diff --git a/.eslintrc b/.eslintrc index 6e5421df..9c590f5e 100644 --- a/.eslintrc +++ b/.eslintrc @@ -31,6 +31,7 @@ "BadgeSetting": true, "BadgeSettingHTMLFilter": true, "BadgeSettingMissingResource": true, + "BadResources": true, "fileGuard": true, "files": true, diff --git a/core/constants.js b/core/constants.js index d3336ead..cb3fb253 100644 --- a/core/constants.js +++ b/core/constants.js @@ -391,6 +391,20 @@ const MathJaxFiles = { 'jax/output/HTML-CSS/jax.js': true, }; +/** + * To block bad resources, e.g. fingerprint + * + * Necessary if the user has selected the option "Block requests for missing + * resources Advanced" option is not enabled. + * + * https://codeberg.org/nobody/LocalCDN/issues/703 + */ +const BadResources = { + 'cdn.jsdelivr.net/npm/@fingerprintjs/': true, + 'cdnjs.cloudflare.com/ajax/libs/fingerprintjs/': true, + 'cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/': true, + 'cdnjs.cloudflare.com/ajax/libs/ClientJS/': true, +}; // Supported charsets for TextDecoder() // https://developer.mozilla.org/en-US/docs/Web/API/TextDecoder/TextDecoder diff --git a/core/interceptor.js b/core/interceptor.js index 78433428..c270cb93 100644 --- a/core/interceptor.js +++ b/core/interceptor.js @@ -41,6 +41,14 @@ interceptor.handleRequest = function (requestDetails, tabIdentifier, tab) { }; } + if (!interceptor.blockMissing && interceptor._isBadResource(requestDetails.url)) { + console.warn(`[ LocalCDN ] Evil resource blocked: ${requestDetails.url}`); + log.append(tab.url, requestDetails.url, '-', true); + return { + 'cancel': true + }; + } + targetDetails = requestAnalyzer.getLocalTarget(requestDetails, tab.url); targetPath = targetDetails.path; @@ -141,6 +149,10 @@ interceptor._handleStorageChanged = function (changes) { } }; +interceptor._isBadResource = function (requestUrl) { + requestUrl = requestUrl.replace(/(^\w+:|^)\/\//, ''); + return Object.keys(BadResources).filter((path) => requestUrl.startsWith(path)).length !== 0; +}; /** * Event Handlers diff --git a/pages/updates/updates.html b/pages/updates/updates.html index 3e1e4d80..73bf6356 100644 --- a/pages/updates/updates.html +++ b/pages/updates/updates.html @@ -33,6 +33,10 @@
Improved
+