{ + listen_for_connection(CONNECTION_TYPE.ACTIVITY_INFO, new_connection); +} + +/* + * EXPORTS_START + * EXPORT start_activity_info_server + * EXPORT report_script + * EXPORT report_settings + * EXPORTS_END + */ diff --git a/content/main.js b/content/main.js index 65ac008..5d88a6d 100644 --- a/content/main.js +++ b/content/main.js @@ -12,10 +12,12 @@ * IMPORT url_extract_target * IMPORT gen_unique * IMPORT csp_rule + * IMPORT is_privileged_url * IMPORT sanitize_attributes * IMPORT script_suppressor * IMPORT is_chrome * IMPORT is_mozilla + * IMPORT start_activity_info_server * IMPORTS_END */ @@ -35,11 +37,14 @@ let unique = gen_unique(url); const suppressor = script_suppressor(unique); -function needs_blocking() + +function is_http() { - if (url.startsWith("https://") || url.startsWith("http://")) - return false; + return !!/^https?:\/\//i.exec(document.URL); +} +function is_whitelisted() +{ const parsed_url = url_extract_target(document.URL); if (parsed_url.target !== undefined && @@ -49,12 +54,10 @@ function needs_blocking() else history.replaceState(null, "", parsed_url.base_url); - console.log(["allowing whitelisted", document.URL]); - return false; + return true; } - console.log(["disallowing", document.URL]); - return true; + return false; } function handle_mutation(mutations, observer) @@ -120,20 +123,27 @@ function inject_csp(head) head.insertBefore(meta, head.firstElementChild); } -if (needs_blocking()) { - block_nodes_recursively(document.documentElement); - - if (is_chrome) { - var observer = new MutationObserver(handle_mutation); - observer.observe(document.documentElement, { - attributes: true, - childList: true, - subtree: true - }); +if (!is_privileged_url(document.URL)) { + start_activity_info_server(); + handle_page_actions(unique); + + if (is_http()) { + /* rely on CSP injected through webRequest */ + } else if (is_whitelisted()) { + /* do not block scripts at all */ + } else { + block_nodes_recursively(document.documentElement); + + if (is_chrome) { + var observer = new MutationObserver(handle_mutation); + observer.observe(document.documentElement, { + attributes: true, + childList: true, + subtree: true + }); + } + + if (is_mozilla) + addEventListener('beforescriptexecute', suppressor, true); } - - if (is_mozilla) - addEventListener('beforescriptexecute', suppressor, true); } - -handle_page_actions(unique); diff --git a/content/page_actions.js b/content/page_actions.js index bc65449..fd405fe 100644 --- a/content/page_actions.js +++ b/content/page_actions.js @@ -9,6 +9,8 @@ * IMPORTS_START * IMPORT CONNECTION_TYPE * IMPORT browser + * IMPORT report_script + * IMPORT report_settings * IMPORTS_END */ @@ -19,15 +21,18 @@ var nonce; function handle_message(message) { - if (message.inject === undefined) - return; + const [action, data] = message; - for (let script_text of message.inject) { - if (loaded) - add_script(script_text); - else - scripts_awaiting.push(script_text); + if (action === "inject") { + for (let script_text of data) { + if (loaded) + add_script(script_text); + else + scripts_awaiting.push(script_text); + } } + if (action === "settings") + report_settings(data); } function document_loaded(event) @@ -46,6 +51,8 @@ function add_script(script_text) script.textContent = script_text; script.setAttribute("nonce", nonce); document.body.appendChild(script); + + report_script(script_text); } function handle_page_actions(script_nonce) { |