Project

General

Profile

Statistics
| Branch: | Tag: | Revision:

haketilo / background @ 4c6a2323

# Date Author Comment
4c6a2323 01/29/2022 12:04 AM koszko

make Haketilo buildable again (for Mozilla)

How cool it is to throw away 5755 lines of code...
5c58b3d6 01/27/2022 07:35 PM koszko

facilitate querying IndexedDB for script files of resource and its dependencies
9d825eaa 01/26/2022 10:13 PM koszko

add new root content script
7218849a 01/22/2022 01:49 PM koszko

add a mapping/resources installation dialog
046b8a7b 01/18/2022 07:28 PM koszko

facilitate caching repository responses in content scripts
17614206 01/18/2022 03:57 PM koszko

facilitate making CORS-agnostic requests through background script
07a883fe 01/15/2022 12:35 PM koszko

make blocking rules queryable in pattern tree just as mappings are
372d24ea 01/04/2022 09:15 AM koszko

fix license promise typo
280d3c42 01/03/2022 10:30 PM koszko

improve and test the dafult policy dialog

This commit also fixes some bugs that manifested themselves spuriously.
702eefd2 12/31/2021 02:23 PM koszko

utilize Pattern Tree to decide the policy to use and modify HTTP response headers according to that policy

This commit also enhances the build script so that preprocessor conditionals can now use operators '&&' and '||'.
The features being developed are not yet included in the actual Haketilo build....
01e977f9 12/27/2021 04:55 PM koszko

facilitate egistering dynamic content scripts with mappings data
b590eaa2 12/22/2021 04:39 PM koszko

reworked build system; added missing license notices
58fe4c7d 12/14/2021 10:06 PM koszko

facilitate broadcasting messages to different execution contexts within the webextension
3a90084e 12/08/2021 07:01 PM koszko

facilitate initialization of IndexedDB for use by Haketilo
44bb618a 12/03/2021 09:10 PM koszko

merge master (license notices) and koszko (v1.0 development)
463e6830 12/01/2021 02:03 PM koszko

facilitate testing javascript functions

Haketilo's .js files can now be loaded together with their dependencies and
executed on a page opened in a selenium-driven Firefox instance.
96068ada 11/20/2021 06:29 PM koszko

replace cookies with synchronous XmlHttpRequest as policy smuggling method.

Note: this breaks Mozilla port of Haketilo. Synchronous XmlHttpRequest doesn't work as well there. This will be fixed with dynamically-registered content scripts later.
263d03d5 10/30/2021 02:00 AM jahoti

Fix license notices on JS and SH files

Other files have been left, as no model notice is available
2bd35bc4 09/13/2021 04:56 PM koszko

rename the extension to "Haketilo"
5c75d744 09/10/2021 04:50 PM koszko

Make it impossible to check "Allow native scripts" for pages with payload.
44e89d8e 09/09/2021 06:50 PM koszko

simplify CSP handling

All page's CSP rules are now removed when a payload is to be injected. When there is no payload, CSP rules are not modified but only supplemented with Hachette's own.
e48e20de 09/04/2021 12:32 PM koszko

merge changes before version 0.1
03d041ce 09/03/2021 06:46 PM koszko

only apply stream filter modifications when reasonably necessary
6247f163 09/02/2021 06:35 PM koszko

enable toggling of global script blocking policy\n\nThis commit also introduces `light_storage' module which is later going to replace the storage code we use right now.\nAlso included is a hack to properly display scrollbars under Mozilla (needs testing on newer Mozilla browsers).
53891495 08/27/2021 02:54 PM koszko

put simplest, asynchronous local storage operations in a separate file
3303d7d7 08/26/2021 03:53 PM koszko

filter HTTP request headers to remove Hachette cookies in case they slip through
2875397f 08/26/2021 11:50 AM koszko

improve signing\n\nSignature timestamp is now handled in a saner way. Sha256 implementation is no longer pulled in contexts that don't require it.
6b53d6c8 08/23/2021 11:05 AM koszko

use StreamFilter under Mozilla to prevent csp tags from blocking our injected scripts
d09b7ee1 08/20/2021 12:57 PM koszko

sanitize `' tags containing CSP rules under Chromium

This commit adds a mechanism of hijacking document when it loads and injecting sanitized nodes to the DOM from the level of content script.
3d0efa15 08/18/2021 08:54 PM koszko

remove unneeded policy-related cosole messages; restore IceCat 60 compatibility
014f2a2f 08/18/2021 05:53 PM koszko

implement smuggling via cookies instead of URL
443bc095 08/14/2021 10:07 AM koszko

merge facility to install from Hydrilla
792fbe18 08/06/2021 05:17 PM koszko

Facilitate installation of scripts from the repository

This commit includes:

  • removal of page_info_server
  • running of storage client in popup context
  • extraction of some common CSS to a separate file
  • extraction of scripts import view to a separate file...
5957fbee 08/04/2021 10:01 PM koszko

make settings_query.js use storage object passed as an argument
5b419aed 08/02/2021 02:00 AM jahoti

[UNTESTED- will test] Add filtering for http-equiv CSP headers
25817b68 07/28/2021 02:00 AM jahoti

Rationalize CSP violation report blocking.

Report blocking now applies iff scripts are blocked.
5fcc9808 07/26/2021 12:10 PM koszko

code maintenance
97b8e30f 07/26/2021 11:09 AM jahoti

Squash more CSP-filtering bugs

On Firefox, original CSP headers are now smuggled (signed) in an x-orig-csp
header to prevent re-processing issues with caching. Additionally, a default
header is added for non-whitelisted domains in case there are no existing...
e402e036 07/26/2021 11:09 AM jahoti

Fix some bugs in the refined CSP handling
fba4820b 07/26/2021 11:09 AM jahoti

[UNTESTED- will test] Use more nuanced CSP filtering

CSP headers are now parsed and processed, rather than treated as simple
units. This allows us to ensure policies delivered as HTTP headers do not
interfere with our script filtering, as well as to preserve useful protections...
57e4ed2b 07/26/2021 11:09 AM jahoti

Remove unnecessary imports of url_item and add a CSP header-parsing function

The parsing function isn't used yet; however, it will eventually be as a less
destructive alternative to handling headers as indivisible units.
d42dadca 07/23/2021 05:32 PM koszko

extract observables implementation from storage.js
c483ae19 07/21/2021 10:00 PM koszko

add ability to query page content from repo and display it in the popup
5c685518 07/21/2021 05:42 PM koszko

store repository URLs in settings
fb9c808c 07/21/2021 05:40 PM koszko

remove unused variables
081739e7 07/20/2021 12:03 PM koszko

Merge rebranding to "Hachette"
9e26b71e 07/20/2021 11:19 AM koszko

fix page info server bugs
0c7c1ebd 07/20/2021 10:17 AM koszko

Merge commit 'ecb787046271de708b94da70240713e725299d86'
6b12a034 07/19/2021 02:00 AM jahoti

Refer to the extension consistently as "Hachette" and remove TODOS.org
from the copyright file
ecb78704 07/18/2021 02:00 AM jahoti

Streamline and harden unique values/settings

The base URL is now included in the settings. The unique value no longer uses
it directly, as it is included by virtue of the settings; however, the number
of full hours since the epoch (UTC) is now incorporated.
8b823e1a 07/17/2021 02:00 AM jahoti

Revamp signatures and break header caching on FF

Signatures, instead of consisting of the secure salt followed by the unique
value generated from the URL, are now the unique value generated from the
policy value (which will follow them) succeeded by the URL....
692577bb 07/16/2021 02:00 AM jahoti

Use URL-based policy smuggling

Increase the power of URL-based smuggling by making it (effectively)
compulsory in all cases and adapting a structure. While the details still need to be worked out, the
potential for future expansion is there.
1789f174 07/12/2021 02:22 PM koszko

merge jahoti into master
dcfc78b0 07/12/2021 02:00 AM jahoti

Stop using the nonce consistently for a URL

Nonces are now randomly generated, either in the page (for non-HTTP(S) pages)
or by a background module which stores them by tab and frame IDs. In order to
support the increased variance in nonce-generating methods and allow them to...
c86bdfcd 07/06/2021 06:27 PM koszko

Merge popup display
b7e2870f 07/06/2021 06:25 PM koszko

show some settings of the current page in the popup
2059fab6 07/04/2021 02:00 AM jahoti

Revamp default settings

Default settings are now provided in the same format as data exported from the
extension, incorporating them into the main program as part of the build
process. Also, modify their contents; the apparently non-functional FSF stuff
is gone, replaced with fixes for BandCamp, WorldCat, and SumOfUs.
12fd4fc3 06/30/2021 04:39 PM koszko

fix whitelisting under Firefox
cd5272ac 06/30/2021 02:13 PM koszko

refactor 3 miscellaneous fnctionalities to a their single own file
261548ff 06/30/2021 12:28 PM koszko

emply an sh-based build system; make some changes to blocking
b93f26bf 06/25/2021 11:48 AM koszko

gather all copyright info in 'copyright' file
c744eb0e 06/23/2021 03:38 AM jahoti

Fix storage initialization on Icecat 60

This patch fixes storage initialization on Gecko browsers by switching from
using a background page to using a list of scripts. It remains a mystery why
that should have any effect; the only hint is that browser.runtime.onInstalled...
7c44b46e 06/18/2021 11:46 AM Wojtek Kosior

remove unused source files
7ee7889a 06/18/2021 11:45 AM Wojtek Kosior

when possible inject CSP as http(s) header using webRequest instead of adding a tag
6bae771d 06/14/2021 05:13 PM Wojtek Kosior

change licenses
68d557db 05/14/2021 06:18 PM Wojtek Kosior

support wildcard urls in settings
57f32a26 05/13/2021 11:13 AM Wojtek Kosior

only allow a single injection payload for page, rely on script bags for complex payloads
f6a7f24e 05/12/2021 05:41 PM Wojtek Kosior

rename "bundles" to "bags"
55fb3e4b 05/12/2021 05:25 PM Wojtek Kosior

use unique hashes when smuggling whitelist setting
7f368d46 05/12/2021 04:00 PM Wojtek Kosior

stop using js modules
89db6823 05/12/2021 01:36 PM Wojtek Kosior

remove remnants of LibreJS
01937dc9 05/10/2021 06:18 PM Wojtek Kosior

initial commit