From b9a6179c1dbdc16860099bfb8831bf1f3d0f39a2 Mon Sep 17 00:00:00 2001 From: Wojtek Kosior Date: Thu, 24 Mar 2022 21:30:20 +0100 Subject: fix payload creation for file:// URLs --- common/patterns.js | 2 +- test/haketilo_test/unit/test_patterns.py | 15 +++++++++++++++ 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/common/patterns.js b/common/patterns.js index 9e9d387..7381cdd 100644 --- a/common/patterns.js +++ b/common/patterns.js @@ -192,7 +192,7 @@ const patterns_doc_url = function reconstruct_url(deco) { - const domain = deco.domain.join("."); + const domain = (deco.domain || []).join("."); const path = ["", ...deco.path].join("/"); const trail = deco.trailing_slash ? "/" : ""; return `${deco.proto}://${domain}${path}${trail}`; diff --git a/test/haketilo_test/unit/test_patterns.py b/test/haketilo_test/unit/test_patterns.py index f2eeaf8..2ba4dce 100644 --- a/test/haketilo_test/unit/test_patterns.py +++ b/test/haketilo_test/unit/test_patterns.py @@ -103,6 +103,9 @@ def test_deconstruct_url(execute_in_page): assert deco['domain'] == ['example', 'com'] assert deco['path'] == ['a', 'b'] + reco = execute_in_page('returnval(reconstruct_url(arguments[0]));', deco) + assert reco == 'https://example.com/a/b' + deco = execute_in_page('returnval(deconstruct_url(arguments[0]));', 'http://**.example.com/') assert deco @@ -111,6 +114,9 @@ def test_deconstruct_url(execute_in_page): assert deco['domain'] == ['**', 'example', 'com'] assert deco['path'] == [] + reco = execute_in_page('returnval(reconstruct_url(arguments[0]));', deco) + assert reco == 'http://**.example.com/' + deco = execute_in_page('returnval(deconstruct_url(arguments[0]));', 'ftp://user@ftp.example.com/all///passwords.txt/') assert deco @@ -119,6 +125,9 @@ def test_deconstruct_url(execute_in_page): assert deco['domain'] == ['ftp', 'example', 'com'] assert deco['path'] == ['all', 'passwords.txt'] + reco = execute_in_page('returnval(reconstruct_url(arguments[0]));', deco) + assert reco == 'ftp://ftp.example.com/all/passwords.txt/' + deco = execute_in_page('returnval(deconstruct_url(arguments[0]));', 'ftp://mirror.edu.pl.eu.org') assert deco @@ -127,6 +136,9 @@ def test_deconstruct_url(execute_in_page): assert deco['domain'] == ['mirror', 'edu', 'pl', 'eu', 'org'] assert deco['path'] == [] + reco = execute_in_page('returnval(reconstruct_url(arguments[0]));', deco) + assert reco == 'ftp://mirror.edu.pl.eu.org' + deco = execute_in_page('returnval(deconstruct_url(arguments[0]));', 'file:///mnt/parabola_chroot///etc/passwd') assert deco @@ -135,6 +147,9 @@ def test_deconstruct_url(execute_in_page): assert deco['path'] == ['mnt', 'parabola_chroot', 'etc', 'passwd'] assert 'domain' not in deco + reco = execute_in_page('returnval(reconstruct_url(arguments[0]));', deco) + assert reco == 'file:///mnt/parabola_chroot/etc/passwd' + for bad_url in [ '://bad-url.missing/protocol', 'http:/example.com/a/b', -- cgit v1.2.3 From d911bf37a13a8bfddedd26b0e16d59e6fd4d229a Mon Sep 17 00:00:00 2001 From: Wojtek Kosior Date: Thu, 24 Mar 2022 21:55:51 +0100 Subject: fix encoding detection in StreamFilter --- background/stream_filter.js | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/background/stream_filter.js b/background/stream_filter.js index 921523a..b7879ea 100644 --- a/background/stream_filter.js +++ b/background/stream_filter.js @@ -35,7 +35,7 @@ function validate_encoding(charset) { try { - new TextDecoder(); + new TextDecoder(charset); return charset; } catch(e) { return undefined; @@ -44,7 +44,7 @@ function validate_encoding(charset) function is_content_type_header(header) { - header.name.toLowerCase().trim() === "content-type"; + return header.name.toLowerCase().trim() === "content-type"; } const charset_reg = /;\s*charset\s*=\s*([\w-]+)/i; @@ -55,7 +55,8 @@ function properties_from_headers(headers) for (const header of headers.filter(is_content_type_header)) { const match = charset_reg.exec(header.value); - if (!properties.detected_charset && validate_encoding(match[1])) + if (match && !properties.detected_charset && + validate_encoding(match[1])) properties.detected_charset = match[1]; if (/html/i.test(header.value)) @@ -105,7 +106,11 @@ function charset_from_meta_tags(doc) function create_decoder(properties, data) { let charset = charset_from_BOM(data) || properties.detected_charset; - if (!charset && data.indexOf(0) !== -1) { + + if (charset) + return new TextDecoder(charset); + + if (data.indexOf(0) !== -1) { console.warn("Haketilo: zeroes in bytestream, probable cached encoding mismatch. Trying to decode it as UTF-16.", properties); return new TextDecoder("utf-16be"); -- cgit v1.2.3 From e63c71d637f6c50356dedb3f77c8b7d8f72d13fa Mon Sep 17 00:00:00 2001 From: Wojtek Kosior Date: Fri, 25 Mar 2022 10:10:00 +0100 Subject: make a tar.gz distribution archive in one go (no intermediate .tar generation) --- Makefile.in | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/Makefile.in b/Makefile.in index 48335a9..0660114 100644 --- a/Makefile.in +++ b/Makefile.in @@ -36,7 +36,7 @@ default: $(default_target) install install-html install-dvi install-pdf install-ps uninstall \ install-strip clean distclean mostlyclean maintainer-clean TAGS info \ dvi html pdf ps dist check installcheck installdirs \ - test-prepare test test-environment haketilo-$(version).tar + test-prepare test test-environment haketilo-$(version).tar.gz # core files icons/haketilo16.png: icons/haketilo.svg @@ -99,7 +99,7 @@ clean mostlyclean: rm -f mozilla-build.zip chromium-build.zip exports_init.js rm -rf pytest.ini certs injected_scripts geckodriver.log rm -rf certs/ test__pycache__/ .pytest_cache/ - rm -f *.tar *.tar.gz + rm -f *.tar.gz distclean: clean rm -f Makefile config.status record.conf @@ -119,15 +119,12 @@ $(srcdir)/FILES.txt: $(srcdir)/.git printf 'FILES.txt\n' >> $@; \ fi -haketilo-$(version).tar: FILES.txt +haketilo-$(version).tar.gz: FILES.txt HERE="$$(pwd)"; \ cd "$(srcdir)"; \ - tar -caf "$$HERE/$@" --transform='s_^_haketilo-$(version)/_' \ + tar -czf "$$HERE/$@" --transform='s_^_haketilo-$(version)/_' \ $$(cat FILES.txt) -haketilo-$(version).tar.gz: haketilo-$(version).tar - gzip < haketilo-$(version).tar > haketilo-$(version).tar.gz - dist: haketilo-$(version).tar.gz # Files for constructing the makefile -- cgit v1.2.3 From ea15d008d981614fec8338084db8b68eed6adf2f Mon Sep 17 00:00:00 2001 From: Wojtek Kosior Date: Fri, 25 Mar 2022 10:10:47 +0100 Subject: bump version to 1.0-beta3 --- version | 2 +- version_chromium | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/version b/version index e57d921..3352276 100644 --- a/version +++ b/version @@ -1 +1 @@ -"1.0-beta2" +"1.0-beta3" diff --git a/version_chromium b/version_chromium index fbaa389..a7721a2 100644 --- a/version_chromium +++ b/version_chromium @@ -1 +1 @@ -"0.65536.2" +"0.65536.3" -- cgit v1.2.3 From 480b3a3fc8ad2f8d04c5673f197c940cc3c13f23 Mon Sep 17 00:00:00 2001 From: Wojtek Kosior Date: Fri, 25 Mar 2022 10:12:29 +0100 Subject: make Makefile automatically rewrite itself when Haketilo version is bumped --- Makefile.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile.in b/Makefile.in index 0660114..8f77085 100644 --- a/Makefile.in +++ b/Makefile.in @@ -128,7 +128,7 @@ haketilo-$(version).tar.gz: FILES.txt dist: haketilo-$(version).tar.gz # Files for constructing the makefile -Makefile: config.status Makefile.in record.conf +Makefile: config.status Makefile.in record.conf version ./config.status config.status: write_makefile.sh -- cgit v1.2.3 From bc7d13ead2c1b9f2565232afb76cfd507c51208e Mon Sep 17 00:00:00 2001 From: Wojtek Kosior Date: Wed, 13 Apr 2022 10:50:12 +0200 Subject: don't source shell_utils.sh which no longer exists --- upload_amo.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/upload_amo.sh b/upload_amo.sh index 3739c9c..4aff80e 100755 --- a/upload_amo.sh +++ b/upload_amo.sh @@ -15,8 +15,6 @@ set -e -. ./shell_utils.sh - _PROG_NAME="$0" OPERATION="$1" API_KEY="$2" -- cgit v1.2.3 From 4d866cf6f8c051098ff001562cbf8cb84980473a Mon Sep 17 00:00:00 2001 From: Wojtek Kosior Date: Wed, 13 Apr 2022 10:50:21 +0200 Subject: bump version to 1.0 --- README.md | 2 +- version | 2 +- version_chromium | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 2458989..07bb93a 100644 --- a/README.md +++ b/README.md @@ -114,7 +114,7 @@ make test-prepare python3 -m pytest -vv -k popup ``` -As of Haketilo 1.0-beta1 some tests may spuriously fail. This is the result it being notoriously difficult to avoid some weirdnesses when driving Firefox using Selenium. To make sure a failed test is not the result of some more serious bug, you might want to rerun the test suite. +As of Haketilo 1.0 some tests may spuriously fail. This is the result it being notoriously difficult to avoid some weirdnesses when driving Firefox using Selenium. To make sure a failed test is not the result of some more serious bug, you might want to rerun the test suite. ### Setting up an environment for manual testing diff --git a/version b/version index 3352276..ea1da60 100644 --- a/version +++ b/version @@ -1 +1 @@ -"1.0-beta3" +"1.0" diff --git a/version_chromium b/version_chromium index a7721a2..ea1da60 100644 --- a/version_chromium +++ b/version_chromium @@ -1 +1 @@ -"0.65536.3" +"1.0" -- cgit v1.2.3 From d9441412a6052e5fb057d01b745208070f8bdfd4 Mon Sep 17 00:00:00 2001 From: Wojtek Kosior Date: Wed, 13 Apr 2022 11:19:58 +0200 Subject: remove node-specific code from sha256.js this will prevent the eval warning when uploading extension to AMO --- common/sha256.js | 32 +------------------------------- 1 file changed, 1 insertion(+), 31 deletions(-) diff --git a/common/sha256.js b/common/sha256.js index 5149f97..13c8c7c 100644 --- a/common/sha256.js +++ b/common/sha256.js @@ -36,10 +36,7 @@ if (root.JS_SHA256_NO_WINDOW) { WINDOW = false; } var WEB_WORKER = !WINDOW && typeof self === 'object'; -var NODE_JS = !root.JS_SHA256_NO_NODE_JS && typeof process === 'object' && process.versions && process.versions.node; -if (NODE_JS) { - root = global; -} else if (WEB_WORKER) { +if (WEB_WORKER) { root = self; } var COMMON_JS = !root.JS_SHA256_NO_COMMON_JS && typeof module === 'object' && module.exports; @@ -82,9 +79,6 @@ var createOutputMethod = function (outputType, is224) { var createMethod = function (is224) { var method = createOutputMethod('hex', is224); - if (NODE_JS) { - method = nodeWrap(method, is224); - } method.create = function () { return new Sha256(is224); }; @@ -98,30 +92,6 @@ var createMethod = function (is224) { return method; }; -var nodeWrap = function (method, is224) { - var crypto = eval("require('crypto')"); - var Buffer = eval("require('buffer').Buffer"); - var algorithm = is224 ? 'sha224' : 'sha256'; - var nodeMethod = function (message) { - if (typeof message === 'string') { - return crypto.createHash(algorithm).update(message, 'utf8').digest('hex'); - } else { - if (message === null || message === undefined) { - throw new Error(ERROR); - } else if (message.constructor === ArrayBuffer) { - message = new Uint8Array(message); - } - } - if (Array.isArray(message) || ArrayBuffer.isView(message) || - message.constructor === Buffer) { - return crypto.createHash(algorithm).update(new Buffer(message)).digest('hex'); - } else { - return method(message); - } - }; - return nodeMethod; -}; - var createHmacOutputMethod = function (outputType, is224) { return function (key, message) { return new HmacSha256(key, is224, true).update(message)[outputType](); -- cgit v1.2.3