mirror of
https://github.com/kkapsner/CanvasBlocker
synced 2025-01-07 12:14:50 +01:00
parent
b361733c73
commit
d09340e84f
@ -1068,7 +1068,19 @@
|
|||||||
"description": ""
|
"description": ""
|
||||||
},
|
},
|
||||||
"protectWindow_askReCaptchaException": {
|
"protectWindow_askReCaptchaException": {
|
||||||
"message": "Wenn die Window-API beschützt wird, funktioniert reCAPTCHA nicht mehr. Wollen Sie dafür eine Ausnahme hinzufügen?",
|
"message": "Wenn die Window-API beschützt wird, funktioniert reCAPTCHA nicht mehr. Wollen Sie die window.name-API in eingebetteten Seiten erlauben, damit es wieder funktioniert?",
|
||||||
|
"description": ""
|
||||||
|
},
|
||||||
|
"allowWindowNameInFrames_title": {
|
||||||
|
"message": "Erlaube window.name in Frames",
|
||||||
|
"description": ""
|
||||||
|
},
|
||||||
|
"allowWindowNameInFrames_description": {
|
||||||
|
"message": "Die window.name-API ist im Kontext eingebetteter Seiten nicht besonders gefährlich und wird dort für legitime Anwendungen (z.B. reCAPTCHA) verwendet. Diese Einstellung erlaubt die Benutzung dort.",
|
||||||
|
"description": ""
|
||||||
|
},
|
||||||
|
"allowWindowNameInFrames_urlSpecific": {
|
||||||
|
"message": "Um die für bestimmte Seiten zu erlauben, klicken Sie auf den schwarzen Pfeil um das Menü zu öffnen, fügen Sie die gewünschte Domain oder URL mit einem Klick auf \\\"+\\\" hinzu und setzen Sie das zugehörige Häkchen.",
|
||||||
"description": ""
|
"description": ""
|
||||||
},
|
},
|
||||||
"protectDOMRect_title": {
|
"protectDOMRect_title": {
|
||||||
@ -1528,7 +1540,7 @@
|
|||||||
"description": ""
|
"description": ""
|
||||||
},
|
},
|
||||||
"preset_recaptcha_description": {
|
"preset_recaptcha_description": {
|
||||||
"message": "Der window-API-Schutz macht reCAPTCHA unbenutzbar. Diese Voreinstellung fügt eine Ausnahme dafür hinzu.",
|
"message": "Der window-API-Schutz macht reCAPTCHA unbenutzbar. Diese Voreinstellung erlaubt die Benutzung der window.name-API in eingebetteten Seite. Dadurch funktioniert es wieder.",
|
||||||
"description": ""
|
"description": ""
|
||||||
}
|
}
|
||||||
}
|
}
|
@ -1111,7 +1111,20 @@
|
|||||||
"description": ""
|
"description": ""
|
||||||
},
|
},
|
||||||
"protectWindow_askReCaptchaException": {
|
"protectWindow_askReCaptchaException": {
|
||||||
"message": "Protecting the window API breaks reCAPTCHA. Do you want to add an exception for it?",
|
"message": "Protecting the window API breaks reCAPTCHA. Do you want to allow the window.name API in embedded pages which will make if work again?",
|
||||||
|
"description": ""
|
||||||
|
},
|
||||||
|
|
||||||
|
"allowWindowNameInFrames_title": {
|
||||||
|
"message": "Allow window.name in frames",
|
||||||
|
"description": ""
|
||||||
|
},
|
||||||
|
"allowWindowNameInFrames_description": {
|
||||||
|
"message": "The window.name API is not that dangerous in the context of embedded pages and it is used there for legitimate reasons (e.g. reCAPTCHA). This setting will allow these usages.",
|
||||||
|
"description": ""
|
||||||
|
},
|
||||||
|
"allowWindowNameInFrames_urlSpecific": {
|
||||||
|
"message": "To allow this for specific websites, click on the black arrow to open the menu, add the domain or URL by clicking on \"+\" and set its checkmark.",
|
||||||
"description": ""
|
"description": ""
|
||||||
},
|
},
|
||||||
|
|
||||||
@ -1591,7 +1604,7 @@
|
|||||||
"description": ""
|
"description": ""
|
||||||
},
|
},
|
||||||
"preset_recaptcha_description": {
|
"preset_recaptcha_description": {
|
||||||
"message": "Protecting the window API breaks reCAPTCHA. This preset adds an exception for it to work.",
|
"message": "Protecting the window API breaks reCAPTCHA. This preset allows the usage of the window.name API in embedded pages which will make it work again.",
|
||||||
"description": ""
|
"description": ""
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -48,8 +48,14 @@
|
|||||||
const temp = {
|
const temp = {
|
||||||
get name(){
|
get name(){
|
||||||
return checkerWrapper(checker, this, arguments, function(args, check){
|
return checkerWrapper(checker, this, arguments, function(args, check){
|
||||||
const {notify, original} = check;
|
const {notify, original, prefs} = check;
|
||||||
const originalName = original.call(this, ...args);
|
const originalName = original.call(this, ...args);
|
||||||
|
if (
|
||||||
|
this !== this.top &&
|
||||||
|
prefs("allowWindowNameInFrames", this.location)
|
||||||
|
){
|
||||||
|
return originalName;
|
||||||
|
}
|
||||||
const returnedName = windowNames.get(this) || "";
|
const returnedName = windowNames.get(this) || "";
|
||||||
if (originalName !== returnedName){
|
if (originalName !== returnedName){
|
||||||
notify("fakedWindowReadout");
|
notify("fakedWindowReadout");
|
||||||
|
@ -321,6 +321,11 @@
|
|||||||
defaultValue: false,
|
defaultValue: false,
|
||||||
urlSpecific: true
|
urlSpecific: true
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
name: "allowWindowNameInFrames",
|
||||||
|
defaultValue: false,
|
||||||
|
urlSpecific: true
|
||||||
|
},
|
||||||
{
|
{
|
||||||
name: "protectDOMRect",
|
name: "protectDOMRect",
|
||||||
defaultValue: true,
|
defaultValue: true,
|
||||||
@ -383,7 +388,7 @@
|
|||||||
},
|
},
|
||||||
{
|
{
|
||||||
name: "storageVersion",
|
name: "storageVersion",
|
||||||
defaultValue: 0.6,
|
defaultValue: 1.0,
|
||||||
fixed: true
|
fixed: true
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
@ -15,11 +15,11 @@
|
|||||||
|
|
||||||
const settingDefinitions = require("./settingDefinitions");
|
const settingDefinitions = require("./settingDefinitions");
|
||||||
|
|
||||||
scope.validVersions = [undefined, 0.1, 0.2, 0.3, 0.4, 0.5, 0.6];
|
scope.validVersions = [undefined, 0.1, 0.2, 0.3, 0.4, 0.5, 0.6, 1.0];
|
||||||
scope.transitions = {
|
scope.transitions = {
|
||||||
"": function(){
|
"": function(){
|
||||||
return {
|
return {
|
||||||
storageVersion: 0.6
|
storageVersion: 1.0
|
||||||
};
|
};
|
||||||
},
|
},
|
||||||
0.1: function(oldStorage){
|
0.1: function(oldStorage){
|
||||||
@ -157,6 +157,25 @@
|
|||||||
}
|
}
|
||||||
return newStorage;
|
return newStorage;
|
||||||
},
|
},
|
||||||
|
0.6: function (oldStorage){
|
||||||
|
const newStorage = {
|
||||||
|
storageVersion: 1.0
|
||||||
|
};
|
||||||
|
if (
|
||||||
|
oldStorage.hasOwnProperty("protectWindow") &&
|
||||||
|
oldStorage.protectWindow &&
|
||||||
|
oldStorage.hasOwnProperty("urlSettings") &&
|
||||||
|
Array.isArray(oldStorage.urlSettings) &&
|
||||||
|
oldStorage.urlSettings.filter(function(entry){
|
||||||
|
return entry.url === "^https://www\\.google\\.com/recaptcha/api2/(?:b?frame|anchor).*$";
|
||||||
|
}).some(function(entry){
|
||||||
|
return entry.protectWindow === false;
|
||||||
|
})
|
||||||
|
){
|
||||||
|
newStorage.allowWindowNameInFrames = true;
|
||||||
|
}
|
||||||
|
return newStorage;
|
||||||
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
scope.check = function(storage, {settings, logging}){
|
scope.check = function(storage, {settings, logging}){
|
||||||
|
@ -121,6 +121,7 @@
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
delete json.storageVersion;
|
||||||
const keys = Object.keys(json);
|
const keys = Object.keys(json);
|
||||||
keys.forEach(function(key){
|
keys.forEach(function(key){
|
||||||
const setting = settings.getDefinition(key);
|
const setting = settings.getDefinition(key);
|
||||||
@ -132,9 +133,7 @@
|
|||||||
}
|
}
|
||||||
});
|
});
|
||||||
keys.forEach(function(key){
|
keys.forEach(function(key){
|
||||||
if (key !== "storageVersion"){
|
settings[key] = json[key];
|
||||||
settings[key] = json[key];
|
|
||||||
}
|
|
||||||
});
|
});
|
||||||
},
|
},
|
||||||
resetSettings: async function(){
|
resetSettings: async function(){
|
||||||
@ -560,31 +559,17 @@
|
|||||||
document.body.appendChild(version);
|
document.body.appendChild(version);
|
||||||
|
|
||||||
settings.onloaded(function(){
|
settings.onloaded(function(){
|
||||||
const reCaptchaEntry = "^https://www\\.google\\.com/recaptcha/api2/(?:b?frame|anchor).*$";
|
|
||||||
const {url: urlContainer} = settings.getContainers();
|
|
||||||
settings.on("protectWindow", async function({newValue}){
|
settings.on("protectWindow", async function({newValue}){
|
||||||
if (newValue){
|
if (newValue && !settings.allowWindowNameInFrames){
|
||||||
const urlValue = urlContainer.get();
|
const addException = await modal.confirm(
|
||||||
const matching = urlValue.filter(function(entry){
|
extension.getTranslation("protectWindow_askReCaptchaException"),
|
||||||
return entry.url === reCaptchaEntry;
|
{
|
||||||
});
|
node: document.querySelector("[data-storage-name=protectWindow]"),
|
||||||
if (
|
selector: ".settingRow .content"
|
||||||
newValue &&
|
|
||||||
(
|
|
||||||
matching.length === 0 ||
|
|
||||||
matching[0].protectWindow
|
|
||||||
)
|
|
||||||
){
|
|
||||||
const addException = await modal.confirm(
|
|
||||||
extension.getTranslation("protectWindow_askReCaptchaException"),
|
|
||||||
{
|
|
||||||
node: document.querySelector("[data-storage-name=protectWindow]"),
|
|
||||||
selector: ".settingRow .content"
|
|
||||||
}
|
|
||||||
);
|
|
||||||
if (addException){
|
|
||||||
settings.set("protectWindow", false, reCaptchaEntry);
|
|
||||||
}
|
}
|
||||||
|
);
|
||||||
|
if (addException){
|
||||||
|
settings.set("allowWindowNameInFrames", true);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
@ -23,8 +23,6 @@
|
|||||||
"protectWindow": true
|
"protectWindow": true
|
||||||
},
|
},
|
||||||
"recaptcha": {
|
"recaptcha": {
|
||||||
"protectWindow": {
|
"allowWindowNameInFrames": true
|
||||||
"^https://www\\.google\\.com/recaptcha/api2/(?:b?frame|anchor).*$": false
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
@ -583,6 +583,14 @@
|
|||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"name": "allowWindowNameInFrames",
|
||||||
|
"displayDependencies": [
|
||||||
|
{
|
||||||
|
"protectWindow": [true]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
@ -4,6 +4,7 @@ Version 1.0:
|
|||||||
- code cleanup
|
- code cleanup
|
||||||
- added mail.google.com to the convenience preset
|
- added mail.google.com to the convenience preset
|
||||||
- added reCAPTCHA preset
|
- added reCAPTCHA preset
|
||||||
|
- the reCAPTCHA whitelisting entry is changed to "allow window.name in frames"
|
||||||
|
|
||||||
new features:
|
new features:
|
||||||
- added screen protection
|
- added screen protection
|
||||||
@ -18,6 +19,7 @@ Version 1.0:
|
|||||||
- cross origin DOM manipulations
|
- cross origin DOM manipulations
|
||||||
- window.name protection was detectable
|
- window.name protection was detectable
|
||||||
- importing settings file with an older storage version did not work properly
|
- importing settings file with an older storage version did not work properly
|
||||||
|
- fields hosted on braintree not working when window API was protected
|
||||||
|
|
||||||
known issues:
|
known issues:
|
||||||
- if a data URL is blocked the page action button does not appear
|
- if a data URL is blocked the page action button does not appear
|
||||||
|
@ -93,6 +93,10 @@
|
|||||||
{
|
{
|
||||||
"version": "1.0RC3",
|
"version": "1.0RC3",
|
||||||
"update_link": "https://canvasblocker.kkapsner.de/versions/canvasblocker_beta-1.0RC3-an+fx.xpi"
|
"update_link": "https://canvasblocker.kkapsner.de/versions/canvasblocker_beta-1.0RC3-an+fx.xpi"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"version": "1.0RC4",
|
||||||
|
"update_link": "https://canvasblocker.kkapsner.de/versions/canvasblocker_beta-1.0RC4-an+fx.xpi"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user