Project

General

Profile

Statistics
| Branch: | Tag: | Revision:

haketilo / common @ f8dedf60

# Date Author Comment
f8dedf60 06/10/2022 02:13 PM koszko

allow eval() in injected scripts

9bee4afa 06/01/2022 02:29 PM koszko

support schema v2 and dependencies on mappings

bbc9fae4 03/24/2022 08:43 PM koszko

serialize and deserialize entire Response object when relaying fetch() calls to other contexts using sendMessage

aa34ed46 03/11/2022 01:04 PM koszko

make the order of rules in generated CSP deterministic

This is purely to help with automated testing.

26459fb4 03/10/2022 11:43 AM koszko

treat "view-source:" pages as privileged

4970930c 03/04/2022 05:25 PM koszko

prepend all generated console messages with 'Haketilo:'

c8294257 03/04/2022 04:13 PM koszko

optimize Pattern Query Tree for size of its JSON.stringify()'ed representation

57ce414c 03/04/2022 04:13 PM koszko

validate repository responses against JSON schemas

  • compute_scripts.awk (include_file): don't enforce specific path format on #INCLUDE'd files
  • .gitmodules, schemas: add Haketilo JSON schemas subrepo
  • html/install.js (InstallView): import schema validator and run it against downloaded mapping and resource definitions...
17e66592 02/28/2022 04:01 PM koszko

change copyright notice of js-sha256 code to be exactly the same as in upstream's LICENSE.txt

  • common/sha256.js: removed email address from the copyright line
72553a2d 02/16/2022 10:12 AM koszko

assume and use "$schema" properties in item definitions

5ed09841 02/15/2022 02:22 PM koszko

fix loading initial data and verify it in automated tests

92fc67cf 02/15/2022 01:18 PM koszko

change store names and data keys to singular

cf838016 02/14/2022 06:49 PM koszko

restore chromium support

1c65dd5c 02/09/2022 06:00 PM koszko

adapt to changes in file path format

From now on we assume Hydrilla serves file contents at 'file/sha256/' instead of 'file/sha256-'.
With this commit we also stop using the "hash_key" property internally.

26e4800d 02/01/2022 08:22 AM koszko

more improvements for abrowser&librewolf

ad69f9c8 01/31/2022 06:06 PM koszko

add support for testing with other browsers (especially Abrowser and Librewolf)

There are still some spurious failures when running under those newer browsers. Those will be systematically investigated and fixed.

4c6a2323 01/29/2022 12:04 AM koszko

make Haketilo buildable again (for Mozilla)

How cool it is to throw away 5755 lines of code...

ea9df6c7 01/28/2022 03:18 PM koszko

update error reporting in popup

5c58b3d6 01/27/2022 07:35 PM koszko

facilitate querying IndexedDB for script files of resource and its dependencies

9d825eaa 01/26/2022 10:13 PM koszko

add new root content script

b75a5717 01/25/2022 09:37 AM koszko

add a repo querying HTML interface

7218849a 01/22/2022 01:49 PM koszko

add a mapping/resources installation dialog

07a883fe 01/15/2022 12:35 PM koszko

make blocking rules queryable in pattern tree just as mappings are

299864ee 01/13/2022 04:47 PM koszko

facilitate managing script blocking with a list of edtable entries

5acb2499 01/13/2022 10:15 AM koszko

facilitate managing repository URLs in a list; minor other changes

19304cd1 01/10/2022 11:38 PM koszko

improve item list styling; add payload creation form; exend dialog mechanism

448820a1 01/08/2022 02:48 PM koszko

work on UI components

This commit introduces some HTML and javascript (and tests for it) to use in constructing the new UI. This is partial work that is not yet finished.

372d24ea 01/04/2022 09:15 AM koszko

fix license promise typo

0feb9db2 01/03/2022 12:11 PM koszko

add "blocking" and "repos" object stores

702eefd2 12/31/2021 02:23 PM koszko

utilize Pattern Tree to decide the policy to use and modify HTTP response headers according to that policy

This commit also enhances the build script so that preprocessor conditionals can now use operators '&&' and '||'.
The features being developed are not yet included in the actual Haketilo build....

01e977f9 12/27/2021 04:55 PM koszko

facilitate egistering dynamic content scripts with mappings data

b590eaa2 12/22/2021 04:39 PM koszko

reworked build system; added missing license notices

b7378a99 12/16/2021 02:37 PM koszko

facilitate tracking of IndexedDB item store contents

9a7623de 12/15/2021 01:33 PM koszko

facilitate mocking imported values

58fe4c7d 12/14/2021 10:06 PM koszko

facilitate broadcasting messages to different execution contexts within the webextension

79446ca5 12/13/2021 09:09 PM koszko

add is_object_empty utility function

1e4ce148 12/10/2021 07:14 PM koszko

improve IndexedDB use

3a90084e 12/08/2021 07:01 PM koszko

facilitate initialization of IndexedDB for use by Haketilo

e1282a63 12/04/2021 07:31 PM koszko

finish implementing more efficient querying of URL patterns

The algorithm is implemented and tested. However, it is yet to be hooked into the actual extension.

44bb618a 12/03/2021 09:10 PM koszko

merge master (license notices) and koszko (v1.0 development)

5c583de8 12/03/2021 08:49 PM koszko

start implementing more efficient querying of URL patterns

93dd7360 12/01/2021 09:06 PM koszko

improve unit testing approach

Unit tests were moved to their own subdirectory.
Fixtures common to many unit tests were moved to test/unit/conftest.py.
A facility to execute scripts in page's global scope was added.
A workaround was employed to present information about errors in injected scripts....

6106c789 11/30/2021 07:32 PM koszko

rewrite parts of build script in awk

96068ada 11/20/2021 06:29 PM koszko

replace cookies with synchronous XmlHttpRequest as policy smuggling method.

Note: this breaks Mozilla port of Haketilo. Synchronous XmlHttpRequest doesn't work as well there. This will be fixed with dynamically-registered content scripts later.

263d03d5 10/30/2021 02:00 AM jahoti

Fix license notices on JS and SH files

Other files have been left, as no model notice is available

2bd35bc4 09/13/2021 04:56 PM koszko

rename the extension to "Haketilo"

72cbfa74 09/10/2021 04:18 PM koszko

limit allowed pattern lengths

44e89d8e 09/09/2021 06:50 PM koszko

simplify CSP handling

All page's CSP rules are now removed when a payload is to be injected. When there is no payload, CSP rules are not modified but only supplemented with Hachette's own.

e2d26bad 09/08/2021 07:55 PM koszko

Fix sanitizing of non-HTML XMLDocument's

ed08ef1a 09/06/2021 04:45 PM koszko

generate Chromium unique key automatically in `build.sh'

e48e20de 09/04/2021 12:32 PM koszko

merge changes before version 0.1

44958e6a 09/02/2021 09:33 PM koszko

implement rethinked tags sanitizing approach

This has not been tested yet. Additionally, functionality for blocking of `data:' urls needs to be re-enabled.

6247f163 09/02/2021 06:35 PM koszko

enable toggling of global script blocking policy\n\nThis commit also introduces `light_storage' module which is later going to replace the storage code we use right now.\nAlso included is a hack to properly display scrollbars under Mozilla (needs testing on newer Mozilla browsers).

53891495 08/27/2021 02:54 PM koszko

put simplest, asynchronous local storage operations in a separate file

48f76d70 08/27/2021 10:52 AM koszko

add support for `ftp://' protocol

53837634 08/27/2021 10:01 AM koszko

enable whitelisting of `file://' protocol\n\nThis commit additionally also changes the semantics of triple asterisk wildcard in URL path.

2875397f 08/26/2021 11:50 AM koszko

improve signing\n\nSignature timestamp is now handled in a saner way. Sha256 implementation is no longer pulled in contexts that don't require it.

d09b7ee1 08/20/2021 12:57 PM koszko

sanitize `' tags containing CSP rules under Chromium

This commit adds a mechanism of hijacking document when it loads and injecting sanitized nodes to the DOM from the level of content script.

3d0efa15 08/18/2021 08:54 PM koszko

remove unneeded policy-related cosole messages; restore IceCat 60 compatibility

014f2a2f 08/18/2021 05:53 PM koszko

implement smuggling via cookies instead of URL

443bc095 08/14/2021 10:07 AM koszko

merge facility to install from Hydrilla

ae1844f9 08/14/2021 09:54 AM koszko

merge csp-PoC

792fbe18 08/06/2021 05:17 PM koszko

Facilitate installation of scripts from the repository

This commit includes:

  • removal of page_info_server
  • running of storage client in popup context
  • extraction of some common CSS to a separate file
  • extraction of scripts import view to a separate file...
5957fbee 08/04/2021 10:01 PM koszko

make settings_query.js use storage object passed as an argument

5b419aed 08/02/2021 02:00 AM jahoti

[UNTESTED- will test] Add filtering for http-equiv CSP headers

2fa41a54 07/27/2021 11:41 AM koszko

validate settings on import

64afd5b9 07/26/2021 01:37 PM koszko

provide a facility to sanitize externally-obtained JSON

e402e036 07/26/2021 11:09 AM jahoti

Fix some bugs in the refined CSP handling

57e4ed2b 07/26/2021 11:09 AM jahoti

Remove unnecessary imports of url_item and add a CSP header-parsing function

The parsing function isn't used yet; however, it will eventually be as a less
destructive alternative to handling headers as indivisible units.

d42dadca 07/23/2021 05:32 PM koszko

extract observables implementation from storage.js

c483ae19 07/21/2021 10:00 PM koszko

add ability to query page content from repo and display it in the popup

5c685518 07/21/2021 05:42 PM koszko

store repository URLs in settings

081739e7 07/20/2021 12:03 PM koszko

Merge rebranding to "Hachette"

9e26b71e 07/20/2021 11:19 AM koszko

fix page info server bugs

0c7c1ebd 07/20/2021 10:17 AM koszko

Merge commit 'ecb787046271de708b94da70240713e725299d86'

6b12a034 07/19/2021 02:00 AM jahoti

Refer to the extension consistently as "Hachette" and remove TODOS.org
from the copyright file

ecb78704 07/18/2021 02:00 AM jahoti

Streamline and harden unique values/settings

The base URL is now included in the settings. The unique value no longer uses
it directly, as it is included by virtue of the settings; however, the number
of full hours since the epoch (UTC) is now incorporated.

8b823e1a 07/17/2021 02:00 AM jahoti

Revamp signatures and break header caching on FF

Signatures, instead of consisting of the secure salt followed by the unique
value generated from the URL, are now the unique value generated from the
policy value (which will follow them) succeeded by the URL....

692577bb 07/16/2021 02:00 AM jahoti

Use URL-based policy smuggling

Increase the power of URL-based smuggling by making it (effectively)
compulsory in all cases and adapting a structure. While the details still need to be worked out, the
potential for future expansion is there.

dcfc78b0 07/12/2021 02:00 AM jahoti

Stop using the nonce consistently for a URL

Nonces are now randomly generated, either in the page (for non-HTTP(S) pages)
or by a background module which stores them by tab and frame IDs. In order to
support the increased variance in nonce-generating methods and allow them to...

229e86f6 07/11/2021 02:00 AM jahoti

Integrate browser.js into exports_init.js, and streamline the result

b7e2870f 07/06/2021 06:25 PM koszko

show some settings of the current page in the popup

8708ddd3 07/02/2021 11:54 AM koszko

move parsing of url with targets to misc.js

cd5272ac 06/30/2021 02:13 PM koszko

refactor 3 miscellaneous fnctionalities to a their single own file

261548ff 06/30/2021 12:28 PM koszko

emply an sh-based build system; make some changes to blocking

b93f26bf 06/25/2021 11:48 AM koszko

gather all copyright info in 'copyright' file

6bae771d 06/14/2021 05:13 PM Wojtek Kosior

change licenses

31fa27e8 05/13/2021 12:40 PM Wojtek Kosior

make extension work under IceCat 60

f6a7f24e 05/12/2021 05:41 PM Wojtek Kosior

rename "bundles" to "bags"

55fb3e4b 05/12/2021 05:25 PM Wojtek Kosior

use unique hashes when smuggling whitelist setting

7f368d46 05/12/2021 04:00 PM Wojtek Kosior

stop using js modules

01937dc9 05/10/2021 06:18 PM Wojtek Kosior

initial commit