Haketilo

/**

 * This file is part of Haketilo.

 *

 * Function: Main background script.

 *

 * Copyright (C) 2021 Wojtek Kosior

 *

 * This program is free software: you can redistribute it and/or modify

 * it under the terms of the GNU General Public License as published by

 * the Free Software Foundation, either version 3 of the License, or

 * (at your option) any later version.

 *

 * This program is distributed in the hope that it will be useful,

 * but WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 * GNU General Public License for more details.

 *

 * As additional permission under GNU GPL version 3 section 7, you

 * may distribute forms of that code without the copy of the GNU

 * GPL normally required by section 4, provided you include this

 * license notice and, in case of non-source distribution, a URL

 * through which recipients can access the Corresponding Source.

 * If you modify file(s) with this exception, you may extend this

 * exception to your version of the file(s), but you are not

 * obligated to do so. If you do not wish to do so, delete this

 * exception statement from your version.

 *

 * As a special exception to the GPL, any HTML file which merely

 * makes function calls to this code, and for that purpose

 * includes it by reference shall be deemed a separate work for

 * copyright law purposes. If you modify this code, you may extend

 * this exception to your version of the code, but you are not

 * obligated to do so. If you do not wish to do so, delete this

 * exception statement from your version.

 *

 * You should have received a copy of the GNU General Public License

 * along with this program.  If not, see <https://www.gnu.org/licenses/>.

 *

 * I, Wojtek Kosior, thereby promise not to sue for violation of this file's

 * license. Although I request that you do not make use this code in a

 * proprietary program, I am not going to enforce this in court.

 */

/*

 * IMPORTS_START

 * IMPORT TYPE_PREFIX

 * IMPORT get_storage

 * IMPORT light_storage

 * IMPORT start_storage_server

 * IMPORT start_page_actions_server

 * IMPORT browser

 * IMPORT is_privileged_url

 * IMPORT query_best

 * IMPORT gen_nonce

 * IMPORT inject_csp_headers

 * IMPORT apply_stream_filter

 * IMPORT filter_cookie_headers

 * IMPORT is_chrome

 * IMPORTS_END

 */

start_storage_server();

start_page_actions_server();

async function init_ext(install_details)

{

    if (install_details.reason != "install")

	return;

    let storage = await get_storage();

    await storage.clear();

    /*

     * Below we add sample settings to the extension.

     */

    for (let setting of // The next line is replaced with the contents of /default_settings.json by the build script

        `DEFAULT SETTINGS`

    ) {

	let [key, value] = Object.entries(setting)[0];

	storage.set(key[0], key.substring(1), value);

    }

}

browser.runtime.onInstalled.addListener(init_ext);

let storage;

let policy_observable = {};

function on_headers_received(details)

{

    const url = details.url;

    if (is_privileged_url(details.url))

	return;

    const [pattern, settings] = query_best(storage, details.url);

    const has_payload = !!(settings && settings.components);

    const allow = !has_payload &&

	  !!(settings ? settings.allow : policy_observable.value);

    const nonce = gen_nonce();

    const policy = {allow, url, nonce, has_payload};

    let headers = details.responseHeaders;

    let skip = false;

    for (const header of headers) {

	if ((header.name.toLowerCase().trim() === "content-disposition" &&

	     /^\s*attachment\s*(;.*)$/i.test(header.value)))

	    skip = true;

    }

    headers = inject_csp_headers(headers, policy);

    skip = skip || (details.statusCode >= 300 && details.statusCode < 400);

    if (!skip) {

	/* Check for API availability. */

	if (browser.webRequest.filterResponseData)

	    headers = apply_stream_filter(details, headers, policy);

    }

    return {responseHeaders: headers};

}

function on_before_send_headers(details)

{

    let headers = details.requestHeaders;

    headers = filter_cookie_headers(headers);

    return {requestHeaders: headers};

}

const all_types = [

    "main_frame", "sub_frame", "stylesheet", "script", "image", "font",

    "object", "xmlhttprequest", "ping", "csp_report", "media", "websocket",

    "other", "main_frame", "sub_frame"

];

async function start_webRequest_operations()

{

    storage = await get_storage();

    const extra_opts = ["blocking"];

    if (is_chrome)

	extra_opts.push("extraHeaders");

    browser.webRequest.onHeadersReceived.addListener(

	on_headers_received,

	{urls: ["<all_urls>"], types: ["main_frame", "sub_frame"]},

	extra_opts.concat("responseHeaders")

    );

    browser.webRequest.onBeforeSendHeaders.addListener(

	on_before_send_headers,

	{urls: ["<all_urls>"], types: all_types},

	extra_opts.concat("requestHeaders")

    );

    policy_observable = await light_storage.observe_var("default_allow");

}

start_webRequest_operations();