Revision 53837634
Added by koszko about 2 years ago
content/main.js | ||
---|---|---|
10 | 10 |
* IMPORTS_START |
11 | 11 |
* IMPORT handle_page_actions |
12 | 12 |
* IMPORT extract_signed |
13 |
* IMPORT sign_data |
|
13 | 14 |
* IMPORT gen_nonce |
14 | 15 |
* IMPORT is_privileged_url |
15 | 16 |
* IMPORT mozilla_suppress_scripts |
... | ... | |
31 | 32 |
parent.hachette_corresponding.appendChild(clone); |
32 | 33 |
} |
33 | 34 |
|
34 |
if (!is_privileged_url(document.URL)) { |
|
35 |
/* Signature valid for half an hour. */ |
|
36 |
const min_time = new Date().getTime() - 1800 * 1000; |
|
35 |
function extract_cookie_policy(cookie, min_time) |
|
36 |
{ |
|
37 | 37 |
let best_result = {time: -1}; |
38 | 38 |
let policy = null; |
39 | 39 |
const extracted_signatures = []; |
40 |
for (const match of document.cookie.matchAll(/hachette-(\w*)=([^;]*)/g)) { |
|
40 |
|
|
41 |
for (const match of cookie.matchAll(/hachette-(\w*)=([^;]*)/g)) { |
|
41 | 42 |
const new_result = extract_signed(...match.slice(1, 3)); |
42 | 43 |
if (new_result.fail) |
43 | 44 |
continue; |
... | ... | |
56 | 57 |
policy = new_policy; |
57 | 58 |
} |
58 | 59 |
|
60 |
return [policy, extracted_signatures]; |
|
61 |
} |
|
62 |
|
|
63 |
function extract_url_policy(url, min_time) |
|
64 |
{ |
|
65 |
const [base_url, payload, anchor] = |
|
66 |
/^([^#]*)#?([^#]*)(#?.*)$/.exec(url).splice(1, 4); |
|
67 |
|
|
68 |
const match = /^hachette_([^_]+)_(.*)$/.exec(payload); |
|
69 |
if (!match) |
|
70 |
return [null, url]; |
|
71 |
|
|
72 |
const result = extract_signed(...match.slice(1, 3)); |
|
73 |
if (result.fail) |
|
74 |
return [null, url]; |
|
75 |
|
|
76 |
const original_url = base_url + anchor; |
|
77 |
const policy = result.time < min_time ? null : |
|
78 |
JSON.parse(decodeURIComponent(result.data)); |
|
79 |
|
|
80 |
return [policy.url === original_url ? policy : null, original_url]; |
|
81 |
} |
|
82 |
|
|
83 |
function employ_nonhttp_policy(policy) |
|
84 |
{ |
|
85 |
if (!policy.allow) |
|
86 |
return; |
|
87 |
|
|
88 |
policy.nonce = gen_nonce(); |
|
89 |
const [base_url, target] = /^([^#]*)(#?.*)$/.exec(policy.url).slice(1, 3); |
|
90 |
const encoded_policy = encodeURIComponent(JSON.stringify(policy)); |
|
91 |
const payload = "hachette_" + |
|
92 |
sign_data(encoded_policy, new Date().getTime()).join("_"); |
|
93 |
const resulting_url = `${base_url}#${payload}${target}`; |
|
94 |
location.href = resulting_url; |
|
95 |
location.reload(); |
|
96 |
} |
|
97 |
|
|
98 |
if (!is_privileged_url(document.URL)) { |
|
99 |
let policy_received_callback = () => undefined; |
|
100 |
let policy; |
|
101 |
|
|
102 |
/* Signature valid for half an hour. */ |
|
103 |
const min_time = new Date().getTime() - 1800 * 1000; |
|
104 |
|
|
105 |
if (/^https?:/.test(document.URL)) { |
|
106 |
let signatures; |
|
107 |
[policy, signatures] = extract_cookie_policy(document.cookie, min_time); |
|
108 |
for (const signature of signatures) |
|
109 |
document.cookie = `hachette-${signature}=; Max-Age=-1;`; |
|
110 |
} else { |
|
111 |
const scheme = /^([^:]*)/.exec(document.URL)[1]; |
|
112 |
const known_scheme = ["file"].includes(scheme); |
|
113 |
|
|
114 |
if (!known_scheme) |
|
115 |
console.warn(`Unknown url scheme: \`${scheme}'!`); |
|
116 |
|
|
117 |
let original_url; |
|
118 |
[policy, original_url] = extract_url_policy(document.URL, min_time); |
|
119 |
history.replaceState(null, "", original_url); |
|
120 |
|
|
121 |
if (known_scheme && !policy) |
|
122 |
policy_received_callback = employ_nonhttp_policy; |
|
123 |
} |
|
124 |
|
|
59 | 125 |
if (!policy) { |
60 |
console.warn("WARNING! Using default policy!!!");
|
|
126 |
console.warn("Using default policy!");
|
|
61 | 127 |
policy = {allow: false, nonce: gen_nonce()}; |
62 | 128 |
} |
63 | 129 |
|
64 |
for (const signature of extracted_signatures) |
|
65 |
document.cookie = `hachette-${signature}=; Max-Age=-1;`; |
|
66 |
|
|
67 |
handle_page_actions(policy.nonce); |
|
130 |
handle_page_actions(policy.nonce, policy_received_callback); |
|
68 | 131 |
|
69 | 132 |
if (!policy.allow) { |
133 |
if (is_mozilla) { |
|
134 |
const script = document.querySelector("script"); |
|
135 |
if (script) |
|
136 |
script.textContent = "throw 'blocked';\n" + script.textContent; |
|
137 |
} |
|
70 | 138 |
const old_html = document.documentElement; |
71 | 139 |
const new_html = document.createElement("html"); |
72 | 140 |
old_html.replaceWith(new_html); |
Also available in: Unified diff
enable whitelisting of `file://' protocol\n\nThis commit additionally also changes the semantics of triple asterisk wildcard in URL path.