commit 1ba5a2cc5de0ee87636418d12b81baa315f197ea Author: Mike Perry mikeperry-git@fscked.org Date: Thu Dec 6 15:16:27 2012 -0800
It begins: Remove the content policy.
The content policy is old toggle code, and is mysteriously broken on FF17.
We're going to be removing a ton of these old observers soon. --- src/chrome.manifest | 4 - src/components/cssblocker.js | 489 ------------------------------------------ src/install.rdf | 2 +- 3 files changed, 1 insertions(+), 494 deletions(-)
diff --git a/src/chrome.manifest b/src/chrome.manifest index 2172815..5564804 100644 --- a/src/chrome.manifest +++ b/src/chrome.manifest @@ -143,9 +143,6 @@ contract @torproject.org/crash-observer;1 {06322def-6fde-4c06-aef6-47ae8e799629} component {e6204253-b690-4159-bfe8-d4eedab6b3be} components/cookie-jar-selector.js contract @torproject.org/cookie-jar-selector;1 {e6204253-b690-4159-bfe8-d4eedab6b3be}
-component {23f4d9ba-023a-94ab-eb75-67aed7562a18} components/cssblocker.js -contract @torproject.org/cssblocker;1 {23f4d9ba-023a-94ab-eb75-67aed7562a18} - component {f36d72c9-9718-4134-b550-e109638331d7} components/torbutton-logger.js contract @torproject.org/torbutton-logger;1 {f36d72c9-9718-4134-b550-e109638331d7}
@@ -161,7 +158,6 @@ contract @mozilla.org/network/protocol;1?name=tor {52183e20-4d4b-11de-8a39-08002 component {a5a4bc50-5e8d-11de-8a39-0800200c9a66} components/tors-protocol.js contract @mozilla.org/network/protocol;1?name=tors {a5a4bc50-5e8d-11de-8a39-0800200c9a66}
-category content-policy ContentPolicy @torproject.org/cssblocker;1 category profile-after-change CookieJarSelector @torproject.org/cookie-jar-selector;1 # category profile-after-change RefSpoofer @torproject.org/torRefSpoofer;1 category profile-after-change TBSessionBlocker @torproject.org/torbutton-ss-blocker;1 diff --git a/src/components/cssblocker.js b/src/components/cssblocker.js deleted file mode 100644 index 4b79ae4..0000000 --- a/src/components/cssblocker.js +++ /dev/null @@ -1,489 +0,0 @@ -// Bug 1506 P0: All of this code is toggle specific and can be killed - -/* -*- Mode: javascript; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4; -*- */ -/************************************************************************* - * Content policy to block stuff not handled by other components - * (such as CSS) - * - http://www.w3.org/TR/REC-CSS2/selector.html#dynamic-pseudo-classes - * - * Also serves as a safety net to catch content the other mechanisms - * somehow might be tricked into failing to block (this should not happen - * in normal operation though). - * - * Based on examples from: - * - http://adblockplus.org/en/faq_internal - * - http://developer.mozilla.org/en/docs/How_to_Build_an_XPCOM_Component_in_Java... - * - http://www.xulplanet.com/references/xpcomref/ifaces/nsICategoryManager.html - * - http://www.xulplanet.com/references/xpcomref/ifaces/nsIContentPolicy.html - * - http://greasemonkey.devjavu.com/projects/greasemonkey/browser/trunk/src/comp... - * - * Test cases: - * - http://www.tjkdesign.com/articles/css%20pop%20ups/default.asp - * - *************************************************************************/ - -// This is all local scope -const CSSB_CONTRACTID = "@torproject.org/cssblocker;1"; -const CSSB_CID = Components.ID("{23f4d9ba-023a-94ab-eb75-67aed7562a18}"); - -const DNode = Components.interfaces.nsIDOMNode; -const DWindow = Components.interfaces.nsIDOMWindow; -const ok = Components.interfaces.nsIContentPolicy.ACCEPT; -const block = Components.interfaces.nsIContentPolicy.REJECT_REQUEST; -const CPolicy = Components.interfaces.nsIContentPolicy; -const Cr = Components.results; -const Cc = Components.classes; -const Ci = Components.interfaces; - -Components.utils.import("resource://gre/modules/XPCOMUtils.jsm"); - -// Retrieves the window object for a node or returns null if it isn't possible -function getWindow(node) { - if (node && node.nodeType != DNode.DOCUMENT_NODE) - node = node.ownerDocument; - - if (!node || node.nodeType != DNode.DOCUMENT_NODE) - return null; - - return node.defaultView; -} - -//FIXME: can we kill this noise? -//HACKHACK: need a way to get an implicit wrapper for nodes because of bug 337095 (fixed in Gecko 1.8.0.5) -var fakeFactory = { - createInstance: function(outer, iid) { - return outer; - }, - - QueryInterface: function(iid) { - if (iid.equals(Components.interfaces.nsISupports) || - iid.equals(Components.interfaces.nsIFactory)) - return this; - - Components.returnCode = Cr.NS_ERROR_NO_INTERFACE; - return null; - } -}; -var array = Components.classes['@mozilla.org/supports-array;1'].createInstance(Components.interfaces.nsISupportsArray); -array.AppendElement(fakeFactory); -fakeFactory = array.GetElementAt(0).QueryInterface(Components.interfaces.nsIFactory); -array = null; - -function wrapNode(insecNode) { - return fakeFactory.createInstance(insecNode, Components.interfaces.nsISupports); -} - -function make_nsIURI(url) { - var nsiuri = Cc["@mozilla.org/network/standard-url;1"].createInstance(Ci.nsIStandardURL); - nsiuri.init(Ci.nsIStandardURL.URLTYPE_STANDARD, -1, url, null, null); - return nsiuri; -} - -// Unwraps jar:, view-source: and wyciwyg: URLs, returns the contained URL -function unwrapURL(url, changed) { - if (!url) - return url; - - var ret = url.replace(/^view-source:/, "").replace(/^wyciwyg://\d+//, ""); - if (/^jar:(.*)!/.test(ret)) - ret = RegExp.$1; - - if (ret == url) - if(changed) return make_nsIURI(url); - else return url; - else - return unwrapURL(ret, true); -} - -var localSchemes = {"about" : true, "chrome" : true, "file" : true, - "resource" : true, "x-jsd" : true, "addbook" : true, - "mailbox" : true, "moz-icon" : true}; - -var browserSources = { "browser":true, "mozapps":true, "global":true, - "pippki":true, "branding":true, "cookie":true, "xbl-marquee":true, - "reporter":true, "global-region":true, "passwordmgr":true, - "global-platform":true}; - -var hostFreeSchemes = { "resource":true, "data":true, "cid":true, - "file":true, "view-source":true, "about":true}; - -var protectedChromeHosts = { "torbutton": true }; - -function ContentPolicy() { - this.logger = Components.classes["@torproject.org/torbutton-logger;1"] - .getService(Components.interfaces.nsISupports).wrappedJSObject; - this.logger.log(3, "Component Load 1: New ContentPolicy ("+CSSB_CONTRACTID+")"); - - this._prefs = Components.classes["@mozilla.org/preferences-service;1"] - .getService(Components.interfaces.nsIPrefBranch); - this.wm = Components.classes["@torproject.org/content-window-mapper;1"] - .getService(Components.interfaces.nsISupports) - .wrappedJSObject; - - // Register observer: - var pref_service = Components.classes["@mozilla.org/preferences-service;1"] - .getService(Components.interfaces.nsIPrefBranchInternal); - this._branch = pref_service.QueryInterface(Components.interfaces.nsIPrefBranchInternal); - this._branch.addObserver("extensions.torbutton", this, false); - - this.isolate_content = this._prefs.getBoolPref("extensions.torbutton.isolate_content"); - this.tor_enabled = this._prefs.getBoolPref("extensions.torbutton.tor_enabled"); - this.settings_applied = this._prefs.getBoolPref("extensions.torbutton.settings_applied"); - this.tor_enabling = this.tor_enabled || this.settings_applied; // Catch transition edge cases - this.block_tor_file_net = this._prefs.getBoolPref("extensions.torbutton.block_tor_file_net"); - this.block_nontor_file_net = this._prefs.getBoolPref("extensions.torbutton.block_nontor_file_net"); - this.no_tor_plugins = this._prefs.getBoolPref("extensions.torbutton.no_tor_plugins"); - - this.wrappedJSObject = this; - return; -} - -ContentPolicy.prototype = { - isLocalScheme: function(scheme) { - return (scheme in localSchemes); - }, - - // nsIContentPolicy interface implementation - shouldLoad: function(contentType, contentLocation, requestOrigin, insecNode, mimeTypeGuess, extra) { - /*. Debugging hack. DO NOT UNCOMMENT IN PRODUCTION ENVIRONMENTS - if(contentLocation.spec.search("venkman") != -1) { - this.logger.log(3, "chrome-venk"); - return ok; - }*/ - - if(!insecNode) { - // Happens on startup - this.logger.log(3, "Skipping no insec: "+contentLocation.spec); - return ok; - } - - if(!this.isolate_content) { - this.logger.eclog(2, "Content policy disabled"); - return ok; - } - - this.logger.log(1, "Cpolicy load of: "+contentLocation.spec+" from: "+ - (( null == requestOrigin ) ? "<null>" : requestOrigin.spec)); - - var utmp = null; - try { utmp = unwrapURL(contentLocation.spec, false); } - catch(e) { this.logger.log(5, "Exception on unwrap: "+e); } - - if(utmp instanceof Ci.nsIURI) { - utmp = utmp.QueryInterface(Ci.nsIURI); - contentLocation = utmp; - this.logger.log(2, "Unwrapped cpolicy load of: "+contentLocation.spec+" from: "+ - (( null == requestOrigin ) ? "<null>" : requestOrigin.spec)); - } - - if (!requestOrigin || !requestOrigin.scheme) { - if (this.tor_enabling) { - // in FF3, at startup requestOrigin is not set - if (("chrome" == contentLocation.scheme) && (contentLocation.host in browserSources)) { - this.logger.eclog(1, "Allowing browser chrome request from: " + - "<null>" + " for: " + - contentLocation.spec); - return ok; - } - this.logger.safe_log(4, "NO ORIGIN! Blockng request for: ", - contentLocation.spec); - return block; - } - } else { - // rules based on request origin: - // 1) privileged schemes can access local content but - // must be checked for network access (favicons) - // 2) locally privileged schemes can access local content - // 3) forbidden schemes should be blocked - // 4) all others cannot access any (unwrapped) local content - // exceptions: - // 4a) any content can potentially access 'about:blank' - // 4b) browser chrome requests are allowed - // - switch (requestOrigin.scheme) { - case "x-jsd": - case "chrome": - // privileged - if ((contentLocation.scheme in localSchemes) || - (contentLocation.scheme in hostFreeSchemes)) { - return ok; - } - // Chrome can source favicons from non-local protocols. - // This needs to be checked below. - break; - case "about": - case "resource": - // privileged - return ok; - break; - case "view-source": - case "file": - // locally privileged - if ((contentLocation.scheme in localSchemes) || - (contentLocation.scheme in hostFreeSchemes)) { - this.logger.eclog(1, "Accepted request from locally privileged scheme: " + - requestOrigin.scheme + " for: " + - contentLocation.spec); - return ok; - } else { - if (this.block_tor_file_net && this.tor_enabling || - this.block_nontor_file_net && !this.tor_enabling) { - this.logger.safe_log(4, "Blocking remote request from: ", - requestOrigin.spec+" for: " - +contentLocation.spec); - return block; - } - } - break; - case "moz-nullprincipal": - // forbidden to access anything but chrome - // (Chrome access needed for FoxyProxy context menu) - if (this.tor_enabling && - (contentLocation.scheme != "chrome")) { - this.logger.safe_log(4, - "Blocking nullprinciple request from: ", - requestOrigin.spec + " for: " + - contentLocation.spec); - return block; - } - break; - default: - if (contentLocation.scheme in localSchemes) { - var targetScheme = contentLocation.scheme; - var targetHost = ""; - if ( !(contentLocation.scheme in hostFreeSchemes) ) { - try { - targetHost = contentLocation.host; - } catch(e) { - this.logger.safe_log(4, "No host from: ", - requestOrigin.spec + " for: " + - contentLocation.spec); - } - } - - // Fix bug #2359: Firefox now loads dtd's from - // resource urls with a valid host. We must - // check for this and allow it. - if (contentLocation.scheme == "resource") { - try { - targetHost = contentLocation.host; - } catch(e) { - this.logger.safe_log(3, "No resource host from: ", - requestOrigin.spec + " for: " + - contentLocation.spec); - } - } - - if (("about:blank" == contentLocation.spec)) { - // ok, but don't return - } else if (("chrome" == targetScheme) && (targetHost in browserSources)) { - this.logger.eclog(1, "Allowing browser chrome request from: " + - requestOrigin.spec + " for: " + - contentLocation.spec); - return ok; - } else if ("file" == targetScheme || - ("resource" == targetScheme && targetHost == "gre")) { - // This fix is for bugs 1014+2359. XHTML documents need to source - // a special dtd as a file url. The same origin policy should - // prevent other access to file urls, so this should be ok - // to just allow. - this.logger.eclog(3, "Allowing browser file request from: " + - requestOrigin.spec + " for: " + - contentLocation.spec); - //return ok; - } else { - if (this.tor_enabling || (targetHost in protectedChromeHosts)) { - this.logger.safe_log(4, - "Blocking local request from: ", - requestOrigin.spec+" (" - +requestOrigin.scheme+") for: "+ - contentLocation.spec); - return block; - } - } - } - } - } - - var node = wrapNode(insecNode); - var wind = getWindow(node); - - // For frame elements go to their window - if (contentType == CPolicy.TYPE_SUBDOCUMENT && node.contentWindow) { - node = node.contentWindow; - wind = node; - } - - /* - * This clause does in fact occurr. It causes us to break hotmail - * by blocking some of their javascript.. - * - * https://trac.torproject.org/projects/tor/ticket/3580 - if (contentType == 5) { // Object - // Never seems to happen.. But it would be nice if we - // could handle it either here or shouldProcess, instead of in - // the webprogresslistener - if(this.tor_enabling && this.no_tor_plugins) { - this.logger.safe_log(4, "Blocking object at ", - contentLocation.spec); - return block; - } - } - */ - - if (!wind || !wind.top.location || !wind.top.location.href) { - this.logger.safe_log(4, "Skipping no location: ", - contentLocation.spec); - return ok; - } - - - var doc = wind.top.document; - if(!doc) { - // 1st load of a page in a new location - this.logger.log(3, "Skipping no doc: "+contentLocation.spec); - return ok; - } - - var browser; - if(wind.top.opener && - !(wind.top.opener instanceof Components.interfaces.nsIDOMChromeWindow)) { - this.logger.log(3, "Popup found: "+contentLocation.spec); - browser = this.wm.getBrowserForContentWindow(wind.top.opener.top) - } else { - browser = this.wm.getBrowserForContentWindow(wind.top); - } - - if(!browser) { - this.logger.log(5, "No window found: "+contentLocation.spec); - return block; - } - - // For javascript links (and others?) the normal http events - // for the weblistener in torbutton.js are suppressed - if(this.tor_enabling && node instanceof Ci.nsIDOMWindow) { - var wm = Cc["@mozilla.org/appshell/window-mediator;1"] - .getService(Components.interfaces.nsIWindowMediator); - var chrome = wm.getMostRecentWindow("navigator:browser"); - - this.logger.eclog(2, "Hooking iframe domwindow"); - // It doesn't really matter which chome window does the hooking. - chrome.torbutton_hookdoc(node, null); - } - - // source window of browser chrome window with a document content - // type means the user entered a new URL. - if(wind.top instanceof Components.interfaces.nsIDOMChromeWindow) { - // This happens on non-browser chrome: updates, dialogs, etc - if (!wind.top.browserDOMWindow - && typeof(browser.__tb_tor_fetched) == 'undefined') { - this.logger.log(3, "Untagged window for "+contentLocation.spec); - return ok; - } - - if(wind.top.browserDOMWindow - && contentType == CPolicy.TYPE_DOCUMENT) { - this.logger.log(3, "New location for "+contentLocation.spec+" (currently: "+wind.top.location+" and "+browser.currentURI.spec+")"); - // Workaround for Firefox Bug 409737. - // This disables window.location style redirects if the tor state - // has changed - if(requestOrigin) { - this.logger.log(3, "Origin: "+requestOrigin.spec); - if(!requestOrigin.schemeIs("chrome")) { - if(typeof(browser.__tb_tor_fetched) == 'undefined') { - // This happens for "open in new window" context menu - this.logger.safe_log(3, "Untagged window for redirect: ", contentLocation.spec); - return ok; - } - if(browser.__tb_tor_fetched == this.tor_enabled - && browser.__tb_tor_fetched == this.settings_applied) { - return ok; - } else { - this.logger.safe_log(4, "Blocking redirect: ", contentLocation.spec); - return block; - } - } - } - return ok; - } - } - - if(browser.__tb_tor_fetched == this.tor_enabled - && browser.__tb_tor_fetched == this.settings_applied) { - return ok; - } else { - this.logger.safe_log(4, "Blocking cross-state load of: ", - contentLocation.spec); - return block; - } - }, - - shouldProcess: function(contentType, contentLocation, requestOrigin, insecNode, mimeType, extra) { - // Were this actually ever called, it might be useful :( - // Instead, related functionality has been grafted onto the - // webprogresslistener :( - // See mozilla bugs 380556, 305699, 309524 - if(contentLocation) { - this.logger.log(2, "Process for "+contentLocation.spec); - } - return ok; - }, - - // Pref observer interface implementation - - // topic: what event occurred - // subject: what nsIPrefBranch we're observing - // data: which pref has been changed (relative to subject) - observe: function(subject, topic, data) - { - if (topic != "nsPref:changed") return; - switch (data) { - case "extensions.torbutton.isolate_content": - this.isolate_content = this._prefs.getBoolPref("extensions.torbutton.isolate_content"); - break; - case "extensions.torbutton.tor_enabled": - this.tor_enabled = this._prefs.getBoolPref("extensions.torbutton.tor_enabled"); - this.tor_enabling = this.tor_enabled || this.settings_applied; // Catch transition edge cases - break; - case "extensions.torbutton.settings_applied": - this.settings_applied = this._prefs.getBoolPref("extensions.torbutton.settings_applied"); - this.tor_enabling = this.tor_enabled || this.settings_applied; // Catch transition edge cases - break; - case "extensions.torbutton.block_tor_file_net": - this.block_tor_file_net = this._prefs.getBoolPref("extensions.torbutton.block_tor_file_net"); - break; - case "extensions.torbutton.block_nontor_file_net": - this.block_nontor_file_net = this._prefs.getBoolPref("extensions.torbutton.block_nontor_file_net"); - break; - case "extensions.torbutton.no_tor_plugins": - this.no_tor_plugins = this._prefs.getBoolPref("extensions.torbutton.no_tor_plugins"); - break; - } - }, - - // API to add another addon to be protected from discovery - addProtectedChromeHost: function(name) { - protectedChromeHosts[name] = true; - }, - - _xpcom_categories: [{category:"content-policy"}], - classID: CSSB_CID, - contractID: CSSB_CONTRACTID, - classDescription: "Torbutton Content Policy", - - // QueryInterface implementation, e.g. using the generateQI helper - QueryInterface: XPCOMUtils.generateQI( - [ Components.interfaces.nsIObserver, - Components.interfaces.nsISupports, - Components.interfaces.nsIContentPolicy ]) - -}; - -/** -* XPCOMUtils.generateNSGetFactory was introduced in Mozilla 2 (Firefox 4). -* XPCOMUtils.generateNSGetModule is for Mozilla 1.9.2 (Firefox 3.6). -*/ -if (XPCOMUtils.generateNSGetFactory) - var NSGetFactory = XPCOMUtils.generateNSGetFactory([ContentPolicy]); -else - var NSGetModule = XPCOMUtils.generateNSGetModule([ContentPolicy]); diff --git a/src/install.rdf b/src/install.rdf index 1c4c4df..6eff883 100644 --- a/src/install.rdf +++ b/src/install.rdf @@ -10,7 +10,7 @@ em:name="Torbutton" em:creator="Mike Perry" em:id="{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}" - em:version="1.4.6.3" + em:version="1.5.0pre" em:homepageURL="https://www.torproject.org/torbutton/" em:optionsURL="chrome://torbutton/content/preferences.xul" em:iconURL="chrome://torbutton/skin/tor.png"
tor-commits@lists.torproject.org
-
mikeperry@torproject.org