search

RequestPolicyContinued / requestpolicy

a web browser extension that gives you control over cross-site requests. Available for XUL/XPCOM-based browsers.
https://github.com/RequestPolicyContinued/requestpolicy/wiki
Other
252 stars 35 forks source link

Updating makexpi.sh, firefox.dev.sh #829

Closed metadings closed 7 years ago

metadings commented 7 years ago

I want to suggest you a new makexpi.sh and a firefox.dev.sh.

The makexpi.sh is creating the AddOn, by adding 1 to install.rdf em:version, and running preprocess.

The firefox.dev.sh is running firefox, with no-remote and using a profile in firefox/dev. If you run this the first time, a folder ./firefox/dev is created; you have to go to about:config and set xpinstall.signatures.required to false, and extensions.getAddons.cache.enabled to false.

Now you go to about:addons and use drag'n'drop to install the AddOn. You do this on every change. (You also may delete the folder ./firefox/dev sometimes.) If you want to do this on the command line, you may do ./firefox.dev.sh RequestPolicy-7~pre.xpi.

Then you may want to see what the browser console says, you just need to open Menu > Developer > Browser Console.

metadings commented 7 years ago

Look: I don't want to remove the makefile, if you don't believe in bash files...

However, I believe I want to make your AddOn to be e10s compatible, by adding an embedded WebExension to the bootstrapped AddOn.

I am doing so already, look at this quick try:

\src\manifest.json

{
    "manifest_version": 2,
    "name": "RequestPolicyContinued",
    "version": "2.0.122",

    "permissions": [
        "webRequest", "webRequestBlocking"
    ],

    "background": {
        "scripts": [ "requestPolicy.bg.js" ]
    },

    "content_scripts": [ {
        "all_frames": true,
        "matches": [ "<all_urls>" ],
        "css": [ "requestPolicy.css" ],
        "js": [ "domLoadingComplete.js" ],
        "run_at": "document_start"
    }, {
        "all_frames": true,
        "matches": [ "<all_urls>" ],
        "js": [ "domLoadingComplete.js" ],
        "run_at": "document_end"
    } ],

    "applications": {
        "gecko": {
            "id": "requestpolicy@example.com"
        }
    }
}

\src\requestPolicy.bg.js

function splitDomainNames(reqDomain) {
    var requestedDNs = [];
    var reqDomain_split = reqDomain.split('.');
    // => [ 'www', 'tagesschau', 'de' ]
    for (let i = 0; i < reqDomain_split.length - 1; ++i) {

        /* concat to [
            "www.tageschau.de",
            "tagesschau.de"
        ] */
        let domain_split = reqDomain_split.slice(i);
        let domain = domain_split.join('.');
        requestedDNs.push(domain);
    }
    return requestedDNs;
}

function beforeRequest(request) {
    if (!request || !request.url) return;

    let response = { cancel: false };

    let requestString = request.type + ":" + "\t" + request.method + " " + request.url;

    if (request.url.startsWith("moz-nullprincipal:") || request.type == "main_frame") {
        // Do let the "main_frame" Do everything
        if (console) {
//          console.log(request);
            console.log(requestString);
        }
        return response;
    }

    let aMainFrame = document.createElement('a'), aSubFrame;
    if (request.originUrl) {
        aMainFrame.href = request.originUrl;
        aSubFrame = document.createElement('a');
        aSubFrame.href = request.url;
    }
    else {
        aMainFrame.href = request.url;
    }

    if (aSubFrame) {
        requestString += "\n\torigin: " + request.originUrl;
    }

    if (request.url.startsWith("about:")
        || request.url.startsWith("chrome:")
        || request.url.startsWith("resources:")
    ) {
        if (console) {
//          console.log(request);
            console.log(requestString);
        }
        return response;
    }

    // Now just allow, if it is "Allow *.domain.de to *.domain.static.de"
    response.cancel = true;

    var isEndingOnDNs = false;
    var requestedDNs = splitDomainNames(aMainFrame.hostname);

    if (requestedDNs.length < 1) return response;
    for (let i = requestedDNs.length; i > -1; --i) {

        if (!aSubFrame ) {
            if (aMainFrame.hostname.endsWith(requestedDNs[i])) {
                isEndingOnDNs = true;
                break;
            }
        }
        else {
            if (aSubFrame.hostname.endsWith(requestedDNs[i])) {
                isEndingOnDNs = true;
                break;
            }
        }
    }

    var disableImages = false;
    var disableScripts = true;

    switch (request.type) {

        case "image":
            response.cancel = !isEndingOnDNs || disableImages;
            break;

        case "stylesheet":
//      case "font":
        case "sub_frame":
            response.cancel = !isEndingOnDNs;
            break;

        case "script":
        case "xmlhttprequest":
//      case "websocket":

            response.cancel = !isEndingOnDNs || disableScripts;
            break;
    } /**/
    if (console && !response.cancel) {
//      console.log(request);
        console.log(requestString);
    }
    return response;
}

browser.webRequest.onBeforeRequest.addListener(
    beforeRequest, { urls: [ "<all_urls>" ] }, [ "blocking" ]
);

\src\domLoadingComplete.js

var scriptTagsLive = document.getElementsByTagName("script");
window.setTimeout(function removeScriptTags () {

    var scriptTags = Array.prototype.slice.call(scriptTagsLive);
    for (var i = 0; i < scriptTags.length; ++i) {
        var item = scriptTags[i];

        item.parentNode.removeChild(item);
    } /**/

}, 50);

var noscriptTagsLive = document.getElementsByTagName("noscript");
window.setTimeout(function replaceNoScriptTags () {

    var noscriptTags = Array.prototype.slice.call(noscriptTagsLive);
    for (var i = 0; i < noscriptTags.length; ++i) {
        var item = noscriptTags[i];

        var newItem = document.createElement("span");
        newItem.setAttribute("class", "noscript");
        newItem.innerHTML = item.innerHTML;

        item.parentNode.replaceChild(newItem, item);
    }

}, 50);

\src\requestPolicy.css

.noscript, .noscript * { display: none; }

I just need now to study your menu, the policy and the subscription files.

What do you say?

metadings commented 7 years ago

I thought you wanted to make new versions of RequestPolicy and you made a beta, 2 years ago. Now 2 weeks are over... Don't you want to say something?

myrdd commented 7 years ago

Hi, I'm sorry for this late and short answer, for the time being I'm very occupied by the final weeks of my master studies. It's great to see you being working on RP, and yes, we need to convert RP to a WebExtension. Since my studies still last several weeks, I can only to suggest you to work how you prefer to (bash scripts etc), and I'd be glad to be working together with you as soon as I've got more time. I know the deadline for WebExtensions is mid of november, so I'd like to get this conversion done by then.

Regarding Make vs Bash: I'm absolutely no fan of Make, makefiles have many problems, but it worked for me so far. The whole point about make run is that it uses mozrunner, which has options like --preferences to pass a preferences file (https://github.com/RequestPolicyContinued/requestpolicy/blob/dev-1.0/tests/mozrunner-prefs.ini). Every time you call mozrunner, a fresh profile will be created. You can put your settings like extensions.getAddons.cache.enabled into the mozrunner-prefs.ini file. Again, I'm not a fan of Make, so if you like bash scripts, go for it.

By the way, I also use Extension Auto Installer to automatically update a running browser's xpi, see https://addons.mozilla.org/de/firefox/addon/autoinstaller/.

metadings commented 7 years ago

Ya, I already thought that you just didn't login to github :-)

I'm not a student, I'm freelancer. May I ask you what you're studying? I believe it's Informatik ("computer science") so what's your preference? I'm asking because I've met some Wirtschaftsinformatiker (economics in computer science or so) here in Nürtingen, Club Provisorium... None of them can do Java, C#, C nor javaScript.

Now look, I've tried to make a WebExtension... I'm intercepting all third-party requests, also even redirects. However especially on redirects, I can't really "ask to redirect"; I can just cancel them, by changing the status code from 301, 302, (307) to status 400.

What I want to say is, I don't believe they do cancel all AddOns by November 2017; just because I don't really see making noscript, µblock or RequestPolicy to run as WebExtensions :-)

You may also look on avian2/noscript. (I am currently doing so, this is so awesome.) They are really 'in-Mozilla-Firefox', however they do E10S and the like using XPCOMUtils.generateQI.

metadings commented 7 years ago

I'm not satisfied with my makexpi.sh, noscript's is ways better (also their version.sh)... (I just need to remove the old AddOn and install the new AddOn, without deleting Firefox' profile folder all the time.)

I'm going to close this PR, crafting a new one.