AgeCommit message (Collapse)Author
2021-10-07Start on a makefilejahoti
Currently includes targets for unpacked versions and zips
2021-10-06Restart modifications to build with a makefile in mindjahoti
2021-10-01Add complete firefox extension upload and download functionalityWojtek Kosior
2021-10-01add shell script facilitating generation of JWTWojtek Kosior
2021-09-15Add default repository to default settingsnickjahoti
2021-09-14bump version to 0.1Wojtek Kosior
2021-09-14use default settings that only contain a demo script (the rest is available ↵Wojtek Kosior
through Hydrilla)
2021-09-13rename the extension to "Haketilo"Wojtek Kosior
2021-09-11added missing line break in options pageWojtek Kosior
2021-09-10disable service workers when scripts are blockedWojtek Kosior
2021-09-10Make it impossible to check "Allow native scripts" for pages with payload.Wojtek Kosior
2021-09-10limit allowed pattern lengthsWojtek Kosior
2021-09-09restore compatibility with IceCat 60Wojtek Kosior
2021-09-09simplify CSP handlingWojtek Kosior
All page's CSP rules are now removed when a payload is to be injected. When there is no payload, CSP rules are not modified but only supplemented with Hachette's own.
2021-09-08Fix sanitizing of non-HTML XMLDocument'sWojtek Kosior
2021-09-06re-enable sanitizing of data: URLs and also sanitize intrinsics on non-HTML ↵Wojtek Kosior
pages where CSP doesn't work
2021-09-06generate Chromium unique key automatically in `build.sh'Wojtek Kosior
2021-09-04fix script blocking bug under ChromiumWojtek Kosior
2021-09-04update documentation link in the READMEWojtek Kosior
2021-09-04show appropriate message when repository returns no custom content for given URLWojtek Kosior
2021-09-04merge changes before version 0.1Wojtek Kosior
2021-09-03limit width of url in popup headingWojtek Kosior
2021-09-03disable payload injection on non-html pagesWojtek Kosior
2021-09-03only apply stream filter modifications when reasonably necessaryWojtek Kosior
2021-09-02implement rethinked <meta> tags sanitizing approachWojtek Kosior
This has not been tested yet. Additionally, functionality for blocking of `data:' urls needs to be re-enabled.
2021-09-02also require "unlimitedStorage" permission to avoid surprise laterWojtek Kosior
2021-09-02enable toggling of global script blocking policy\n\nThis commit also ↵Wojtek Kosior
introduces `light_storage' module which is later going to replace the storage code we use right now.\nAlso included is a hack to properly display scrollbars under Mozilla (needs testing on newer Mozilla browsers).
2021-09-01add styling to settings install(import) dialogWojtek Kosior
2021-09-01change descriptionWojtek Kosior
2021-09-01add styling for popup page\n\nThis does not include styling for contents of ↵Wojtek Kosior
the import dialog
2021-08-30add styling for options page\n\nThis does not include styling for contents ↵Wojtek Kosior
of the import popup
2021-08-27reset CSS rulesWojtek Kosior
2021-08-27start using `<template>' tagWojtek Kosior
2021-08-27put simplest, asynchronous local storage operations in a separate fileWojtek Kosior
2021-08-27add support for `ftp://' protocolWojtek Kosior
2021-08-27enable whitelisting of `file://' protocol\n\nThis commit additionally also ↵Wojtek Kosior
changes the semantics of triple asterisk wildcard in URL path.
2021-08-26filter HTTP request headers to remove Hachette cookies in case they slip throughWojtek Kosior
2021-08-26improve signing\n\nSignature timestamp is now handled in a saner way. Sha256 ↵Wojtek Kosior
implementation is no longer pulled in contexts that don't require it.
2021-08-23use StreamFilter under Mozilla to prevent csp <meta> tags from blocking our ↵Wojtek Kosior
injected scripts
2021-08-20sanitize `<meta>' tags containing CSP rules under ChromiumWojtek Kosior
This commit adds a mechanism of hijacking document when it loads and injecting sanitized nodes to the DOM from the level of content script.
2021-08-18remove unneeded policy-related cosole messages; restore IceCat 60 compatibilityWojtek Kosior
2021-08-18implement smuggling via cookies instead of URLWojtek Kosior
2021-08-18enhance our bundler to protect top-level `this' from accidental clobberingWojtek Kosior
2021-08-14merge facility to install from HydrillaWojtek Kosior
2021-08-14merge csp-PoCWojtek Kosior
2021-08-14Revert changes to content/main.js to commit 25817b68c*jahoti
It turns out modifying the CSP headers in meta tags has no effect.
2021-08-10change default repository URLWojtek Kosior
2021-08-06Facilitate installation of scripts from the repositoryWojtek Kosior
This commit includes: * removal of page_info_server * running of storage client in popup context * extraction of some common CSS to a separate file * extraction of scripts import view to a separate file * addition of a facility to conveniently clone complex structures from DOM (in DOM_helpers.js) * addition of hydrilla repo url to default settings * other minor changes and of course changes related to the actual installation of scripts from the repo
2021-08-05enable modularization of html filesWojtek Kosior
2021-08-04make settings_query.js use storage object passed as an argumentWojtek Kosior
generated by cgit
linux" "i686-linux" "armhf-linux")) (define %u-boot-systems '("armhf-linux")) (define (qemu-jobs store system) "Return a list of jobs that build QEMU images for SYSTEM." (define (->alist drv) `((derivation . ,(derivation-file-name drv)) (description . "Stand-alone QEMU image of the GNU system") (long-description . "This is a demo stand-alone QEMU image of the GNU system.") (license . ,(license-name gpl3+)) (max-silent-time . 600) (timeout . 3600) (home-page . ,%guix-home-page-url) (maintainers . ("bug-guix@gnu.org")))) (define (->job name drv) (let ((name (symbol-append name (string->symbol ".") (string->symbol system)))) `(,name . ,(lambda () (parameterize ((%graft? #f)) (->alist drv)))))) (define MiB (expt 2 20)) (if (member system %guixsd-supported-systems) (if (member system %u-boot-systems) (list (->job 'flash-image (run-with-store store (mbegin %store-monad (set-guile-for-build (default-guile)) (system-disk-image (operating-system (inherit installation-os) (bootloader (bootloader-configuration (bootloader u-boot-bootloader) (target #f)))) #:disk-image-size (* 1500 MiB)))))) (list (->job 'usb-image (run-with-store store (mbegin %store-monad (set-guile-for-build (default-guile)) (system-disk-image installation-os #:disk-image-size (* 1500 MiB))))) (->job 'iso9660-image (run-with-store store (mbegin %store-monad (set-guile-for-build (default-guile)) (system-disk-image installation-os #:file-system-type "iso9660")))))) '())) (define (system-test-jobs store system) "Return a list of jobs for the system tests." (define (test->thunk test) (lambda () (define drv (run-with-store store (mbegin %store-monad (set-current-system system) (set-grafting #f) (set-guile-for-build (default-guile)) (system-test-value test)))) `((derivation . ,(derivation-file-name drv)) (description . ,(format #f "GuixSD '~a' system test" (system-test-name test))) (long-description . ,(system-test-description test)) (license . ,(license-name gpl3+)) (max-silent-time . 600) (timeout . 3600) (home-page . ,%guix-home-page-url) (maintainers . ("bug-guix@gnu.org"))))) (define (->job test) (let ((name (string->symbol (string-append "test." (system-test-name test) "." system)))) (cons name (test->thunk test)))) (if (member system %guixsd-supported-systems) (map ->job (all-system-tests)) '())) (define (tarball-jobs store system) "Return Hydra jobs to build the self-contained Guix binary tarball." (define (->alist drv) `((derivation . ,(derivation-file-name drv)) (description . "Stand-alone binary Guix tarball") (long-description . "This is a tarball containing binaries of Guix and all its dependencies, and ready to be installed on non-GuixSD distributions.") (license . ,(license-name gpl3+)) (home-page . ,%guix-home-page-url) (maintainers . ("bug-guix@gnu.org")))) (define (->job name drv) (let ((name (symbol-append name (string->symbol ".") (string->symbol system)))) `(,name . ,(lambda () (parameterize ((%graft? #f)) (->alist drv)))))) ;; XXX: Add a job for the stable Guix? (list (->job 'binary-tarball (run-with-store store (mbegin %store-monad (set-guile-for-build (default-guile)) (>>= (profile-derivation (packages->manifest (list guix))) (lambda (profile) (self-contained-tarball "guix-binary" profile #:localstatedir? #t #:compressor (lookup-compressor "xz"))))) #:system system)))) (define job-name ;; Return the name of a package's job. (compose string->symbol (cut package-full-name <> "-"))) (define package->job (let ((base-packages (delete-duplicates (append-map (match-lambda ((_ package _ ...) (match (package-transitive-inputs package) (((_ inputs _ ...) ...) inputs)))) (%final-inputs))))) (lambda (store package system) "Return a job for PACKAGE on SYSTEM, or #f if this combination is not valid." (cond ((member package base-packages) (package-job store (symbol-append 'base. (job-name package)) package system)) ((supported-package? package system) (let ((drv (package-derivation store package system #:graft? #f))) (and (substitutable-derivation? drv) (package-job store (job-name package) package system)))) (else #f))))) (define (all-packages) "Return the list of packages to build." (define (adjust package result) (cond ((package-replacement package) (cons* package ;build both (package-replacement package) result)) ((package-superseded package) result) ;don't build it (else (cons package result)))) (fold-packages adjust (fold adjust '() ;include base packages (match (%final-inputs) (((labels packages _ ...) ...) packages))) #:select? (const #t))) ;include hidden packages (define (arguments->manifests arguments) "Return the list of manifests extracted from ARGUMENTS." (map (match-lambda ((input-name . relative-path) (let* ((checkout (assq-ref arguments (string->symbol input-name))) (base (assq-ref checkout 'file-name))) (in-vicinity base relative-path)))) (assq-ref arguments 'manifests))) (define (manifests->packages store manifests) "Return the list of packages found in MANIFESTS." (define (load-manifest manifest) (save-module-excursion (lambda () (set-current-module (make-user-module '((guix profiles) (gnu)))) (primitive-load manifest)))) (delete-duplicates! (map manifest-entry-item (append-map (compose manifest-entries load-manifest) manifests)))) ;;; ;;; Hydra entry point. ;;; (define (hydra-jobs store arguments) "Return Hydra jobs." (define subset (match (assoc-ref arguments 'subset) ("core" 'core) ; only build core packages ("hello" 'hello) ; only build hello (((? string?) (? string?) ...) 'list) ; only build selected list of packages ("manifests" 'manifests) ; only build packages in the list of manifests (_ 'all))) ; build everything (define systems (match (assoc-ref arguments 'systems) (#f %hydra-supported-systems) ((lst ...) lst) ((? string? str) (call-with-input-string str read)))) (define (cross-jobs system) (define (from-32-to-64? target) ;; Return true if SYSTEM is 32-bit and TARGET is 64-bit. This hack ;; prevents known-to-fail cross-builds from i686-linux or armhf-linux to ;; mips64el-linux-gnuabi64. (and (or (string-prefix? "i686-" system) (string-prefix? "i586-" system) (string-prefix? "armhf-" system)) (string-contains target "64"))) ;x86_64, mips64el, aarch64, etc. (define (same? target) ;; Return true if SYSTEM and TARGET are the same thing. This is so we ;; don't try to cross-compile to 'mips64el-linux-gnu' from ;; 'mips64el-linux'. (or (string-contains target system) (and (string-prefix? "armhf" system) ;armhf-linux (string-prefix? "arm" target)))) ;arm-linux-gnueabihf (define (pointless? target) ;; Return #t if it makes no sense to cross-build to TARGET from SYSTEM. (match system ((or "x86_64-linux" "i686-linux") (if (string-contains target "mingw") (not (string=? "x86_64-linux" system)) #f)) (_ ;; Don't try to cross-compile from non-Intel platforms: this isn't ;; very useful and these are often brittle configurations. #t))) (define (either proc1 proc2 proc3) (lambda (x) (or (proc1 x) (proc2 x) (proc3 x)))) (append-map (lambda (target) (map (lambda (package) (package-cross-job store (job-name package) package target system)) %packages-to-cross-build)) (remove (either from-32-to-64? same? pointless?) %cross-targets))) ;; Turn off grafts. Grafting is meant to happen on the user's machines. (parameterize ((%graft? #f)) ;; Return one job for each package, except bootstrap packages. (append-map (lambda (system) (format (current-error-port) "evaluating for '~a' (heap size: ~a MiB)...~%" system (round (/ (assoc-ref (gc-stats) 'heap-size) (expt 2. 20)))) (invalidate-derivation-caches!) (case subset ((all) ;; Build everything, including replacements. (let ((all (all-packages)) (job (lambda (package) (package->job store package system)))) (append (filter-map job all) (qemu-jobs store system) (system-test-jobs store system) (tarball-jobs store system) (cross-jobs system)))) ((core) ;; Build core packages only. (append (map (lambda (package) (package-job store (job-name package) package system)) %core-packages) (cross-jobs system))) ((hello) ;; Build hello package only. (if (string=? system (%current-system)) (let ((hello (specification->package "hello"))) (list (package-job store (job-name hello) hello system))) '())) ((list) ;; Build selected list of packages only. (if (string=? system (%current-system)) (let* ((names (assoc-ref arguments 'subset)) (packages (map specification->package names))) (map (lambda (package) (package-job store (job-name package) package system)) packages)) '())) ((manifests) ;; Build packages in the list of manifests. (let* ((manifests (arguments->manifests arguments)) (packages (manifests->packages store manifests))) (map (lambda (package) (package-job store (job-name package) package system)) packages))) (else (error "unknown subset" subset)))) systems)))
generated by cgit