summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorhackademix2018-09-09 15:00:08 +0200
committerhackademix2018-09-09 15:00:08 +0200
commit9b3b5e050376f2d9d4c8dd17eddce4df417f9ebc (patch)
treeb38c263170825d3639f291a4163308aab871e613 /src
parent1cfb3117efbe2f41494155719fec0ce16960790c (diff)
downloadnoscript-9b3b5e050376f2d9d4c8dd17eddce4df417f9ebc.tar.gz
noscript-9b3b5e050376f2d9d4c8dd17eddce4df417f9ebc.tar.xz
noscript-9b3b5e050376f2d9d4c8dd17eddce4df417f9ebc.zip
Prevent total breakages when policies accidentally map to invalid match patterns.
Diffstat (limited to 'src')
-rw-r--r--src/bg/ChildPolicies.js33
-rw-r--r--src/common/Policy.js2
2 files changed, 22 insertions, 13 deletions
diff --git a/src/bg/ChildPolicies.js b/src/bg/ChildPolicies.js
index e8608ad..d822f61 100644
--- a/src/bg/ChildPolicies.js
+++ b/src/bg/ChildPolicies.js
@@ -65,7 +65,9 @@
let protocolRx = /^(\w+):/i;
let pathRx = /(?:[^:/]\/|:\/{3})$/;
let portRx = /:\d+(?=\/|$)/;
- let validMatchPatternRx = /^(?:\*|(?:http|ws|ftp)s?|file):\/\/(?:\*\.)?(?:[\w\u0100-\uf000][\w\u0100-\uf000.-]*)?\/(\*|[^*]*)$/;
+ let validMatchPatternRx = /^(?:\*|(?:http|ws|ftp)s?|file):\/\/(?:\*|(?:\*\.)?[\w\u0100-\uf000][\w\u0100-\uf000.-]*)?\/(\*|[^*]*)$/;
+
+ let validMatchPattern = mp => validMatchPatternRx.test(mp);
let siteKey2MatchPattern = site => {
let hasProtocol = site.match(protocolRx);
@@ -75,10 +77,13 @@
if (!mp) return false;
} else {
let protocol = Sites.isSecureDomainKey(site) ? "https://" : "*://";
+ mp = `${protocol}*`;
let hostname = Sites.toggleSecureDomainKey(site, false).replace(portRx, '');
- if (!tld.preserveFQDNs) hostname = tld.normalize(hostname);
- mp = `${protocol}*.${hostname}`;
- if (!hostname.includes("/")) mp += "/";
+ if (hostname && hostname !== ".") {
+ if (!tld.preserveFQDNs) hostname = tld.normalize(hostname);
+ mp += hostname.startsWith(".") ? hostname : `.${hostname}`;
+ }
+ if (!(hostname && hostname.includes("/"))) mp += "/";
}
return validMatchPatternRx.test(mp) && (
@@ -87,14 +92,15 @@
let withFQDNs = patterns => {
return tld.preserveFQDNs ? patterns : patterns.concat(
- patterns.map(p => p.replace(/^(?:\w+|\*):\/\/[^/]*[^./]/, '$&.'))
- );
+ patterns.map(p => p.replace(/^(?:\w+|\*):\/\/[^/]*[^.*/]/, '$&.')
+ ).filter(validMatchPattern)
+ );
}
let siteKeys2MatchPatterns = keys =>
- keys && withFQDNs(flatten(keys.map(siteKey2MatchPattern))
- .filter(p => !!p))
- || [];
+ keys ? [... new Set(
+ withFQDNs(flatten(keys.map(siteKey2MatchPattern)).filter(p => !!p)))]
+ : [];
var ChildPolicies = {
async storeTabInfo(tabId, info) {
@@ -110,9 +116,9 @@
error(e);
}
},
- async update(policy, debug) {
- if (debug !== "undefined") Scripts.debug = debug;
-
+ async update(policy, tracing) {
+ if (tracing !== "undefined") Scripts.debug = tracing;
+ let t0 = Date.now();
await Scripts.init();
if (!policy.enforced) {
@@ -167,6 +173,9 @@
await Scripts.register(Scripts.buildPerms(perms), siteKeys2MatchPatterns(keys), excludeMap.get(perms));
}
await Scripts.register(Scripts.buildPerms(serialized.DEFAULT, true), allUrls);
+ if (tracing) {
+ debug("All the child policies registered in %sms", Date.now() - t0);
+ }
},
getForDocument(policy, url, context = null) {
diff --git a/src/common/Policy.js b/src/common/Policy.js
index ca3c04c..37bd164 100644
--- a/src/common/Policy.js
+++ b/src/common/Policy.js
@@ -116,7 +116,7 @@ var {Permissions, Policy, Sites} = (() => {
}
set(k, v) {
- if (!k || SKIP_RX.test(k)) return this;
+ if (!k || SKIP_RX.test(k) || k === "ยง:") return this;
let [,domain] = DOMAIN_RX.exec(k);
if (/[^\u0000-\u007f]/.test(domain)) {
k = k.replace(domain, punycode.toASCII(domain));