aboutsummaryrefslogtreecommitdiffstats
path: root/js/traffic.js
diff options
context:
space:
mode:
authorJesús <heckyel@hyperbola.info>2019-08-11 19:58:26 -0500
committerJesús <heckyel@hyperbola.info>2019-08-11 19:58:26 -0500
commit9ec39f09621c9975582a2b6d9a6fa0313b308086 (patch)
tree918786fdf371606f80bc9cdfbc2966909703e9bf /js/traffic.js
parent144581a54b8bb1808e23a3ea5c81e619e36a459f (diff)
downloadematrix-9ec39f09621c9975582a2b6d9a6fa0313b308086.tar.lz
ematrix-9ec39f09621c9975582a2b6d9a6fa0313b308086.tar.xz
ematrix-9ec39f09621c9975582a2b6d9a6fa0313b308086.zip
remove tabs in javascript files
Diffstat (limited to 'js/traffic.js')
-rw-r--r--js/traffic.js719
1 files changed, 359 insertions, 360 deletions
diff --git a/js/traffic.js b/js/traffic.js
index 03846b1..6a6f700 100644
--- a/js/traffic.js
+++ b/js/traffic.js
@@ -29,417 +29,416 @@
ηMatrix.webRequest = (function() {
-/******************************************************************************/
+ /******************************************************************************/
+
+ // Intercept and filter web requests according to white and black lists.
+
+ var onBeforeRootFrameRequestHandler = function(details) {
+ var ηm = ηMatrix;
+ var requestURL = details.url;
+ var requestHostname = ηm.URI.hostnameFromURI(requestURL);
+ var tabId = details.tabId;
-// Intercept and filter web requests according to white and black lists.
+ ηm.tabContextManager.push(tabId, requestURL);
-var onBeforeRootFrameRequestHandler = function(details) {
- var ηm = ηMatrix;
- var requestURL = details.url;
- var requestHostname = ηm.URI.hostnameFromURI(requestURL);
- var tabId = details.tabId;
+ var tabContext = ηm.tabContextManager.mustLookup(tabId);
+ var rootHostname = tabContext.rootHostname;
- ηm.tabContextManager.push(tabId, requestURL);
+ // Disallow request as per matrix?
+ var block = ηm.mustBlock(rootHostname, requestHostname, 'doc');
- var tabContext = ηm.tabContextManager.mustLookup(tabId);
- var rootHostname = tabContext.rootHostname;
+ var pageStore = ηm.pageStoreFromTabId(tabId);
+ pageStore.recordRequest('doc', requestURL, block);
+ ηm.logger.writeOne(tabId, 'net', rootHostname, requestURL, 'doc', block);
- // Disallow request as per matrix?
- var block = ηm.mustBlock(rootHostname, requestHostname, 'doc');
+ // Not blocked
+ if ( !block ) {
+ // rhill 2013-11-07: Senseless to do this for behind-the-scene requests.
+ ηm.cookieHunter.recordPageCookies(pageStore);
+ return;
+ }
- var pageStore = ηm.pageStoreFromTabId(tabId);
- pageStore.recordRequest('doc', requestURL, block);
- ηm.logger.writeOne(tabId, 'net', rootHostname, requestURL, 'doc', block);
+ // Blocked
+ var query = btoa(JSON.stringify({
+ url: requestURL,
+ hn: requestHostname,
+ why: '?'
+ }));
- // Not blocked
- if ( !block ) {
- // rhill 2013-11-07: Senseless to do this for behind-the-scene requests.
- ηm.cookieHunter.recordPageCookies(pageStore);
- return;
- }
+ vAPI.tabs.replace(tabId, vAPI.getURL('main-blocked.html?details=') + query);
- // Blocked
- var query = btoa(JSON.stringify({
- url: requestURL,
- hn: requestHostname,
- why: '?'
- }));
+ return { cancel: true };
+ };
- vAPI.tabs.replace(tabId, vAPI.getURL('main-blocked.html?details=') + query);
+ /******************************************************************************/
- return { cancel: true };
-};
+ // Intercept and filter web requests according to white and black lists.
-/******************************************************************************/
+ var onBeforeRequestHandler = function(details) {
+ var ηm = ηMatrix,
+ ηmuri = ηm.URI,
+ requestURL = details.url,
+ requestScheme = ηmuri.schemeFromURI(requestURL);
-// Intercept and filter web requests according to white and black lists.
-
-var onBeforeRequestHandler = function(details) {
- var ηm = ηMatrix,
- ηmuri = ηm.URI,
- requestURL = details.url,
- requestScheme = ηmuri.schemeFromURI(requestURL);
-
- if ( ηmuri.isNetworkScheme(requestScheme) === false ) { return; }
-
- var requestType = requestTypeNormalizer[details.type] || 'other';
-
- // https://github.com/gorhill/httpswitchboard/issues/303
- // Wherever the main doc comes from, create a receiver page URL: synthetize
- // one if needed.
- if ( requestType === 'doc' && details.parentFrameId === -1 ) {
- return onBeforeRootFrameRequestHandler(details);
- }
-
- // Re-classify orphan HTTP requests as behind-the-scene requests. There is
- // not much else which can be done, because there are URLs
- // which cannot be handled by ηMatrix, i.e. `opera://startpage`,
- // as this would lead to complications with no obvious solution, like how
- // to scope on unknown scheme? Etc.
- // https://github.com/gorhill/httpswitchboard/issues/191
- // https://github.com/gorhill/httpswitchboard/issues/91#issuecomment-37180275
- var tabContext = ηm.tabContextManager.mustLookup(details.tabId),
- tabId = tabContext.tabId,
- rootHostname = tabContext.rootHostname,
- specificity = 0;
-
- // Filter through matrix
- var block = ηm.tMatrix.mustBlock(
- rootHostname,
- ηmuri.hostnameFromURI(requestURL),
- requestType
- );
- if ( block ) {
- specificity = ηm.tMatrix.specificityRegister;
- }
-
- // Record request.
- // https://github.com/gorhill/httpswitchboard/issues/342
- // The way requests are handled now, it may happen at this point some
- // processing has already been performed, and that a synthetic URL has
- // been constructed for logging purpose. Use this synthetic URL if
- // it is available.
- var pageStore = ηm.mustPageStoreFromTabId(tabId);
-
- // Enforce strict secure connection?
- if ( tabContext.secure && ηmuri.isSecureScheme(requestScheme) === false ) {
- pageStore.hasMixedContent = true;
- if ( block === false ) {
- block = ηm.tMatrix.evaluateSwitchZ('https-strict', rootHostname);
+ if ( ηmuri.isNetworkScheme(requestScheme) === false ) { return; }
+
+ var requestType = requestTypeNormalizer[details.type] || 'other';
+
+ // https://github.com/gorhill/httpswitchboard/issues/303
+ // Wherever the main doc comes from, create a receiver page URL: synthetize
+ // one if needed.
+ if ( requestType === 'doc' && details.parentFrameId === -1 ) {
+ return onBeforeRootFrameRequestHandler(details);
}
- }
- pageStore.recordRequest(requestType, requestURL, block);
- ηm.logger.writeOne(tabId, 'net', rootHostname, requestURL, details.type, block);
+ // Re-classify orphan HTTP requests as behind-the-scene requests. There is
+ // not much else which can be done, because there are URLs
+ // which cannot be handled by ηMatrix, i.e. `opera://startpage`,
+ // as this would lead to complications with no obvious solution, like how
+ // to scope on unknown scheme? Etc.
+ // https://github.com/gorhill/httpswitchboard/issues/191
+ // https://github.com/gorhill/httpswitchboard/issues/91#issuecomment-37180275
+ var tabContext = ηm.tabContextManager.mustLookup(details.tabId),
+ tabId = tabContext.tabId,
+ rootHostname = tabContext.rootHostname,
+ specificity = 0;
+
+ // Filter through matrix
+ var block = ηm.tMatrix.mustBlock(
+ rootHostname,
+ ηmuri.hostnameFromURI(requestURL),
+ requestType
+ );
+ if ( block ) {
+ specificity = ηm.tMatrix.specificityRegister;
+ }
- if ( block ) {
- pageStore.cacheBlockedCollapsible(requestType, requestURL, specificity);
- return { 'cancel': true };
- }
-};
+ // Record request.
+ // https://github.com/gorhill/httpswitchboard/issues/342
+ // The way requests are handled now, it may happen at this point some
+ // processing has already been performed, and that a synthetic URL has
+ // been constructed for logging purpose. Use this synthetic URL if
+ // it is available.
+ var pageStore = ηm.mustPageStoreFromTabId(tabId);
+
+ // Enforce strict secure connection?
+ if ( tabContext.secure && ηmuri.isSecureScheme(requestScheme) === false ) {
+ pageStore.hasMixedContent = true;
+ if ( block === false ) {
+ block = ηm.tMatrix.evaluateSwitchZ('https-strict', rootHostname);
+ }
+ }
-/******************************************************************************/
+ pageStore.recordRequest(requestType, requestURL, block);
+ ηm.logger.writeOne(tabId, 'net', rootHostname, requestURL, details.type, block);
-// Sanitize outgoing headers as per user settings.
-
-var onBeforeSendHeadersHandler = function(details) {
- var ηm = ηMatrix,
- ηmuri = ηm.URI,
- requestURL = details.url,
- requestScheme = ηmuri.schemeFromURI(requestURL);
-
- // Ignore non-network schemes
- if ( ηmuri.isNetworkScheme(requestScheme) === false ) { return; }
-
- // Re-classify orphan HTTP requests as behind-the-scene requests. There is
- // not much else which can be done, because there are URLs
- // which cannot be handled by HTTP Switchboard, i.e. `opera://startpage`,
- // as this would lead to complications with no obvious solution, like how
- // to scope on unknown scheme? Etc.
- // https://github.com/gorhill/httpswitchboard/issues/191
- // https://github.com/gorhill/httpswitchboard/issues/91#issuecomment-37180275
- var tabId = details.tabId,
- pageStore = ηm.mustPageStoreFromTabId(tabId),
- requestType = requestTypeNormalizer[details.type] || 'other',
- requestHeaders = details.requestHeaders,
- headerIndex, headerValue;
-
- // https://github.com/gorhill/httpswitchboard/issues/342
- // Is this hyperlink auditing?
- // If yes, create a synthetic URL for reporting hyperlink auditing
- // in request log. This way the user is better informed of what went
- // on.
-
- // https://html.spec.whatwg.org/multipage/links.html#hyperlink-auditing
- //
- // Target URL = the href of the link
- // Doc URL = URL of the document containing the target URL
- // Ping URLs = servers which will be told that user clicked target URL
- //
- // `Content-Type` = `text/ping` (always present)
- // `Ping-To` = target URL (always present)
- // `Ping-From` = doc URL
- // `Referer` = doc URL
- // request URL = URL which will receive the information
- //
- // With hyperlink-auditing, removing header(s) is pointless, the whole
- // request must be cancelled.
-
- headerIndex = headerIndexFromName('ping-to', requestHeaders);
- if ( headerIndex !== -1 ) {
- headerValue = requestHeaders[headerIndex].value;
- if ( headerValue !== '' ) {
- var block = ηm.userSettings.processHyperlinkAuditing;
- pageStore.recordRequest('other', requestURL + '{Ping-To:' + headerValue + '}', block);
- ηm.logger.writeOne(tabId, 'net', '', requestURL, 'ping', block);
- if ( block ) {
- ηm.hyperlinkAuditingFoiledCounter += 1;
- return { 'cancel': true };
+ if ( block ) {
+ pageStore.cacheBlockedCollapsible(requestType, requestURL, specificity);
+ return { 'cancel': true };
+ }
+ };
+
+ /******************************************************************************/
+
+ // Sanitize outgoing headers as per user settings.
+
+ var onBeforeSendHeadersHandler = function(details) {
+ var ηm = ηMatrix,
+ ηmuri = ηm.URI,
+ requestURL = details.url,
+ requestScheme = ηmuri.schemeFromURI(requestURL);
+
+ // Ignore non-network schemes
+ if ( ηmuri.isNetworkScheme(requestScheme) === false ) { return; }
+
+ // Re-classify orphan HTTP requests as behind-the-scene requests. There is
+ // not much else which can be done, because there are URLs
+ // which cannot be handled by HTTP Switchboard, i.e. `opera://startpage`,
+ // as this would lead to complications with no obvious solution, like how
+ // to scope on unknown scheme? Etc.
+ // https://github.com/gorhill/httpswitchboard/issues/191
+ // https://github.com/gorhill/httpswitchboard/issues/91#issuecomment-37180275
+ var tabId = details.tabId,
+ pageStore = ηm.mustPageStoreFromTabId(tabId),
+ requestType = requestTypeNormalizer[details.type] || 'other',
+ requestHeaders = details.requestHeaders,
+ headerIndex, headerValue;
+
+ // https://github.com/gorhill/httpswitchboard/issues/342
+ // Is this hyperlink auditing?
+ // If yes, create a synthetic URL for reporting hyperlink auditing
+ // in request log. This way the user is better informed of what went
+ // on.
+
+ // https://html.spec.whatwg.org/multipage/links.html#hyperlink-auditing
+ //
+ // Target URL = the href of the link
+ // Doc URL = URL of the document containing the target URL
+ // Ping URLs = servers which will be told that user clicked target URL
+ //
+ // `Content-Type` = `text/ping` (always present)
+ // `Ping-To` = target URL (always present)
+ // `Ping-From` = doc URL
+ // `Referer` = doc URL
+ // request URL = URL which will receive the information
+ //
+ // With hyperlink-auditing, removing header(s) is pointless, the whole
+ // request must be cancelled.
+
+ headerIndex = headerIndexFromName('ping-to', requestHeaders);
+ if ( headerIndex !== -1 ) {
+ headerValue = requestHeaders[headerIndex].value;
+ if ( headerValue !== '' ) {
+ var block = ηm.userSettings.processHyperlinkAuditing;
+ pageStore.recordRequest('other', requestURL + '{Ping-To:' + headerValue + '}', block);
+ ηm.logger.writeOne(tabId, 'net', '', requestURL, 'ping', block);
+ if ( block ) {
+ ηm.hyperlinkAuditingFoiledCounter += 1;
+ return { 'cancel': true };
+ }
}
}
- }
-
- // If we reach this point, request is not blocked, so what is left to do
- // is to sanitize headers.
-
- var rootHostname = pageStore.pageHostname,
- requestHostname = ηmuri.hostnameFromURI(requestURL),
- modified = false;
-
- // Process `Cookie` header.
-
- headerIndex = headerIndexFromName('cookie', requestHeaders);
- if (
- headerIndex !== -1 &&
- ηm.mustBlock(rootHostname, requestHostname, 'cookie')
- ) {
- modified = true;
- headerValue = requestHeaders[headerIndex].value;
- requestHeaders.splice(headerIndex, 1);
- ηm.cookieHeaderFoiledCounter++;
- if ( requestType === 'doc' ) {
- ηm.logger.writeOne(tabId, 'net', '', headerValue, 'COOKIE', true);
+
+ // If we reach this point, request is not blocked, so what is left to do
+ // is to sanitize headers.
+
+ var rootHostname = pageStore.pageHostname,
+ requestHostname = ηmuri.hostnameFromURI(requestURL),
+ modified = false;
+
+ // Process `Cookie` header.
+
+ headerIndex = headerIndexFromName('cookie', requestHeaders);
+ if (
+ headerIndex !== -1 &&
+ ηm.mustBlock(rootHostname, requestHostname, 'cookie')
+ ) {
+ modified = true;
+ headerValue = requestHeaders[headerIndex].value;
+ requestHeaders.splice(headerIndex, 1);
+ ηm.cookieHeaderFoiledCounter++;
+ if ( requestType === 'doc' ) {
+ ηm.logger.writeOne(tabId, 'net', '', headerValue, 'COOKIE', true);
+ }
}
- }
-
- // Process `Referer` header.
-
- // https://github.com/gorhill/httpswitchboard/issues/222#issuecomment-44828402
-
- // https://github.com/gorhill/uMatrix/issues/320
- // http://tools.ietf.org/html/rfc6454#section-7.3
- // "The user agent MAY include an Origin header field in any HTTP
- // "request.
- // "The user agent MUST NOT include more than one Origin header field in
- // "any HTTP request.
- // "Whenever a user agent issues an HTTP request from a "privacy-
- // "sensitive" context, the user agent MUST send the value "null" in the
- // "Origin header field."
-
- // https://github.com/gorhill/uMatrix/issues/358
- // Do not spoof `Origin` header for the time being.
-
- // https://github.com/gorhill/uMatrix/issues/773
- // For non-GET requests, remove `Referer` header instead of spoofing it.
-
- headerIndex = headerIndexFromName('referer', requestHeaders);
- if ( headerIndex !== -1 ) {
- headerValue = requestHeaders[headerIndex].value;
- if ( headerValue !== '' ) {
- var toDomain = ηmuri.domainFromHostname(requestHostname);
- if ( toDomain !== '' && toDomain !== ηmuri.domainFromURI(headerValue) ) {
- pageStore.has3pReferrer = true;
- if ( ηm.tMatrix.evaluateSwitchZ('referrer-spoof', rootHostname) ) {
- modified = true;
- var newValue;
- if ( details.method === 'GET' ) {
- newValue = requestHeaders[headerIndex].value =
- requestScheme + '://' + requestHostname + '/';
- } else {
- requestHeaders.splice(headerIndex, 1);
- }
- ηm.refererHeaderFoiledCounter++;
- if ( requestType === 'doc' ) {
- ηm.logger.writeOne(tabId, 'net', '', headerValue, 'REFERER', true);
- if ( newValue !== undefined ) {
- ηm.logger.writeOne(tabId, 'net', '', newValue, 'REFERER', false);
+
+ // Process `Referer` header.
+
+ // https://github.com/gorhill/httpswitchboard/issues/222#issuecomment-44828402
+
+ // https://github.com/gorhill/uMatrix/issues/320
+ // http://tools.ietf.org/html/rfc6454#section-7.3
+ // "The user agent MAY include an Origin header field in any HTTP
+ // "request.
+ // "The user agent MUST NOT include more than one Origin header field in
+ // "any HTTP request.
+ // "Whenever a user agent issues an HTTP request from a "privacy-
+ // "sensitive" context, the user agent MUST send the value "null" in the
+ // "Origin header field."
+
+ // https://github.com/gorhill/uMatrix/issues/358
+ // Do not spoof `Origin` header for the time being.
+
+ // https://github.com/gorhill/uMatrix/issues/773
+ // For non-GET requests, remove `Referer` header instead of spoofing it.
+
+ headerIndex = headerIndexFromName('referer', requestHeaders);
+ if ( headerIndex !== -1 ) {
+ headerValue = requestHeaders[headerIndex].value;
+ if ( headerValue !== '' ) {
+ var toDomain = ηmuri.domainFromHostname(requestHostname);
+ if ( toDomain !== '' && toDomain !== ηmuri.domainFromURI(headerValue) ) {
+ pageStore.has3pReferrer = true;
+ if ( ηm.tMatrix.evaluateSwitchZ('referrer-spoof', rootHostname) ) {
+ modified = true;
+ var newValue;
+ if ( details.method === 'GET' ) {
+ newValue = requestHeaders[headerIndex].value =
+ requestScheme + '://' + requestHostname + '/';
+ } else {
+ requestHeaders.splice(headerIndex, 1);
+ }
+ ηm.refererHeaderFoiledCounter++;
+ if ( requestType === 'doc' ) {
+ ηm.logger.writeOne(tabId, 'net', '', headerValue, 'REFERER', true);
+ if ( newValue !== undefined ) {
+ ηm.logger.writeOne(tabId, 'net', '', newValue, 'REFERER', false);
+ }
}
}
}
}
}
- }
- if ( modified ) {
- return { requestHeaders: requestHeaders };
- }
-};
+ if ( modified ) {
+ return { requestHeaders: requestHeaders };
+ }
+ };
-/******************************************************************************/
+ /******************************************************************************/
-// To prevent inline javascript from being executed.
+ // To prevent inline javascript from being executed.
-// Prevent inline scripting using `Content-Security-Policy`:
-// https://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html
+ // Prevent inline scripting using `Content-Security-Policy`:
+ // https://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html
-// This fixes:
-// https://github.com/gorhill/httpswitchboard/issues/35
+ // This fixes:
+ // https://github.com/gorhill/httpswitchboard/issues/35
-var onHeadersReceived = function(details) {
- // Ignore schemes other than 'http...'
- var ηm = ηMatrix,
- tabId = details.tabId,
- requestURL = details.url,
- requestType = requestTypeNormalizer[details.type] || 'other';
+ var onHeadersReceived = function(details) {
+ // Ignore schemes other than 'http...'
+ var ηm = ηMatrix,
+ tabId = details.tabId,
+ requestURL = details.url,
+ requestType = requestTypeNormalizer[details.type] || 'other';
- // https://github.com/gorhill/uMatrix/issues/145
- // Check if the main_frame is a download
- if ( requestType === 'doc' ) {
- ηm.tabContextManager.push(tabId, requestURL);
- }
-
- var tabContext = ηm.tabContextManager.lookup(tabId);
- if ( tabContext === null ) { return; }
-
- var csp = [],
- cspReport = [],
- rootHostname = tabContext.rootHostname,
- requestHostname = ηm.URI.hostnameFromURI(requestURL);
-
- // Inline script tags.
- if ( ηm.mustAllow(rootHostname, requestHostname, 'script' ) !== true ) {
- csp.push(ηm.cspNoInlineScript);
- }
-
- // Inline style tags.
- if ( ηm.mustAllow(rootHostname, requestHostname, 'css' ) !== true ) {
- csp.push(ηm.cspNoInlineStyle);
- }
-
- // https://bugzilla.mozilla.org/show_bug.cgi?id=1302667
- var cspNoWorker = ηm.cspNoWorker;
- if ( cspNoWorker === undefined ) {
- cspNoWorker = cspNoWorkerInit();
- }
-
- if ( ηm.tMatrix.evaluateSwitchZ('no-workers', rootHostname) ) {
- csp.push(cspNoWorker);
- } else if ( ηm.rawSettings.disableCSPReportInjection === false ) {
- cspReport.push(cspNoWorker);
- }
-
- var headers = details.responseHeaders,
- cspDirectives, i;
-
- if ( csp.length !== 0 ) {
- cspDirectives = csp.join(',');
- i = headerIndexFromName('content-security-policy', headers);
- if ( i !== -1 ) {
- headers[i].value += ',' + cspDirectives;
- } else {
- headers.push({
- name: 'Content-Security-Policy',
- value: cspDirectives
- });
- }
+ // https://github.com/gorhill/uMatrix/issues/145
+ // Check if the main_frame is a download
if ( requestType === 'doc' ) {
- ηm.logger.writeOne(tabId, 'net', '', cspDirectives, 'CSP', false);
- }
- }
-
- if ( cspReport.length !== 0 ) {
- cspDirectives = cspReport.join(',');
- i = headerIndexFromName('content-security-policy-report-only', headers);
- if ( i !== -1 ) {
- headers[i].value += ',' + cspDirectives;
- } else {
- headers.push({
- name: 'Content-Security-Policy-Report-Only',
- value: cspDirectives
- });
+ ηm.tabContextManager.push(tabId, requestURL);
}
- }
-
- return { responseHeaders: headers };
-};
-/******************************************************************************/
-
-var cspNoWorkerInit = function() {
- if (ηMatrix.cspNoWorker === undefined) {
- ηMatrix.cspNoWorker = "worker-src 'none'; "
- +"frame-src data: blob: *; "
- +"report-uri about:blank";
- }
-
- return ηMatrix.cspNoWorker;
-};
+ var tabContext = ηm.tabContextManager.lookup(tabId);
+ if ( tabContext === null ) { return; }
-/******************************************************************************/
+ var csp = [],
+ cspReport = [],
+ rootHostname = tabContext.rootHostname,
+ requestHostname = ηm.URI.hostnameFromURI(requestURL);
-// Caller must ensure headerName is normalized to lower case.
+ // Inline script tags.
+ if ( ηm.mustAllow(rootHostname, requestHostname, 'script' ) !== true ) {
+ csp.push(ηm.cspNoInlineScript);
+ }
-var headerIndexFromName = function(headerName, headers) {
- var i = headers.length;
- while ( i-- ) {
- if ( headers[i].name.toLowerCase() === headerName ) {
- return i;
+ // Inline style tags.
+ if ( ηm.mustAllow(rootHostname, requestHostname, 'css' ) !== true ) {
+ csp.push(ηm.cspNoInlineStyle);
}
- }
- return -1;
-};
-/******************************************************************************/
+ // https://bugzilla.mozilla.org/show_bug.cgi?id=1302667
+ var cspNoWorker = ηm.cspNoWorker;
+ if ( cspNoWorker === undefined ) {
+ cspNoWorker = cspNoWorkerInit();
+ }
-var requestTypeNormalizer = {
- 'font' : 'css',
- 'image' : 'image',
- 'imageset' : 'image',
- 'main_frame' : 'doc',
- 'media' : 'media',
- 'object' : 'media',
- 'other' : 'other',
- 'script' : 'script',
- 'stylesheet' : 'css',
- 'sub_frame' : 'frame',
- 'websocket' : 'xhr',
- 'xmlhttprequest': 'xhr'
-};
+ if ( ηm.tMatrix.evaluateSwitchZ('no-workers', rootHostname) ) {
+ csp.push(cspNoWorker);
+ } else if ( ηm.rawSettings.disableCSPReportInjection === false ) {
+ cspReport.push(cspNoWorker);
+ }
-/******************************************************************************/
+ var headers = details.responseHeaders,
+ cspDirectives, i;
+
+ if ( csp.length !== 0 ) {
+ cspDirectives = csp.join(',');
+ i = headerIndexFromName('content-security-policy', headers);
+ if ( i !== -1 ) {
+ headers[i].value += ',' + cspDirectives;
+ } else {
+ headers.push({
+ name: 'Content-Security-Policy',
+ value: cspDirectives
+ });
+ }
+ if ( requestType === 'doc' ) {
+ ηm.logger.writeOne(tabId, 'net', '', cspDirectives, 'CSP', false);
+ }
+ }
-vAPI.net.onBeforeRequest = {
- extra: [ 'blocking' ],
- callback: onBeforeRequestHandler
-};
+ if ( cspReport.length !== 0 ) {
+ cspDirectives = cspReport.join(',');
+ i = headerIndexFromName('content-security-policy-report-only', headers);
+ if ( i !== -1 ) {
+ headers[i].value += ',' + cspDirectives;
+ } else {
+ headers.push({
+ name: 'Content-Security-Policy-Report-Only',
+ value: cspDirectives
+ });
+ }
+ }
-vAPI.net.onBeforeSendHeaders = {
- extra: [ 'blocking', 'requestHeaders' ],
- callback: onBeforeSendHeadersHandler
-};
+ return { responseHeaders: headers };
+ };
-vAPI.net.onHeadersReceived = {
- urls: [ 'http://*/*', 'https://*/*' ],
- types: [ 'main_frame', 'sub_frame' ],
- extra: [ 'blocking', 'responseHeaders' ],
- callback: onHeadersReceived
-};
+ /******************************************************************************/
-/******************************************************************************/
+ var cspNoWorkerInit = function() {
+ if (ηMatrix.cspNoWorker === undefined) {
+ ηMatrix.cspNoWorker = "worker-src 'none'; "
+ +"frame-src data: blob: *; "
+ +"report-uri about:blank";
+ }
-var start = function() {
- vAPI.net.registerListeners();
-};
+ return ηMatrix.cspNoWorker;
+ };
-/******************************************************************************/
+ /******************************************************************************/
-return {
- start: start
-};
+ // Caller must ensure headerName is normalized to lower case.
-/******************************************************************************/
+ var headerIndexFromName = function(headerName, headers) {
+ var i = headers.length;
+ while ( i-- ) {
+ if ( headers[i].name.toLowerCase() === headerName ) {
+ return i;
+ }
+ }
+ return -1;
+ };
+
+ /******************************************************************************/
+
+ var requestTypeNormalizer = {
+ 'font' : 'css',
+ 'image' : 'image',
+ 'imageset' : 'image',
+ 'main_frame' : 'doc',
+ 'media' : 'media',
+ 'object' : 'media',
+ 'other' : 'other',
+ 'script' : 'script',
+ 'stylesheet' : 'css',
+ 'sub_frame' : 'frame',
+ 'websocket' : 'xhr',
+ 'xmlhttprequest': 'xhr'
+ };
+
+ /******************************************************************************/
+
+ vAPI.net.onBeforeRequest = {
+ extra: [ 'blocking' ],
+ callback: onBeforeRequestHandler
+ };
+
+ vAPI.net.onBeforeSendHeaders = {
+ extra: [ 'blocking', 'requestHeaders' ],
+ callback: onBeforeSendHeadersHandler
+ };
+
+ vAPI.net.onHeadersReceived = {
+ urls: [ 'http://*/*', 'https://*/*' ],
+ types: [ 'main_frame', 'sub_frame' ],
+ extra: [ 'blocking', 'responseHeaders' ],
+ callback: onHeadersReceived
+ };
+
+ /******************************************************************************/
+
+ var start = function() {
+ vAPI.net.registerListeners();
+ };
+
+ /******************************************************************************/
+
+ return {
+ start: start
+ };
+
+ /******************************************************************************/
})();
/******************************************************************************/
-
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-07 11:00:51 +0000