LocalCDN-Firefox-Chrome-Brave/core/manipulate-dom.js

/**
 * Remove integrity checks from embedded CSS and JavaScript files
 * Belongs to LocalCDN.
 *
 * @author      nobody
 * @since       2020-02-27
 *
 * @license     MPL 2.0
 *
 * This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this file,
 * You can obtain one at http://mozilla.org/MPL/2.0/.
 */

'use strict';


/**
 * Manipulate DOM
 */

var manipulateDOM = {};


/**
 * Private Methods
 */

manipulateDOM._removeCrossOriginAndIntegrityAttr = function (details) {

    if (!BrowserType.FIREFOX) {
        // Chromium (and other) browsers do not support webRequest.filterResponseData
        // https://bugs.chromium.org/p/chromium/issues/detail?id=487422
        console.warn('[ LocalCDN ] browser.webRequest.filterResponseData not supported by your browser.');
        log.append(details.url, '-', 'browser.webRequest.filterResponseData not supported by your browser', true);
        return;
    }
    if (details.statusCode === 200) {
        let initiatorDomain, header;

        initiatorDomain = helpers.extractDomainFromUrl(details.url, true) || Address.EXAMPLE;

        // by Jaap (https://gitlab.com/Jaaap)
        header = details.responseHeaders.find((h) => h.name.toLowerCase() === 'content-type');

        if (header && manipulateDOM.checkHtmlFilterEnabled(initiatorDomain)) {

            let mimeType, isAllowlisted;

            mimeType = header.value.replace(/;.*/, '').toLowerCase();
            isAllowlisted = stateManager._domainIsListed(initiatorDomain);

            if (!isAllowlisted && mimeType === 'text/html') {

                let asciiDecoder, decoder, encoder, charset, isFirstData, filter, data;

                charset = (/charset\s*=/).test(header.value) && header.value.replace(/^.*?charset\s*=\s*/, '').replace(/["']?/g, '');

                // Check if charset is supported by TextDecoder()
                if ((/charset\s*=/).test(header.value) && !EncodingTypes[charset.toString().toLowerCase()]) {
                    console.error(`[ LocalCDN ] Unsupported charset: ${charset}`);
                    log.append(details.url, '-', `Unsupported charset: ${charset}`, true);
                    return;
                }

                asciiDecoder = new TextDecoder('ASCII');
                encoder = new TextEncoder();
                isFirstData = true;
                filter = browser.webRequest.filterResponseData(details.requestId);
                data = [];

                header.value = 'text/html; charset=UTF-8';

                // NOTE: should work if 'script' string is divided into two chunks
                filter.ondata = (evt) => {
                    if (isFirstData) {
                        if (!charset) {
                            // content-type has no charset declared
                            let htmlHead, charsetMatch;

                            htmlHead = asciiDecoder.decode(evt.data, {'stream': false});
                            // eslint-disable-next-line no-useless-escape
                            charsetMatch = htmlHead.match(/<meta\s+charset=["']?([^>"'\/]+)["'>\/]/i);
                            if (charsetMatch === null) {
                                // eslint-disable-next-line no-useless-escape
                                charsetMatch = htmlHead.match(/<meta.*charset=["']?([^>"'\/]+)["'].*[>\/]/i) || 'utf8';
                            }

                            if (EncodingTypes[charsetMatch[1].toLowerCase().trim()] !== undefined) {
                                charset = charsetMatch[1].trim();
                            } else {
                                // If charset is unclear, then use ASCII by default.
                                // Other charsets are mostly tagged in the header or HTML source code.
                                // https://codeberg.org/nobody/LocalCDN/issues/567
                                charset = 'ASCII';
                            }
                        }
                        decoder = new TextDecoder(charset);
                    }
                    isFirstData = false;

                    data.push(evt.data);
                };

                filter.onstop = () => {
                    let str = '';
                    for (let buffer of data) {
                        str += decoder.decode(buffer, {'stream': true});
                    }
                    str += decoder.decode(); // end-of-stream

                    // set UTF-8 in document
                    str = manipulateDOM._searchCharset(str, charset);

                    // remove crossorigin and integrity attributes
                    str = str.replace(/<(link|script)[^>]+>/ig, (m) => {
                        // eslint-disable-next-line no-use-before-define
                        if (cdnDomainsRE.test(m)) {
                            return m.replace(/\s+(integrity|crossorigin)(="[^"]*"|='[^']*'|=[^"'`=>\s]+=?|)/ig, '');
                        }
                        return m;
                    });
                    filter.write(encoder.encode(str));
                    filter.close();
                };
            }
            return {'responseHeaders': details.responseHeaders};

        }
    }
};

manipulateDOM._searchCharset = function (str, charset) {
    if (str.indexOf(`charset="${charset}"`) > 0) {
        return str.replace(`charset="${charset}"`, 'charset="utf8"');
    }
    if (str.indexOf(`charset='${charset}'`) > 0) {
        return str.replace(`charset='${charset}'`, 'charset=\'utf8\'');
    }
    if (str.indexOf(`charset=${charset}`) > 0) {
        return str.replace(`charset=${charset}`, 'charset=utf8');
    }
    return str;
};


/**
 * Public Methods
 */

manipulateDOM.checkHtmlFilterEnabled = function (url) {
    let listedToManipulateDOM, negateHtmlFilter;
    listedToManipulateDOM = stateManager._domainIsListed(url, 'manipulate-dom');
    negateHtmlFilter = stateManager.getInvertOption;

    if ((negateHtmlFilter || listedToManipulateDOM) && !(negateHtmlFilter && listedToManipulateDOM)) {
        return true;
    }
    return false;
};

/**
 * Initializations
 */

/* eslint-disable one-var */
let cdnDomainsRE = new RegExp(`//(${Object.keys(mappings.cdn).map((m) => m.replace(/\W/g, '\\$&')).join('|')})/`);
/* eslint-enable one-var */


/**
 * Event Handlers
 */

chrome.webRequest.onHeadersReceived.addListener(
    manipulateDOM._removeCrossOriginAndIntegrityAttr,
    {'types': [WebRequestType.MAIN_FRAME, WebRequestType.SUB_FRAME], 'urls': [Address.ANY]},
    [WebRequest.BLOCKING, WebRequest.RESPONSE_HEADERS]
);
Error in encoding fixed (#66) 2020-05-02 13:56:49 +02:00			`/**`
			`* Remove integrity checks from embedded CSS and JavaScript files`
			`* Belongs to LocalCDN.`
			`*`
Docs revised 2020-06-30 18:41:58 +02:00			`* @author nobody`
Error in encoding fixed (#66) 2020-05-02 13:56:49 +02:00			`* @since 2020-02-27`
			`*`
			`* @license MPL 2.0`
			`*`
			`* This Source Code Form is subject to the terms of the Mozilla Public`
			`* License, v. 2.0. If a copy of the MPL was not distributed with this file,`
			`* You can obtain one at http://mozilla.org/MPL/2.0/.`
			`*/`

			`'use strict';`


			`/**`
			`* Manipulate DOM`
			`*/`

			`var manipulateDOM = {};`


			`/**`
			`* Private Methods`
			`*/`

			`manipulateDOM._removeCrossOriginAndIntegrityAttr = function (details) {`

Just code style (JS) 2021-02-17 07:01:08 +01:00			`if (!BrowserType.FIREFOX) {`
Improved handling when HTML filter is not supported 2020-08-09 10:10:12 +02:00			`// Chromium (and other) browsers do not support webRequest.filterResponseData`
Implemented: Option to enable HTML-Filter by default (#33) 2020-06-25 07:54:17 +02:00			`// https://bugs.chromium.org/p/chromium/issues/detail?id=487422`
			`console.warn('[ LocalCDN ] browser.webRequest.filterResponseData not supported by your browser.');`
Logging applied (#279) 2021-02-21 19:51:47 +01:00			`log.append(details.url, '-', 'browser.webRequest.filterResponseData not supported by your browser', true);`
Implemented: Option to enable HTML-Filter by default (#33) 2020-06-25 07:54:17 +02:00			`return;`
			`}`
Fixed: HTML filter (#277) 2021-02-21 19:13:11 +01:00			`if (details.statusCode === 200) {`
Check HTML filter improved 2022-07-10 07:10:26 +02:00			`let initiatorDomain, header;`
Implemented: Option to enable HTML-Filter by default (#33) 2020-06-25 07:54:17 +02:00
Fixed: HTML filter (#277) 2021-02-21 19:13:11 +01:00			`initiatorDomain = helpers.extractDomainFromUrl(details.url, true) \|\| Address.EXAMPLE;`
Check if domain in list to manipulate DOM (#1) 2020-05-25 22:53:46 +02:00
Fixed: HTML filter (#277) 2021-02-21 19:13:11 +01:00			`// by Jaap (https://gitlab.com/Jaaap)`
			`header = details.responseHeaders.find((h) => h.name.toLowerCase() === 'content-type');`
Error in encoding fixed (#66) 2020-05-02 13:56:49 +02:00
Check HTML filter improved 2022-07-10 07:10:26 +02:00			`if (header && manipulateDOM.checkHtmlFilterEnabled(initiatorDomain)) {`
Error in encoding fixed (#66) 2020-05-02 13:56:49 +02:00
Fixed: HTML filter (#277) 2021-02-21 19:13:11 +01:00			`let mimeType, isAllowlisted;`
Error in encoding fixed (#66) 2020-05-02 13:56:49 +02:00
Fixed: HTML filter (#277) 2021-02-21 19:13:11 +01:00			`mimeType = header.value.replace(/;.*/, '').toLowerCase();`
			`isAllowlisted = stateManager._domainIsListed(initiatorDomain);`
Error in encoding fixed (#66) 2020-05-02 13:56:49 +02:00
Fixed: HTML filter (#277) 2021-02-21 19:13:11 +01:00			`if (!isAllowlisted && mimeType === 'text/html') {`
Error in encoding fixed (#66) 2020-05-02 13:56:49 +02:00
Fixed: HTML filter (#277) 2021-02-21 19:13:11 +01:00			`let asciiDecoder, decoder, encoder, charset, isFirstData, filter, data;`
Second decoder implemented 2020-05-19 17:26:16 +02:00
Fixed: HTML filter (#277) 2021-02-21 19:13:11 +01:00			`charset = (/charset\s=/).test(header.value) && header.value.replace(/^.?charset\s=\s/, '').replace(/["']?/g, '');`
Check if charset is supported by TextDecoder 2020-05-22 07:19:01 +02:00
Fixed: HTML filter (#277) 2021-02-21 19:13:11 +01:00			`// Check if charset is supported by TextDecoder()`
Code style: wrap regex 2021-11-28 09:28:38 +01:00			`if ((/charset\s*=/).test(header.value) && !EncodingTypes[charset.toString().toLowerCase()]) {`
Fixed: HTML filter (#277) 2021-02-21 19:13:11 +01:00			console.error(`[ LocalCDN ] Unsupported charset: ${charset}`);
Logging applied (#279) 2021-02-21 19:51:47 +01:00			log.append(details.url, '-', `Unsupported charset: ${charset}`, true);
Fixed: HTML filter (#277) 2021-02-21 19:13:11 +01:00			`return;`
			`}`
Check if charset is supported by TextDecoder 2020-05-22 07:19:01 +02:00
Fixed: HTML filter (#277) 2021-02-21 19:13:11 +01:00			`asciiDecoder = new TextDecoder('ASCII');`
			`encoder = new TextEncoder();`
			`isFirstData = true;`
			`filter = browser.webRequest.filterResponseData(details.requestId);`
			`data = [];`
Second decoder implemented 2020-05-19 17:26:16 +02:00
Fixed: HTML filter (#277) 2021-02-21 19:13:11 +01:00			`header.value = 'text/html; charset=UTF-8';`
Error in encoding fixed (#66) 2020-05-02 13:56:49 +02:00
Fixed: HTML filter (#277) 2021-02-21 19:13:11 +01:00			`// NOTE: should work if 'script' string is divided into two chunks`
			`filter.ondata = (evt) => {`
			`if (isFirstData) {`
			`if (!charset) {`
			`// content-type has no charset declared`
			`let htmlHead, charsetMatch;`
Just code style (JS) 2021-02-17 07:01:08 +01:00
Fixed: HTML filter (#277) 2021-02-21 19:13:11 +01:00			`htmlHead = asciiDecoder.decode(evt.data, {'stream': false});`
			`// eslint-disable-next-line no-useless-escape`
Fixed: Charset detection in HTML filter improved and check if supported (#293) 2021-02-28 18:08:07 +01:00			`charsetMatch = htmlHead.match(/<meta\s+charset=["']?([^>"'\/]+)["'>\/]/i);`
			`if (charsetMatch === null) {`
			`// eslint-disable-next-line no-useless-escape`
Fixed: HTML filter (If website does not deliver any charset) (#340) 2021-04-01 07:04:47 +02:00			`charsetMatch = htmlHead.match(/<meta.charset=["']?([^>"'\/]+)["'].[>\/]/i) \|\| 'utf8';`
Fixed: Charset detection in HTML filter improved and check if supported (#293) 2021-02-28 18:08:07 +01:00			`}`

HTML filter trim spaces in character set detection (#1526) 2023-09-07 06:06:25 +02:00			`if (EncodingTypes[charsetMatch[1].toLowerCase().trim()] !== undefined) {`
			`charset = charsetMatch[1].trim();`
Fixed: Charset detection in HTML filter improved and check if supported (#293) 2021-02-28 18:08:07 +01:00			`} else {`
Fixed: Default charset of HTML filter (#567) 2021-07-13 06:26:45 +02:00			`// If charset is unclear, then use ASCII by default.`
			`// Other charsets are mostly tagged in the header or HTML source code.`
			`// https://codeberg.org/nobody/LocalCDN/issues/567`
			`charset = 'ASCII';`
Fixed: Charset detection in HTML filter improved and check if supported (#293) 2021-02-28 18:08:07 +01:00			`}`
Fixed: HTML filter (#277) 2021-02-21 19:13:11 +01:00			`}`
			`decoder = new TextDecoder(charset);`
Second decoder implemented 2020-05-19 17:26:16 +02:00			`}`
Fixed: HTML filter (#277) 2021-02-21 19:13:11 +01:00			`isFirstData = false;`
Improved: HTML filter (#257) 2021-01-30 06:45:21 +01:00
Fixed: HTML filter (#277) 2021-02-21 19:13:11 +01:00			`data.push(evt.data);`
			`};`
Improved: HTML filter (#257) 2021-01-30 06:45:21 +01:00
Fixed: HTML filter (#277) 2021-02-21 19:13:11 +01:00			`filter.onstop = () => {`
			`let str = '';`
			`for (let buffer of data) {`
			`str += decoder.decode(buffer, {'stream': true});`
Second decoder implemented 2020-05-19 17:26:16 +02:00			`}`
Fixed: HTML filter (#277) 2021-02-21 19:13:11 +01:00			`str += decoder.decode(); // end-of-stream`

Set correct charset in HTML when HTML filter is active (#736) 2021-10-23 10:08:13 +02:00			`// set UTF-8 in document`
Incorrect insertion of the UTF8 charset in the HTML filter (#782) 2021-11-24 07:22:11 +01:00			`str = manipulateDOM._searchCharset(str, charset);`
Set correct charset in HTML when HTML filter is active (#736) 2021-10-23 10:08:13 +02:00
Fixed: HTML filter (#277) 2021-02-21 19:13:11 +01:00			`// remove crossorigin and integrity attributes`
			`str = str.replace(/<(link\|script)[^>]+>/ig, (m) => {`
			`// eslint-disable-next-line no-use-before-define`
			`if (cdnDomainsRE.test(m)) {`
HTML filter modified (#859) 2022-02-06 08:06:07 +01:00			return m.replace(/\s+(integrity\|crossorigin)(="[^"]"\|='[^']'\|=[^"'`=>\s]+=?\|)/ig, '');
Fixed: HTML filter (#277) 2021-02-21 19:13:11 +01:00			`}`
			`return m;`
			`});`
			`filter.write(encoder.encode(str));`
			`filter.close();`
			`};`
			`}`
			`return {'responseHeaders': details.responseHeaders};`
Error in encoding fixed (#66) 2020-05-02 13:56:49 +02:00
Fixed: HTML filter (#277) 2021-02-21 19:13:11 +01:00			`}`
Error in encoding fixed (#66) 2020-05-02 13:56:49 +02:00			`}`
			`};`

Incorrect insertion of the UTF8 charset in the HTML filter (#782) 2021-11-24 07:22:11 +01:00			`manipulateDOM._searchCharset = function (str, charset) {`
			if (str.indexOf(`charset="${charset}"`) > 0) {
			return str.replace(`charset="${charset}"`, 'charset="utf8"');
Code style 2021-12-05 07:30:31 +01:00			`}`
			if (str.indexOf(`charset='${charset}'`) > 0) {
Incorrect insertion of the UTF8 charset in the HTML filter (#782) 2021-11-24 07:22:11 +01:00			return str.replace(`charset='${charset}'`, 'charset=\'utf8\'');
Code style 2021-12-05 07:30:31 +01:00			`}`
			if (str.indexOf(`charset=${charset}`) > 0) {
Incorrect insertion of the UTF8 charset in the HTML filter (#782) 2021-11-24 07:22:11 +01:00			return str.replace(`charset=${charset}`, 'charset=utf8');
			`}`
Code style 2021-12-05 07:30:31 +01:00			`return str;`
Incorrect insertion of the UTF8 charset in the HTML filter (#782) 2021-11-24 07:22:11 +01:00			`};`
Error in encoding fixed (#66) 2020-05-02 13:56:49 +02:00
Check HTML filter improved 2022-07-10 07:10:26 +02:00
			`/**`
			`* Public Methods`
			`*/`

			`manipulateDOM.checkHtmlFilterEnabled = function (url) {`
			`let listedToManipulateDOM, negateHtmlFilter;`
			`listedToManipulateDOM = stateManager._domainIsListed(url, 'manipulate-dom');`
			`negateHtmlFilter = stateManager.getInvertOption;`

			`if ((negateHtmlFilter \|\| listedToManipulateDOM) && !(negateHtmlFilter && listedToManipulateDOM)) {`
			`return true;`
			`}`
			`return false;`
			`};`

Error in encoding fixed (#66) 2020-05-02 13:56:49 +02:00			`/**`
			`* Initializations`
			`*/`

Just code style (JS) 2021-02-17 07:01:08 +01:00			`/* eslint-disable one-var */`
			let cdnDomainsRE = new RegExp(`//(${Object.keys(mappings.cdn).map((m) => m.replace(/\W/g, '\\$&')).join('\|')})/`);
			`/* eslint-enable one-var */`
Error in encoding fixed (#66) 2020-05-02 13:56:49 +02:00

			`/**`
Just code style (JS) 2021-02-17 07:01:08 +01:00			`* Event Handlers`
			`*/`
Error in encoding fixed (#66) 2020-05-02 13:56:49 +02:00
			`chrome.webRequest.onHeadersReceived.addListener(`
			`manipulateDOM._removeCrossOriginAndIntegrityAttr,`
Improved: HTML filter inside frames (#439) 2021-05-03 06:44:52 +02:00			`{'types': [WebRequestType.MAIN_FRAME, WebRequestType.SUB_FRAME], 'urls': [Address.ANY]},`
Second decoder implemented 2020-05-19 17:26:16 +02:00			`[WebRequest.BLOCKING, WebRequest.RESPONSE_HEADERS]`
Error in encoding fixed (#66) 2020-05-02 13:56:49 +02:00			`);`