2016-02-13 12:28:36 +01:00
|
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
(function(){
|
|
|
|
"use strict";
|
|
|
|
|
2019-05-10 00:45:50 +02:00
|
|
|
let scope;
|
2017-06-25 22:22:17 +02:00
|
|
|
if ((typeof exports) !== "undefined"){
|
|
|
|
scope = exports;
|
|
|
|
}
|
|
|
|
else {
|
2019-03-12 22:24:23 +01:00
|
|
|
scope = require.register("./intercept", {});
|
2017-06-25 22:22:17 +02:00
|
|
|
}
|
|
|
|
|
2018-08-27 00:23:19 +02:00
|
|
|
const {changedFunctions, changedGetters, setRandomSupply} = require("./modifiedAPI");
|
2016-08-06 19:17:36 +02:00
|
|
|
const randomSupplies = require("./randomSupplies");
|
2017-11-07 00:36:44 +01:00
|
|
|
const logging = require("./logging");
|
2017-12-04 00:26:26 +01:00
|
|
|
const settings = require("./settings");
|
2019-03-14 16:51:20 +01:00
|
|
|
const extension = require("./extension");
|
2017-10-07 23:26:04 +02:00
|
|
|
|
2016-08-06 19:17:36 +02:00
|
|
|
setRandomSupply(randomSupplies.nonPersistent);
|
2019-05-10 00:45:50 +02:00
|
|
|
const apiNames = Object.keys(changedFunctions);
|
|
|
|
let undef;
|
2016-08-06 19:17:36 +02:00
|
|
|
function setRandomSupplyByType(type){
|
|
|
|
switch (type){
|
|
|
|
case "persistent":
|
|
|
|
setRandomSupply(randomSupplies.persistent);
|
|
|
|
break;
|
2017-08-07 17:43:57 +02:00
|
|
|
case "constant":
|
|
|
|
setRandomSupply(randomSupplies.constant);
|
|
|
|
break;
|
2017-11-24 17:06:43 +01:00
|
|
|
case "white":
|
|
|
|
setRandomSupply(randomSupplies.white);
|
|
|
|
break;
|
2016-08-06 19:17:36 +02:00
|
|
|
default:
|
|
|
|
setRandomSupply(randomSupplies.nonPersistent);
|
|
|
|
}
|
|
|
|
}
|
2019-05-10 00:38:38 +02:00
|
|
|
settings.on("rng", function(){
|
|
|
|
setRandomSupplyByType(settings.rng);
|
|
|
|
});
|
2017-01-31 20:00:02 +01:00
|
|
|
|
2019-11-28 01:26:35 +01:00
|
|
|
function getURL(windowToProcess){
|
2019-05-10 00:45:50 +02:00
|
|
|
let href;
|
2017-07-18 16:14:03 +02:00
|
|
|
try {
|
2019-11-28 01:26:35 +01:00
|
|
|
href = windowToProcess.location.href;
|
2017-07-18 16:14:03 +02:00
|
|
|
}
|
2019-11-28 01:26:35 +01:00
|
|
|
catch (error){
|
2017-07-18 16:14:03 +02:00
|
|
|
// unable to read location due to SOP
|
|
|
|
// since we are not able to do anything in that case we can allow everything
|
|
|
|
return "about:SOP";
|
|
|
|
}
|
|
|
|
if (!href || href === "about:blank"){
|
2019-11-28 01:26:35 +01:00
|
|
|
if (windowToProcess !== windowToProcess.parent){
|
|
|
|
return getURL(windowToProcess.parent);
|
2017-01-31 20:00:02 +01:00
|
|
|
}
|
2019-11-28 01:26:35 +01:00
|
|
|
else if (windowToProcess.opener){
|
|
|
|
return getURL(windowToProcess.opener);
|
2017-01-31 20:00:02 +01:00
|
|
|
}
|
|
|
|
}
|
2019-05-10 01:11:31 +02:00
|
|
|
return href;
|
2017-01-31 20:00:02 +01:00
|
|
|
}
|
2019-11-28 01:26:35 +01:00
|
|
|
const getAllFunctionObjects = function(windowToProcess, changedFunction){
|
|
|
|
return (
|
|
|
|
Array.isArray(changedFunction.object)?
|
|
|
|
changedFunction.object:
|
|
|
|
[changedFunction.object]
|
|
|
|
).map(function(name){
|
|
|
|
if (name){
|
2019-12-12 00:09:53 +01:00
|
|
|
const constructor = extension.getWrapped(windowToProcess)[name];
|
2019-11-28 01:26:35 +01:00
|
|
|
if (constructor){
|
|
|
|
return constructor.prototype;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}).concat(
|
|
|
|
changedFunction.objectGetters?
|
|
|
|
changedFunction.objectGetters.map(function(objectGetter){
|
2019-12-12 00:09:53 +01:00
|
|
|
return objectGetter(extension.getWrapped(windowToProcess));
|
2019-11-28 01:26:35 +01:00
|
|
|
}):
|
|
|
|
[]
|
|
|
|
);
|
|
|
|
};
|
|
|
|
const forEachFunction = function(windowToProcess, callback){
|
|
|
|
apiNames.forEach(function(name){
|
|
|
|
const changedFunction = changedFunctions[name];
|
|
|
|
getAllFunctionObjects(windowToProcess, changedFunction).forEach(function(object){
|
|
|
|
if (object){
|
|
|
|
callback({name, object: object, changedFunction});
|
|
|
|
}
|
|
|
|
});
|
|
|
|
});
|
|
|
|
};
|
|
|
|
const forEachGetter = function(windowToProcess, callback){
|
|
|
|
changedGetters.forEach(function(changedGetter){
|
|
|
|
const name = changedGetter.name;
|
|
|
|
changedGetter.objectGetters.forEach(function(changedGetter){
|
2019-12-12 00:09:53 +01:00
|
|
|
const object = changedGetter(extension.getWrapped(windowToProcess));
|
2019-11-28 01:26:35 +01:00
|
|
|
if (object){
|
|
|
|
callback({name, object, objectGetter: changedGetter});
|
|
|
|
}
|
|
|
|
});
|
|
|
|
});
|
|
|
|
};
|
2017-01-31 20:00:02 +01:00
|
|
|
|
2019-11-28 01:26:35 +01:00
|
|
|
const forEach = function(windowToProcess, callback){
|
|
|
|
forEachFunction(windowToProcess, callback);
|
|
|
|
forEachGetter(windowToProcess, callback);
|
|
|
|
};
|
|
|
|
|
|
|
|
const doRealIntercept = function(windowToProcess, apis, state){
|
|
|
|
if (!state.intercepted){
|
|
|
|
scope.intercept({subject: windowToProcess}, apis);
|
|
|
|
state.intercepted = true;
|
2017-12-04 00:26:26 +01:00
|
|
|
}
|
2019-11-28 01:26:35 +01:00
|
|
|
};
|
|
|
|
const doPreIntercept = function(windowToProcess, apis, state){
|
|
|
|
const forceLoad = true;
|
|
|
|
const originalPropertyDescriptors = {};
|
|
|
|
const undoPreIntercept = function(){
|
|
|
|
if (state.preIntercepted){
|
|
|
|
state.preIntercepted = false;
|
|
|
|
forEach(windowToProcess, function({name, object}){
|
|
|
|
const originalPropertyDescriptor = originalPropertyDescriptors[name].get(object);
|
|
|
|
if (originalPropertyDescriptor){
|
2017-12-04 00:26:26 +01:00
|
|
|
Object.defineProperty(
|
2018-08-27 00:23:19 +02:00
|
|
|
object,
|
2017-12-04 00:26:26 +01:00
|
|
|
name,
|
2019-11-28 01:26:35 +01:00
|
|
|
originalPropertyDescriptor
|
2017-12-04 00:26:26 +01:00
|
|
|
);
|
2019-11-28 01:26:35 +01:00
|
|
|
}
|
|
|
|
});
|
|
|
|
}
|
|
|
|
};
|
|
|
|
if (!state.preIntercepted){
|
|
|
|
forEach(windowToProcess, function({name, object}){
|
|
|
|
const map = originalPropertyDescriptors[name] || new WeakMap();
|
|
|
|
originalPropertyDescriptors[name] = map;
|
|
|
|
|
|
|
|
const originalPropertyDescriptor = Object.getOwnPropertyDescriptor(object, name);
|
|
|
|
if (!originalPropertyDescriptor){
|
|
|
|
return;
|
2017-12-04 00:26:26 +01:00
|
|
|
}
|
2019-11-28 01:26:35 +01:00
|
|
|
|
|
|
|
map.set(object, originalPropertyDescriptor);
|
|
|
|
Object.defineProperty(
|
|
|
|
object,
|
|
|
|
name,
|
|
|
|
{
|
|
|
|
enumerable: true,
|
|
|
|
configurable: true,
|
2019-12-13 17:34:14 +01:00
|
|
|
get: extension.exportFunctionWithName(function(){
|
2019-11-28 01:26:35 +01:00
|
|
|
if (forceLoad){
|
|
|
|
logging.warning("force load the settings. Calling stack:", (new Error()).stack);
|
|
|
|
undoPreIntercept();
|
|
|
|
settings.forceLoad();
|
|
|
|
doRealIntercept(windowToProcess, apis, state);
|
|
|
|
const descriptor = Object.getOwnPropertyDescriptor(object, name);
|
|
|
|
return descriptor.value || descriptor.get.call(this);
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
logging.notice("API blocked (%s)", name);
|
|
|
|
const url = getURL(windowToProcess);
|
|
|
|
if (!url){
|
|
|
|
return undef;
|
|
|
|
}
|
|
|
|
const error = new Error();
|
|
|
|
apis.notify({
|
|
|
|
url,
|
|
|
|
errorStack: error.stack,
|
|
|
|
messageId: "preBlock",
|
|
|
|
timestamp: new Date(),
|
|
|
|
functionName: name,
|
|
|
|
dataURL: false
|
|
|
|
});
|
2019-12-01 01:25:39 +01:00
|
|
|
return undef;
|
2019-11-28 01:26:35 +01:00
|
|
|
}
|
2019-12-13 17:34:14 +01:00
|
|
|
}, windowToProcess, `get ${name}`),
|
|
|
|
set: extension.exportFunctionWithName(function(){}, windowToProcess, `set ${name}`)
|
2019-11-28 01:26:35 +01:00
|
|
|
}
|
|
|
|
);
|
|
|
|
});
|
|
|
|
state.preIntercepted = true;
|
|
|
|
}
|
|
|
|
return undoPreIntercept;
|
|
|
|
};
|
|
|
|
|
|
|
|
scope.preIntercept = function preIntercept({subject: windowToProcess}, apis){
|
|
|
|
if (!settings.isStillDefault){
|
|
|
|
logging.message("settings already loaded -> no need to pre intercept");
|
|
|
|
scope.intercept({subject: windowToProcess}, apis);
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
logging.message("settings not loaded -> need to pre intercept");
|
|
|
|
|
|
|
|
const state = {
|
|
|
|
preIntercepted: false,
|
|
|
|
intercepted: false
|
2017-12-04 00:26:26 +01:00
|
|
|
};
|
2017-12-18 23:55:13 +01:00
|
|
|
|
2019-11-28 01:26:35 +01:00
|
|
|
const undoPreIntercept = doPreIntercept(windowToProcess, apis, state);
|
2017-12-04 00:26:26 +01:00
|
|
|
settings.onloaded(function(){
|
|
|
|
undoPreIntercept();
|
2019-11-28 01:26:35 +01:00
|
|
|
doRealIntercept(windowToProcess, apis, state);
|
2017-12-04 00:26:26 +01:00
|
|
|
});
|
|
|
|
}
|
|
|
|
};
|
2019-11-28 01:26:35 +01:00
|
|
|
|
|
|
|
function getDataURL(object, prefs){
|
|
|
|
return (
|
|
|
|
object &&
|
|
|
|
prefs("storeImageForInspection") &&
|
|
|
|
prefs("showNotifications")?
|
|
|
|
(
|
|
|
|
object instanceof HTMLCanvasElement?
|
|
|
|
object.toDataURL():
|
|
|
|
(
|
|
|
|
object.canvas instanceof HTMLCanvasElement?
|
|
|
|
object.canvas.toDataURL():
|
|
|
|
false
|
|
|
|
)
|
|
|
|
):
|
|
|
|
false
|
|
|
|
);
|
|
|
|
}
|
2018-07-13 16:58:13 +02:00
|
|
|
|
2019-03-14 16:51:20 +01:00
|
|
|
let extensionID = extension.extensionID;
|
2019-11-28 01:26:35 +01:00
|
|
|
|
|
|
|
function generateChecker({
|
|
|
|
name, changedFunction, siteStatus, original,
|
|
|
|
window: windowToProcess, prefs, notify, checkStack, ask
|
|
|
|
}){
|
|
|
|
return function checker(callingDepth = 2){
|
|
|
|
const errorStack = (new Error()).stack;
|
|
|
|
|
|
|
|
try {
|
|
|
|
// return original if the extension itself requested the function
|
|
|
|
if (
|
|
|
|
errorStack
|
|
|
|
.split("\n", callingDepth + 2)[callingDepth + 1]
|
|
|
|
.split("@", callingDepth + 1)[1]
|
|
|
|
.startsWith(extensionID)
|
|
|
|
){
|
|
|
|
return {allow: true, original, window: windowToProcess};
|
|
|
|
}
|
|
|
|
}
|
|
|
|
catch (error) {
|
|
|
|
// stack had an unknown form
|
|
|
|
}
|
|
|
|
if (checkStack(errorStack)){
|
|
|
|
return {allow: true, original, window: windowToProcess};
|
|
|
|
}
|
|
|
|
const funcStatus = changedFunction.getStatus(this, siteStatus, prefs);
|
|
|
|
|
|
|
|
const This = this;
|
|
|
|
function notifyCallback(messageId){
|
|
|
|
notify({
|
|
|
|
url: getURL(windowToProcess),
|
|
|
|
errorStack,
|
|
|
|
messageId,
|
|
|
|
timestamp: new Date(),
|
|
|
|
functionName: name,
|
|
|
|
api: changedFunction.api,
|
|
|
|
dataURL: getDataURL(This, prefs)
|
|
|
|
});
|
|
|
|
}
|
|
|
|
const protectedAPIFeatures = prefs("protectedAPIFeatures");
|
|
|
|
if (
|
|
|
|
funcStatus.active &&
|
|
|
|
(
|
|
|
|
!protectedAPIFeatures.hasOwnProperty(name + " @ " + changedFunction.api) ||
|
|
|
|
protectedAPIFeatures[name + " @ " + changedFunction.api]
|
|
|
|
)
|
|
|
|
){
|
|
|
|
if (funcStatus.mode === "ask"){
|
|
|
|
funcStatus.mode = ask({
|
|
|
|
window: windowToProcess,
|
|
|
|
type: changedFunction.type,
|
|
|
|
api: changedFunction.api,
|
|
|
|
canvas: this instanceof HTMLCanvasElement?
|
|
|
|
this:
|
2018-07-13 16:58:13 +02:00
|
|
|
(
|
2019-11-28 01:26:35 +01:00
|
|
|
this &&
|
|
|
|
(this.canvas instanceof HTMLCanvasElement)?
|
|
|
|
this.canvas:
|
2018-07-13 16:58:13 +02:00
|
|
|
false
|
2019-11-28 01:26:35 +01:00
|
|
|
),
|
2019-05-10 01:11:31 +02:00
|
|
|
errorStack
|
2018-07-13 16:58:13 +02:00
|
|
|
});
|
|
|
|
}
|
2019-11-28 01:26:35 +01:00
|
|
|
switch (funcStatus.mode){
|
|
|
|
case "allow":
|
|
|
|
return {allow: true, original, window: windowToProcess};
|
|
|
|
case "fake":
|
|
|
|
return {
|
|
|
|
allow: "fake",
|
|
|
|
prefs,
|
|
|
|
notify: notifyCallback,
|
|
|
|
window: windowToProcess,
|
|
|
|
original
|
|
|
|
};
|
|
|
|
//case "block":
|
|
|
|
default:
|
|
|
|
return {allow: false, notify: notifyCallback};
|
2018-07-13 16:58:13 +02:00
|
|
|
}
|
2019-11-28 01:26:35 +01:00
|
|
|
}
|
|
|
|
else {
|
|
|
|
return {allow: true, original, window: windowToProcess};
|
|
|
|
}
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
|
|
|
function interceptFunctions(windowToProcess, siteStatus, {checkStack, ask, notify, prefs}){
|
|
|
|
apiNames.forEach(function(name){
|
|
|
|
const changedFunction = changedFunctions[name];
|
|
|
|
const functionStatus = changedFunction.getStatus(undefined, siteStatus, prefs);
|
|
|
|
logging.verbose("status for", name, ":", functionStatus);
|
2019-12-12 23:44:02 +01:00
|
|
|
if (!functionStatus.active) return;
|
|
|
|
|
|
|
|
getAllFunctionObjects(windowToProcess, changedFunction).forEach(function(object){
|
|
|
|
if (!object) return;
|
|
|
|
|
|
|
|
const original = object[name];
|
|
|
|
const checker = generateChecker({
|
|
|
|
name, changedFunction, siteStatus, original,
|
|
|
|
window: windowToProcess, prefs, checkStack, ask, notify
|
2019-11-28 01:26:35 +01:00
|
|
|
});
|
2019-12-12 23:44:02 +01:00
|
|
|
const descriptor = Object.getOwnPropertyDescriptor(object, name);
|
|
|
|
if (!descriptor) return;
|
|
|
|
|
|
|
|
if (descriptor.hasOwnProperty("value")){
|
|
|
|
if (changedFunction.fakeGenerator){
|
|
|
|
descriptor.value = extension.exportFunctionWithName(
|
|
|
|
changedFunction.fakeGenerator(checker, original, windowToProcess),
|
|
|
|
windowToProcess,
|
|
|
|
original.name
|
|
|
|
);
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
descriptor.value = null;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
descriptor.get = extension.exportFunctionWithName(function(){
|
|
|
|
return extension.exportFunctionWithName(
|
|
|
|
changedFunction.fakeGenerator(checker),
|
|
|
|
windowToProcess,
|
|
|
|
original.name
|
|
|
|
);
|
|
|
|
}, windowToProcess, descriptor.get.name);
|
|
|
|
}
|
|
|
|
Object.defineProperty(object, name, descriptor);
|
|
|
|
});
|
2019-11-28 01:26:35 +01:00
|
|
|
});
|
|
|
|
}
|
|
|
|
function interceptGetters(windowToProcess, siteStatus, {checkStack, ask, notify, prefs}){
|
|
|
|
changedGetters.forEach(function(changedGetter){
|
|
|
|
const name = changedGetter.name;
|
|
|
|
const functionStatus = changedGetter.getStatus(undefined, siteStatus, prefs);
|
|
|
|
logging.verbose("status for", changedGetter, ":", functionStatus);
|
2019-12-12 23:44:02 +01:00
|
|
|
if (!functionStatus.active) return;
|
|
|
|
|
|
|
|
changedGetter.objectGetters.forEach(function(objectGetter){
|
|
|
|
const object = objectGetter(extension.getWrapped(windowToProcess));
|
|
|
|
if (!object) return;
|
|
|
|
|
|
|
|
const descriptor = Object.getOwnPropertyDescriptor(object, name);
|
|
|
|
if (!descriptor) return;
|
|
|
|
|
|
|
|
if (descriptor.hasOwnProperty("get")){
|
|
|
|
const original = descriptor.get;
|
|
|
|
const checker = generateChecker({
|
|
|
|
name, changedFunction: changedGetter, siteStatus, original,
|
|
|
|
window: windowToProcess, prefs, checkStack, ask, notify
|
|
|
|
});
|
|
|
|
const getter = changedGetter.getterGenerator(checker, original, windowToProcess);
|
|
|
|
descriptor.get = extension.exportFunctionWithName(getter, windowToProcess, original.name);
|
|
|
|
|
|
|
|
if (descriptor.hasOwnProperty("set") && descriptor.set && changedGetter.setterGenerator){
|
|
|
|
const original = descriptor.set;
|
|
|
|
const setter = changedGetter.setterGenerator(
|
|
|
|
windowToProcess,
|
|
|
|
original,
|
|
|
|
prefs
|
|
|
|
);
|
|
|
|
descriptor.set = extension.exportFunctionWithName(setter, windowToProcess, original.name);
|
|
|
|
}
|
|
|
|
|
|
|
|
Object.defineProperty(object, name, descriptor);
|
|
|
|
}
|
|
|
|
else if (
|
|
|
|
changedGetter.valueGenerator &&
|
|
|
|
descriptor.hasOwnProperty("value")
|
|
|
|
){
|
|
|
|
const protectedAPIFeatures = prefs("protectedAPIFeatures");
|
|
|
|
if (
|
2019-12-29 00:18:05 +01:00
|
|
|
protectedAPIFeatures.hasOwnProperty(name + " @ " + changedGetter.api) &&
|
|
|
|
!protectedAPIFeatures[name + " @ " + changedGetter.api]
|
2019-12-12 23:44:02 +01:00
|
|
|
){
|
2019-12-29 00:18:05 +01:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
switch (functionStatus.mode){
|
|
|
|
case "ask": case "block": case "fake":
|
|
|
|
descriptor.value = changedGetter.valueGenerator({
|
|
|
|
mode: functionStatus.mode,
|
|
|
|
original: descriptor.value,
|
|
|
|
notify: function notifyCallback(messageId){
|
|
|
|
notify({
|
|
|
|
url: getURL(windowToProcess),
|
|
|
|
errorStack: (new Error()).stack,
|
|
|
|
messageId,
|
|
|
|
timestamp: new Date(),
|
|
|
|
functionName: name,
|
|
|
|
api: changedGetter.api
|
|
|
|
});
|
|
|
|
}
|
|
|
|
});
|
|
|
|
Object.defineProperty(object, name, descriptor);
|
|
|
|
break;
|
2019-11-28 01:26:35 +01:00
|
|
|
}
|
2019-12-12 23:44:02 +01:00
|
|
|
}
|
|
|
|
else {
|
|
|
|
logging.error("Try to fake non getter property:", changedGetter);
|
|
|
|
}
|
|
|
|
});
|
2019-11-28 01:26:35 +01:00
|
|
|
});
|
|
|
|
}
|
|
|
|
scope.intercept = function intercept({subject: windowToProcess}, apis){
|
|
|
|
const siteStatus = apis.check({url: getURL(windowToProcess)});
|
|
|
|
logging.verbose("status for page", windowToProcess, siteStatus);
|
|
|
|
if (siteStatus.mode !== "allow"){
|
|
|
|
interceptFunctions(windowToProcess, siteStatus, apis);
|
|
|
|
interceptGetters(windowToProcess, siteStatus, apis);
|
2016-11-19 15:35:00 +01:00
|
|
|
}
|
2016-02-13 12:48:22 +01:00
|
|
|
};
|
2016-02-13 12:28:36 +01:00
|
|
|
}());
|