mirror of
https://github.com/gorhill/uMatrix.git
synced 2024-06-01 18:10:17 +12:00
add ability to block web workers on a per-site basis
This commit is contained in:
parent
52139a9137
commit
deeb211c5d
|
@ -22,7 +22,13 @@
|
||||||
"content_scripts": [
|
"content_scripts": [
|
||||||
{
|
{
|
||||||
"matches": ["http://*/*", "https://*/*"],
|
"matches": ["http://*/*", "https://*/*"],
|
||||||
"js": ["/js/vapi-client.js", "/js/contentscript.js"],
|
"js": ["/js/vapi-client.js", "/js/contentscript-start.js"],
|
||||||
|
"run_at": "document_start",
|
||||||
|
"all_frames": true
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"matches": ["http://*/*", "https://*/*"],
|
||||||
|
"js": ["/js/contentscript.js"],
|
||||||
"run_at": "document_end",
|
"run_at": "document_end",
|
||||||
"all_frames": true
|
"all_frames": true
|
||||||
}
|
}
|
||||||
|
|
|
@ -18,11 +18,17 @@
|
||||||
"default_popup": "popup.html"
|
"default_popup": "popup.html"
|
||||||
},
|
},
|
||||||
"content_scripts": [
|
"content_scripts": [
|
||||||
{
|
{
|
||||||
"matches": ["http://*/*", "https://*/*"],
|
"matches": ["http://*/*", "https://*/*"],
|
||||||
"js": ["/js/vapi-client.js", "/js/contentscript.js"],
|
"js": ["/js/vapi-client.js", "/js/contentscript-start.js"],
|
||||||
"run_at": "document_end",
|
"run_at": "document_start",
|
||||||
"all_frames": true
|
"all_frames": true
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"matches": ["http://*/*", "https://*/*"],
|
||||||
|
"js": ["/js/contentscript.js"],
|
||||||
|
"run_at": "document_end",
|
||||||
|
"all_frames": true
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"default_locale": "en",
|
"default_locale": "en",
|
||||||
|
|
|
@ -128,6 +128,12 @@ body .toolbar button.fa {
|
||||||
opacity: 1;
|
opacity: 1;
|
||||||
stroke: none;
|
stroke: none;
|
||||||
}
|
}
|
||||||
|
#mtxSwitches > li.relevant > svg .dot {
|
||||||
|
fill: #888;
|
||||||
|
}
|
||||||
|
#mtxSwitches > li.switchTrue.relevant > svg .dot {
|
||||||
|
fill: #eee;
|
||||||
|
}
|
||||||
#mtxSwitches > li > svg .off,
|
#mtxSwitches > li > svg .off,
|
||||||
#mtxSwitches > li.switchTrue > svg .on,
|
#mtxSwitches > li.switchTrue > svg .on,
|
||||||
#mtxSwitches > li.relevant > svg .dot {
|
#mtxSwitches > li.relevant > svg .dot {
|
||||||
|
|
|
@ -110,6 +110,7 @@ return {
|
||||||
},
|
},
|
||||||
|
|
||||||
clearBrowserCacheCycle: 0,
|
clearBrowserCacheCycle: 0,
|
||||||
|
cspNoWorkerSrc: undefined,
|
||||||
updateAssetsEvery: 11 * oneDay + 1 * oneHour + 1 * oneMinute + 1 * oneSecond,
|
updateAssetsEvery: 11 * oneDay + 1 * oneHour + 1 * oneMinute + 1 * oneSecond,
|
||||||
firstUpdateAfter: 11 * oneMinute,
|
firstUpdateAfter: 11 * oneMinute,
|
||||||
nextUpdateAfter: 11 * oneHour,
|
nextUpdateAfter: 11 * oneHour,
|
||||||
|
|
|
@ -167,6 +167,7 @@ var matrixSnapshot = function(pageStore, details) {
|
||||||
has3pReferrer: pageStore.has3pReferrer,
|
has3pReferrer: pageStore.has3pReferrer,
|
||||||
hasMixedContent: pageStore.hasMixedContent,
|
hasMixedContent: pageStore.hasMixedContent,
|
||||||
hasNoscriptTags: pageStore.hasNoscriptTags,
|
hasNoscriptTags: pageStore.hasNoscriptTags,
|
||||||
|
hasWebWorkers: pageStore.hasWebWorkers,
|
||||||
headerIndices: Array.from(headerIndices),
|
headerIndices: Array.from(headerIndices),
|
||||||
hostname: pageStore.pageHostname,
|
hostname: pageStore.pageHostname,
|
||||||
mtxContentModified: pageStore.mtxContentModifiedTime !== details.mtxContentModifiedTime,
|
mtxContentModified: pageStore.mtxContentModifiedTime !== details.mtxContentModifiedTime,
|
||||||
|
@ -541,6 +542,24 @@ var onMessage = function(request, sender, callback) {
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
case 'securityPolicyViolation':
|
||||||
|
if ( request.policy !== µm.cspNoWorkerSrc ) { break; }
|
||||||
|
if ( pageStore !== null ) {
|
||||||
|
pageStore.hasWebWorkers = true;
|
||||||
|
pageStore.recordRequest('script', request.url, true);
|
||||||
|
}
|
||||||
|
if ( tabContext !== null ) {
|
||||||
|
µm.logger.writeOne(
|
||||||
|
tabId,
|
||||||
|
'net',
|
||||||
|
tabContext.rootHostname,
|
||||||
|
request.url,
|
||||||
|
'worker',
|
||||||
|
true
|
||||||
|
);
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
|
||||||
case 'shutdown?':
|
case 'shutdown?':
|
||||||
if ( tabContext !== null ) {
|
if ( tabContext !== null ) {
|
||||||
response = µm.tMatrix.evaluateSwitchZ('matrix-off', tabContext.rootHostname);
|
response = µm.tMatrix.evaluateSwitchZ('matrix-off', tabContext.rootHostname);
|
||||||
|
|
|
@ -126,6 +126,7 @@ PageStore.prototype = {
|
||||||
this.has3pReferrer = false;
|
this.has3pReferrer = false;
|
||||||
this.hasMixedContent = false;
|
this.hasMixedContent = false;
|
||||||
this.hasNoscriptTags = false;
|
this.hasNoscriptTags = false;
|
||||||
|
this.hasWebWorkers = false;
|
||||||
this.incinerationTimer = null;
|
this.incinerationTimer = null;
|
||||||
this.mtxContentModifiedTime = 0;
|
this.mtxContentModifiedTime = 0;
|
||||||
this.mtxCountModifiedTime = 0;
|
this.mtxCountModifiedTime = 0;
|
||||||
|
|
|
@ -1196,6 +1196,10 @@ function updateMatrixSwitches() {
|
||||||
'relevant',
|
'relevant',
|
||||||
matrixSnapshot.hasMixedContent
|
matrixSnapshot.hasMixedContent
|
||||||
);
|
);
|
||||||
|
uDom.nodeFromId('mtxSwitch_no-workers').classList.toggle(
|
||||||
|
'relevant',
|
||||||
|
matrixSnapshot.hasWebWorkers
|
||||||
|
);
|
||||||
uDom.nodeFromId('mtxSwitch_referrer-spoof').classList.toggle(
|
uDom.nodeFromId('mtxSwitch_referrer-spoof').classList.toggle(
|
||||||
'relevant',
|
'relevant',
|
||||||
matrixSnapshot.has3pReferrer
|
matrixSnapshot.has3pReferrer
|
||||||
|
|
|
@ -299,24 +299,44 @@ var onHeadersReceived = function(details) {
|
||||||
var tabContext = µm.tabContextManager.lookup(tabId);
|
var tabContext = µm.tabContextManager.lookup(tabId);
|
||||||
if ( tabContext === null ) { return; }
|
if ( tabContext === null ) { return; }
|
||||||
|
|
||||||
if ( µm.mustAllow(tabContext.rootHostname, µm.URI.hostnameFromURI(requestURL), 'script') ) {
|
var csp = [];
|
||||||
return;
|
|
||||||
|
if (
|
||||||
|
µm.mustAllow(
|
||||||
|
tabContext.rootHostname,
|
||||||
|
µm.URI.hostnameFromURI(requestURL),
|
||||||
|
'script'
|
||||||
|
) !== true
|
||||||
|
) {
|
||||||
|
csp.push("script-src 'unsafe-eval' blob: *");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ( µm.cspNoWorkerSrc === undefined ) {
|
||||||
|
µm.cspNoWorkerSrc = vAPI.webextFlavor.startsWith('Mozilla-') ?
|
||||||
|
"child-src 'none'; frame-src data: blob: *" :
|
||||||
|
"worker-src 'none'" ;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( µm.tMatrix.evaluateSwitchZ('no-workers', tabContext.rootHostname) ) {
|
||||||
|
csp.push(µm.cspNoWorkerSrc);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( csp.length === 0 ) { return; }
|
||||||
|
|
||||||
// If javascript is not allowed, say so through a `Content-Security-Policy`
|
// If javascript is not allowed, say so through a `Content-Security-Policy`
|
||||||
// directive.
|
// directive.
|
||||||
// We block only inline-script tags, all the external javascript will be
|
// We block only inline-script tags, all the external javascript will be
|
||||||
// blocked by our request handler.
|
// blocked by our request handler.
|
||||||
|
|
||||||
var csp = "script-src 'unsafe-eval' blob: *",
|
var cspDirectives = csp.join(','),
|
||||||
headers = details.responseHeaders,
|
headers = details.responseHeaders,
|
||||||
i = headerIndexFromName('content-security-policy', headers);
|
i = headerIndexFromName('content-security-policy', headers);
|
||||||
// A CSP header is already present: just add our own directive as a
|
// A CSP header is already present: just add our own directive as a
|
||||||
// separate disposition (i.e. use comma).
|
// separate disposition (i.e. use comma).
|
||||||
if ( i !== -1 ) {
|
if ( i !== -1 ) {
|
||||||
headers[i].value += ', ' + csp;
|
headers[i].value += ', ' + cspDirectives;
|
||||||
} else {
|
} else {
|
||||||
headers.push({ name: 'Content-Security-Policy', value: csp });
|
headers.push({ name: 'Content-Security-Policy', value: cspDirectives });
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( requestType === 'doc' ) {
|
if ( requestType === 'doc' ) {
|
||||||
|
|
|
@ -87,6 +87,7 @@
|
||||||
<div class="dropdown-menu">
|
<div class="dropdown-menu">
|
||||||
<ul id="mtxSwitches">
|
<ul id="mtxSwitches">
|
||||||
<li id="mtxSwitch_https-strict" class="dropdown-menu-entry exists"><!-- <svg><use xlink:href="#toggleButton" /></svg> --><svg xmlns="http://www.w3.org/2000/svg" version="1.1" viewBox="0 0 152 96"><g style="fill:#bbb;"><ellipse cx="48" cy="48" rx="24" ry="24" /><ellipse cx="104" cy="48" rx="24" ry="24" /><rect width="56" height="48" x="48" y="24" /></g><g class="off" style="fill:#bbb;"><ellipse cx="48" cy="48" rx="48" ry="48" /><ellipse style="fill:#fff;" cx="48" cy="48" rx="40" ry="40" /><ellipse class="dot" cx="48" cy="48" rx="12" ry="12" /></g><g class="on" style="fill:#bbb;"><ellipse style="fill:#444;" cx="104" cy="48" rx="48" ry="48" /><ellipse class="dot" cx="104" cy="48" rx="12" ry="12" /></g></svg><span data-i18n="matrixSwitchNoMixedContent"></span> <a class="fa" href="https://developer.mozilla.org/docs/Web/Security/Mixed_content" target="_blank"></a>
|
<li id="mtxSwitch_https-strict" class="dropdown-menu-entry exists"><!-- <svg><use xlink:href="#toggleButton" /></svg> --><svg xmlns="http://www.w3.org/2000/svg" version="1.1" viewBox="0 0 152 96"><g style="fill:#bbb;"><ellipse cx="48" cy="48" rx="24" ry="24" /><ellipse cx="104" cy="48" rx="24" ry="24" /><rect width="56" height="48" x="48" y="24" /></g><g class="off" style="fill:#bbb;"><ellipse cx="48" cy="48" rx="48" ry="48" /><ellipse style="fill:#fff;" cx="48" cy="48" rx="40" ry="40" /><ellipse class="dot" cx="48" cy="48" rx="12" ry="12" /></g><g class="on" style="fill:#bbb;"><ellipse style="fill:#444;" cx="104" cy="48" rx="48" ry="48" /><ellipse class="dot" cx="104" cy="48" rx="12" ry="12" /></g></svg><span data-i18n="matrixSwitchNoMixedContent"></span> <a class="fa" href="https://developer.mozilla.org/docs/Web/Security/Mixed_content" target="_blank"></a>
|
||||||
|
<li id="mtxSwitch_no-workers" class="dropdown-menu-entry exists"><!-- <svg><use xlink:href="#toggleButton" /></svg> --><svg xmlns="http://www.w3.org/2000/svg" version="1.1" viewBox="0 0 152 96"><g style="fill:#bbb;"><ellipse cx="48" cy="48" rx="24" ry="24" /><ellipse cx="104" cy="48" rx="24" ry="24" /><rect width="56" height="48" x="48" y="24" /></g><g class="off" style="fill:#bbb;"><ellipse cx="48" cy="48" rx="48" ry="48" /><ellipse style="fill:#fff;" cx="48" cy="48" rx="40" ry="40" /><ellipse class="dot" cx="48" cy="48" rx="12" ry="12" /></g><g class="on" style="fill:#bbb;"><ellipse style="fill:#444;" cx="104" cy="48" rx="48" ry="48" /><ellipse class="dot" cx="104" cy="48" rx="12" ry="12" /></g></svg><span data-i18n="matrixSwitchNoWorker"></span> <a class="fa" href="https://developer.mozilla.org/en-US/docs/Web/API/Web_Workers_API" target="_blank"></a>
|
||||||
<li id="mtxSwitch_referrer-spoof" class="dropdown-menu-entry"><!-- <svg><use xlink:href="#toggleButton" /></svg> --><svg xmlns="http://www.w3.org/2000/svg" version="1.1" viewBox="0 0 152 96"><g style="fill:#bbb;"><ellipse cx="48" cy="48" rx="24" ry="24" /><ellipse cx="104" cy="48" rx="24" ry="24" /><rect width="56" height="48" x="48" y="24" /></g><g class="off" style="fill:#bbb;"><ellipse cx="48" cy="48" rx="48" ry="48" /><ellipse style="fill:#fff;" cx="48" cy="48" rx="40" ry="40" /><ellipse class="dot" cx="48" cy="48" rx="12" ry="12" /></g><g class="on" style="fill:#bbb;"><ellipse style="fill:#444;" cx="104" cy="48" rx="48" ry="48" /><ellipse class="dot" cx="104" cy="48" rx="12" ry="12" /></g></svg><span data-i18n="matrixSwitchReferrerSpoof"></span> <a class="fa" href="https://developer.mozilla.org/docs/Web/HTTP/Headers/Referer" target="_blank"></a>
|
<li id="mtxSwitch_referrer-spoof" class="dropdown-menu-entry"><!-- <svg><use xlink:href="#toggleButton" /></svg> --><svg xmlns="http://www.w3.org/2000/svg" version="1.1" viewBox="0 0 152 96"><g style="fill:#bbb;"><ellipse cx="48" cy="48" rx="24" ry="24" /><ellipse cx="104" cy="48" rx="24" ry="24" /><rect width="56" height="48" x="48" y="24" /></g><g class="off" style="fill:#bbb;"><ellipse cx="48" cy="48" rx="48" ry="48" /><ellipse style="fill:#fff;" cx="48" cy="48" rx="40" ry="40" /><ellipse class="dot" cx="48" cy="48" rx="12" ry="12" /></g><g class="on" style="fill:#bbb;"><ellipse style="fill:#444;" cx="104" cy="48" rx="48" ry="48" /><ellipse class="dot" cx="104" cy="48" rx="12" ry="12" /></g></svg><span data-i18n="matrixSwitchReferrerSpoof"></span> <a class="fa" href="https://developer.mozilla.org/docs/Web/HTTP/Headers/Referer" target="_blank"></a>
|
||||||
<li id="mtxSwitch_noscript-spoof" class="dropdown-menu-entry"><!-- <svg><use xlink:href="#toggleButton" /></svg> --><svg xmlns="http://www.w3.org/2000/svg" version="1.1" viewBox="0 0 152 96"><g style="fill:#bbb;"><ellipse cx="48" cy="48" rx="24" ry="24" /><ellipse cx="104" cy="48" rx="24" ry="24" /><rect width="56" height="48" x="48" y="24" /></g><g class="off" style="fill:#bbb;"><ellipse cx="48" cy="48" rx="48" ry="48" /><ellipse style="fill:#fff;" cx="48" cy="48" rx="40" ry="40" /><ellipse class="dot" cx="48" cy="48" rx="12" ry="12" /></g><g class="on" style="fill:#bbb;"><ellipse style="fill:#444;" cx="104" cy="48" rx="48" ry="48" /><ellipse class="dot" cx="104" cy="48" rx="12" ry="12" /></g></svg><span data-i18n="matrixSwitchNoscriptSpoof"></span> <a class="fa" href="https://developer.mozilla.org/docs/Web/HTML/Element/noscript" target="_blank"></a>
|
<li id="mtxSwitch_noscript-spoof" class="dropdown-menu-entry"><!-- <svg><use xlink:href="#toggleButton" /></svg> --><svg xmlns="http://www.w3.org/2000/svg" version="1.1" viewBox="0 0 152 96"><g style="fill:#bbb;"><ellipse cx="48" cy="48" rx="24" ry="24" /><ellipse cx="104" cy="48" rx="24" ry="24" /><rect width="56" height="48" x="48" y="24" /></g><g class="off" style="fill:#bbb;"><ellipse cx="48" cy="48" rx="48" ry="48" /><ellipse style="fill:#fff;" cx="48" cy="48" rx="40" ry="40" /><ellipse class="dot" cx="48" cy="48" rx="12" ry="12" /></g><g class="on" style="fill:#bbb;"><ellipse style="fill:#444;" cx="104" cy="48" rx="48" ry="48" /><ellipse class="dot" cx="104" cy="48" rx="12" ry="12" /></g></svg><span data-i18n="matrixSwitchNoscriptSpoof"></span> <a class="fa" href="https://developer.mozilla.org/docs/Web/HTML/Element/noscript" target="_blank"></a>
|
||||||
</ul>
|
</ul>
|
||||||
|
|
Loading…
Reference in a new issue