1
0
mirror of https://codeberg.org/nobody/LocalCDN.git synced 2024-12-23 00:25:15 +01:00

Error in encoding fixed (#66)

This commit is contained in:
nobody42 2020-05-02 13:56:49 +02:00
parent d05777de60
commit f5a17653c5
No known key found for this signature in database
GPG Key ID: AB5145CF05BFE119
5 changed files with 101 additions and 54 deletions

View File

@ -90,5 +90,6 @@ const Whitelist = {
};
const BrowserType = {
'CHROMIUM': chrome.runtime.getURL("/").startsWith("chrome-extension")
'CHROMIUM': chrome.runtime.getURL("/").startsWith("chrome-extension"),
'FIREFOX': chrome.runtime.getURL("/").startsWith("moz-extension")
}

97
core/manipulate-dom.js Normal file
View File

@ -0,0 +1,97 @@
/**
* Remove integrity checks from embedded CSS and JavaScript files
* Belongs to LocalCDN.
*
* @author nobody42
* @since 2020-02-27
*
* @license MPL 2.0
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
* You can obtain one at http://mozilla.org/MPL/2.0/.
*/
'use strict';
/**
* Manipulate DOM
*/
var manipulateDOM = {};
/**
* Private Methods
*/
manipulateDOM._removeCrossOriginAndIntegrityAttr = function (details) {
// by Jaap (https://gitlab.com/Jaaap)
// https://gitlab.com/nobody42/localcdn/-/issues/66
let header = details.responseHeaders.find(h => h.name.toLowerCase() === 'content-type');
if (header && BrowserType.FIREFOX) {
let mimeType, charset, initiatorDomain, isWhitelisted;
mimeType = header.value.replace(/;.*/, '').toLowerCase();
charset = /charset\s*=/.test(header.value) ? header.value.replace(/^.*?charset\s*=\s*/, '') : 'UTF-8';
initiatorDomain = helpers.extractDomainFromUrl(details.url, true) || Address.EXAMPLE;
isWhitelisted = stateManager._domainIsWhitelisted(initiatorDomain);
if (!isWhitelisted && mimeType === 'text/html') {
header.value = 'text/html; charset=UTF-8';
let decoder = new TextDecoder(charset);
let encoder = new TextEncoder();
let filter = browser.webRequest.filterResponseData(details.requestId);
//Note that this will not work if the '<script crossorigin="anonymous" src="dfgsfgd.com">' string is divided into two chunks, but we want to flush this data asap.
filter.ondata = evt => {
//remove crossorigin and integrity attributes
let str = decoder.decode(evt.data, {stream: true}).replace(/<(link|script)[^>]+>/ig, m => {
if (cdnDomainsRE.test(m))
return m.replace(/\s+(integrity|crossorigin)(="[^"]*"|='[^']*'|=[^"'`=\s]+|)/ig, '');
return m;
});
filter.write(encoder.encode(str));
}
filter.onstop = evt => {
let str = decoder.decode(); //end-of-stream
filter.write(encoder.encode(str));
filter.close();
}
}
} else if(BrowserType.CHROMIUM) {
// Chromium browsers do not support webRequest.filterResponseData
// https://bugs.chromium.org/p/chromium/issues/detail?id=487422
console.warn('[ LocalCDN ] browser.webRequest.filterResponseData not supported by your browser.');
}
return {responseHeaders: details.responseHeaders};
};
/**
* Initializations
*/
let whitelistedDomains = {};
let cdnDomainsRE = new RegExp('//(' + Object.keys(mappings).map(m => m.replace(/\W/g, '\\$&')).join('|') + ')/');
/**
* Event Handlers
*/
chrome.webRequest.onHeadersReceived.addListener(
manipulateDOM._removeCrossOriginAndIntegrityAttr,
{'types': [WebRequestType.MAIN_FRAME], 'urls': [Address.ANY]},
[WebRequest.BLOCKING, WebRequest.RESPONSE_HEADERS]
);

View File

@ -281,53 +281,6 @@ stateManager._setIconDisabled = function (tabIdentifier) {
});
};
stateManager._getContentType = function (headers) {
// by Jaap (https://gitlab.com/Jaaap)
for (let header of headers) {
if (header.name.toLowerCase() === "content-type") { //"text/html; charset=UTF-8"
return {
mimeType: header.value.replace(/;.*/, '').toLowerCase(),
charset: /charset\s*=/.test(header.value) ? header.value.replace(/^.*?charset\s*=\s*/, '') : 'UTF-8'
};
}
}
return { mimeType: '', charset: '' };
};
stateManager._removeCrossoriginAndIntegrityAttr = function (details) {
// by Jaap (https://gitlab.com/Jaaap)
let { mimeType, charset } = stateManager._getContentType(details.responseHeaders);
let initiatorDomain = helpers.extractDomainFromUrl(details.url, true) || Address.EXAMPLE;
let isWhitelisted = requestAnalyzer.whitelistedDomains[initiatorDomain];
let cdnDomainsRE = new RegExp("//(" + Object.keys(mappings).map(m => m.replace(/\W/g, '\\$&')).join('|') + ")/");
if (!isWhitelisted && mimeType === "text/html") {
let decoder = new TextDecoder(charset);
let encoder = new TextEncoder();
let filter = browser.webRequest.filterResponseData(details.requestId);
//Note that this will not work if the '<script crossorigin="anonymous" src="dfgsfgd.com">' string is divided into two chunks, but we want to flush this data asap.
filter.ondata = evt => {
//remove crossorigin and integrity attributes
let str = decoder.decode(evt.data, {stream: true}).replace(/<(link|script)[^>]+>/ig, m => {
if (cdnDomainsRE.test(m))
return m.replace(/\s+(integrity|crossorigin)(="[^"]*"|='[^']*'|=[^"'`=\s]+|)/ig, "");
return m;
});
filter.write(encoder.encode(str));
}
filter.onstop = evt => {
let str = decoder.decode(); // end-of-stream
filter.write(encoder.encode(str));
filter.close();
}
}
};
/**
* Initializations
@ -374,12 +327,6 @@ chrome.storage.local.get(Setting.SHOW_ICON_BADGE, function (items) {
chrome.tabs.onCreated.addListener(stateManager._createTab);
chrome.tabs.onRemoved.addListener(stateManager._removeTab);
chrome.webRequest.onHeadersReceived.addListener(function (response) {
stateManager._removeCrossoriginAndIntegrityAttr(response)
}, {'types': [WebRequestType.MAIN_FRAME], 'urls': [Address.ANY]}, [WebRequest.BLOCKING, WebRequest.RESPONSE_HEADERS]);
chrome.webRequest.onBeforeRequest.addListener(function (requestDetails) {
if (requestDetails.tabId !== -1 && stateManager.tabs[requestDetails.tabId]) {

View File

@ -25,6 +25,7 @@
<script src="../../core/file-guard.js"></script>
<script src="../../core/messenger.js"></script>
<script src="../../core/interceptor.js"></script>
<script src="../../core/manipulate-dom.js"></script>
<script src="../../core/main.js"></script>
</body>

View File

@ -29,6 +29,7 @@
<li>Added jQuery-csv v1.0.9, jQuery Ajax AutoComplete (Devbridge) v1.4.10 and Popper.js v1.16.1 (Fixed <a href="https://gitlab.com/nobody42/localcdn/-/issues/68">#68</a>)</li>
<li>Font Awesome injections in Chromium deactivated (Fixed <a href="https://gitlab.com/nobody42/localcdn/-/issues/67">#67</a>)</li>
<li>French translation updated</li>
<li>Error in encoding fixed (<a href="https://gitlab.com/nobody42/localcdn/-/issues/66#note_334647377">#66 comment: 334647377</a>)</li>
</ul>
<div class="topic-label">
Please update your uBlock/uMatrix rules