diff --git a/_locales/de/messages.json b/_locales/de/messages.json index 91de628..d084acc 100644 --- a/_locales/de/messages.json +++ b/_locales/de/messages.json @@ -507,7 +507,7 @@ "description": "" }, "apiWhiteList_description": { - "message": "Erlaubt ausgewählte Teile der Canvas-API.", + "message": "Erlaubt ausgewählte Teile der APIs. Wenn eine Boxen markiert wird, wird dieser Teil der API nicht geschützt.", "description": "" }, diff --git a/_locales/en/messages.json b/_locales/en/messages.json index 2742f56..a5648c1 100644 --- a/_locales/en/messages.json +++ b/_locales/en/messages.json @@ -507,7 +507,7 @@ "description": "" }, "apiWhiteList_description": { - "message": "Allows certain parts of the canvas API.", + "message": "Allows certain parts of the APIs. When ticking a checkbox this feature of the API will not be protected.", "description": "" }, diff --git a/lib/check.js b/lib/check.js index ae269f7..5020a29 100644 --- a/lib/check.js +++ b/lib/check.js @@ -25,6 +25,7 @@ ); if (match){ return { + url: url, type: (match[2] === "Everything" || match[2] === "")? ["context", "readout", "input"]: [match[2].toLowerCase()], @@ -33,6 +34,7 @@ } else { return { + url: url, type: ["context", "readout", "input"], mode: "block" }; diff --git a/lib/dataUrls.js b/lib/dataUrls.js index 55eb7d4..b932053 100644 --- a/lib/dataUrls.js +++ b/lib/dataUrls.js @@ -41,7 +41,7 @@ } scope.init = function(){ - function listener(details){console.log("listener"); + function listener(details){ const headers = details.responseHeaders; if (settings.blockDataURLs){ const cspMatch = (blockBlob? "": "blob: ") + "filesystem: *"; diff --git a/lib/intercept.js b/lib/intercept.js index 11a2137..5d31371 100644 --- a/lib/intercept.js +++ b/lib/intercept.js @@ -220,7 +220,7 @@ if (checkStack(error.stack)){ return {allow: true, original, window}; } - var funcStatus = changedFunction.getStatus(this, siteStatus); + var funcStatus = changedFunction.getStatus(this, siteStatus, prefs); function notifyCallback(messageId){ notify({ @@ -282,7 +282,7 @@ if (siteStatus.mode !== "allow"){ apiNames.forEach(function(name){ var changedFunction = changedFunctions[name]; - var functionStatus = changedFunction.getStatus(undefined, siteStatus); + var functionStatus = changedFunction.getStatus(undefined, siteStatus, prefs); logging.verbose("status for", name, ":", functionStatus); if (functionStatus.active){ ( @@ -323,7 +323,7 @@ }); changedGetters.forEach(function(changedGetter){ const name = changedGetter.name; - var functionStatus = changedGetter.getStatus(undefined, siteStatus); + var functionStatus = changedGetter.getStatus(undefined, siteStatus, prefs); logging.verbose("status for", changedGetter, ":", functionStatus); if (functionStatus.active){ changedGetter.objectGetters.forEach(function(objectGetter){ diff --git a/lib/lists.js b/lib/lists.js index 35cd348..c1bd478 100644 --- a/lib/lists.js +++ b/lib/lists.js @@ -29,7 +29,7 @@ }) .map(function(entry){ var regExp; - var domain = !!entry.match(/^[\w.]+$/); + var domain = !!entry.match(/^[A-Za-z0-9_.-]+$/); if (domain){ regExp = new RegExp("(?:^|\\.)" + entry.replace(/([\\+*?[^\]$(){}=!|.])/g, "\\$1") + "\\.?$", "i"); } diff --git a/lib/modifiedAudioAPI.js b/lib/modifiedAudioAPI.js index 9cb51a9..815f0fd 100644 --- a/lib/modifiedAudioAPI.js +++ b/lib/modifiedAudioAPI.js @@ -90,7 +90,7 @@ const intCache = Object.create(null); function fakeFloat32Array(array, window, prefs){ - if (prefs("protectAudio")){ + if (prefs("protectAudio", window.location)){ let cached = false; let hash; if (prefs("useAudioCache")){ @@ -121,7 +121,7 @@ } } function fakeUint8Array(array, window, prefs){ - if (prefs("protectAudio")){ + if (prefs("protectAudio", window.location)){ let cached = false; let hash; if (prefs("useAudioCache")){ @@ -148,9 +148,9 @@ randomSupply = supply; }; - function getStatus(obj, status){ + function getStatus(obj, status, prefs){ status = Object.create(status); - status.active = hasType(status, "readout"); + status.active = prefs("protectAudio", status.url) && hasType(status, "readout"); return status; } diff --git a/lib/modifiedWindowAPI.js b/lib/modifiedWindowAPI.js index aa0cbc0..b8472c6 100644 --- a/lib/modifiedWindowAPI.js +++ b/lib/modifiedWindowAPI.js @@ -73,9 +73,9 @@ } ]; - function getStatus(obj, status){ + function getStatus(obj, status, prefs){ status = Object.create(status); - status.active = hasType(status, "readout"); + status.active = prefs("protectWindow", status.url) && hasType(status, "readout"); return status; } diff --git a/lib/settings.js b/lib/settings.js index 5f10b62..8a86db7 100644 --- a/lib/settings.js +++ b/lib/settings.js @@ -461,7 +461,7 @@ urlContainer.on(function({newValue, oldValue}){ newValue.forEach(function(urlSetting){ var regExp; - var domain = !!urlSetting.url.match(/^[\w.]+$/); + var domain = !!urlSetting.url.match(/^[A-Za-z0-9_.-]+$/); if (domain){ regExp = new RegExp( "(?:^|\\.)" + urlSetting.url.replace(/([\\+*?[^\]$(){}=!|.])/g, "\\$1") + "\\.?$", diff --git a/releaseNotes.txt b/releaseNotes.txt index 30b85fb..2ba8279 100644 --- a/releaseNotes.txt +++ b/releaseNotes.txt @@ -7,7 +7,7 @@ Version 0.5.4: - added protection for DOMRect (getClientRects) fixes: - - + - window and audio API were always blocked when using any of the "block ..." modes known issues: - if a data URL is blocked the page action button does not appear