Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

for #26: refactor: new getRequestEntity function #104

Merged
merged 5 commits into from
Aug 18, 2016
Merged

for #26: refactor: new getRequestEntity function #104

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
51df52f
for #26: requestAllower to reduce function args
groovecoder Aug 10, 2016
3c3704e
for #26: refactor: new getRequestEntity function
groovecoder Aug 11, 2016
38848f2
for #26: break out of entity loop ASAP ...
groovecoder Aug 15, 2016
af602f8
for #26: let the let party begin
groovecoder Aug 15, 2016
ac45552
for #26: flags bug from merge
groovecoder Aug 18, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .travis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,3 +12,6 @@ before_install:
script:
- npm run build
- npm run lint

after_success:
- npm run coveralls
4 changes: 3 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
# Blok

[![Build Status](https://travis-ci.org/mozilla/blok.svg?branch=master)](https://travis-ci.org/mozilla/blok)
[![Coverage
Status](https://coveralls.io/repos/github/mozilla/blok/badge.svg)](https://coveralls.io/github/mozilla/blok)

[Web Extension](https://developer.mozilla.org/en-US/Add-ons/WebExtensions/) re-implementation of [Tracking Protection for Firefox](https://support.mozilla.org/en-US/kb/tracking-protection-pbm).

Expand Down Expand Up @@ -59,4 +61,4 @@ Requires node 6+
To distribute, you will need AMO access credentials. See the `web-ext` docs.

1. Use [`web-ext
sign`](https://developer.mozilla.org/en-US/Add-ons/WebExtensions/web-ext_command_reference#web-ext_sign)
sign`](https://developer.mozilla.org/en-US/Add-ons/WebExtensions/web-ext_command_reference#web-ext_sign)
90 changes: 38 additions & 52 deletions js/background.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
var {canonicalizeHost} = require('./canonicalize')
const {loadLists, hostInBlocklist, hostInEntity} = require('./lists')
const {allowRequest} = require('./requests')
const {loadLists, hostInBlocklist} = require('./lists')
const {requestAllower, getRequestEntity} = require('./requests')
const {log} = require('./log')

var currentActiveTabID
Expand Down Expand Up @@ -30,30 +30,32 @@ function blockTrackerRequests (blocklist, allowedHosts, entityList, reportedHost
var requestTabID = requestDetails.tabId
var originTopHost
var requestTopHost
var requestEntity

var flags = {
currentOriginDisabled: false,
firefoxOrigin: false,
newOrigin: false,
requestHostInBlocklist: false,
requestIsThirdParty: false,
requestHostMatchesMainFrame: false
}

// Start with all origin flags false
var currentOriginDisabled = false
var firefoxOrigin = false
var newOrigin = false

var requestEntityName
var requestHostInBlocklist = false
var requestIsThirdParty = false
var requestHostMatchesMainFrame = false
var allowRequest = requestAllower.bind(null, requestTabID, totalExecTime, blockTrackerRequestsStart)

// undefined origins are browser internals (e.g., about:newtab)
if (typeof requestDetails.originUrl === 'undefined') {
return allowRequest(requestTabID, totalExecTime, blockTrackerRequestsStart)
return allowRequest()
}

// Determine all origin flags
originTopHost = canonicalizeHost(new URL(requestDetails.originUrl).host)
currentActiveOrigin = originTopHost
currentOriginDisabledIndex = allowedHosts.indexOf(currentActiveOrigin)
currentOriginDisabled = currentOriginDisabledIndex > -1
flags.currentOriginDisabled = currentOriginDisabledIndex > -1
if (requestDetails.frameId === 0) {
mainFrameOriginTopHosts[requestTabID] = originTopHost
if (currentOriginDisabled) {
if (flags.currentOriginDisabled) {
window.topFrameHostDisabled = true
browser.pageAction.setIcon({
tabId: requestTabID,
Expand All @@ -70,66 +72,50 @@ function blockTrackerRequests (blocklist, allowedHosts, entityList, reportedHost
}

// Allow request originating from Firefox and/or new tab/window origins
firefoxOrigin = (typeof originTopHost !== 'undefined' && originTopHost.includes('moz-nullprincipal'))
newOrigin = originTopHost === ''
if (firefoxOrigin || newOrigin) {
return allowRequest(requestTabID, totalExecTime, blockTrackerRequestsStart)
flags.firefoxOrigin = (typeof originTopHost !== 'undefined' && originTopHost.includes('moz-nullprincipal'))
flags.newOrigin = originTopHost === ''
if (flags.firefoxOrigin || flags.newOrigin) {
return allowRequest()
}

requestTopHost = canonicalizeHost(new URL(requestDetails.url).host)

requestHostInBlocklist = hostInBlocklist(blocklist, requestTopHost)
flags.requestHostInBlocklist = hostInBlocklist(blocklist, requestTopHost)

// Allow requests to 3rd-party domains NOT in the block-list
if (!requestHostInBlocklist) {
return allowRequest(requestTabID, totalExecTime, blockTrackerRequestsStart)
if (!flags.requestHostInBlocklist) {
return allowRequest()
}

requestIsThirdParty = requestTopHost !== originTopHost
flags.requestIsThirdParty = requestTopHost !== originTopHost

if (requestIsThirdParty) {
if (flags.requestIsThirdParty) {
// Allow all requests to the main frame origin domain from child frames' pages
requestHostMatchesMainFrame = (requestDetails.frameId > 0 && requestTopHost === mainFrameOriginTopHosts[requestTabID])
if (requestHostMatchesMainFrame) {
return allowRequest(requestTabID, totalExecTime, blockTrackerRequestsStart)
flags.requestHostMatchesMainFrame = (requestDetails.frameId > 0 && requestTopHost === mainFrameOriginTopHosts[requestTabID])
if (flags.requestHostMatchesMainFrame) {
return allowRequest()
}
log(`requestTopHost: ${requestTopHost} does not match originTopHost: ${originTopHost}...`)

for (let entityName in entityList) {
var entity = entityList[entityName]
var requestIsEntityResource = false
var originIsEntityProperty = false
var mainFrameOriginIsEntityProperty = false

requestIsEntityResource = hostInEntity(entity.resources, requestTopHost)
if (requestIsEntityResource) {
requestEntityName = entityName
}

originIsEntityProperty = hostInEntity(entity.properties, originTopHost)

mainFrameOriginIsEntityProperty = hostInEntity(entity.properties, mainFrameOriginTopHosts[requestTabID])

if ((originIsEntityProperty || mainFrameOriginIsEntityProperty) && requestIsEntityResource) {
log(`originTopHost ${originTopHost} and resource requestTopHost ${requestTopHost} belong to the same entity: ${entityName}; allowing request`)
return allowRequest(requestTabID, totalExecTime, blockTrackerRequestsStart)
}
requestEntity = getRequestEntity(entityList, originTopHost, requestTopHost, mainFrameOriginTopHosts[requestTabID])
if (requestEntity.sameEntity) {
return allowRequest()
}

// Allow request if the origin has been added to allowedHosts
if (currentOriginDisabled) {
if (flags.currentOriginDisabled) {
log('Protection disabled for this site; allowing request.')
allowedRequests[requestTabID].push(requestTopHost)
if (allowedEntities[requestTabID].indexOf(requestEntityName) === -1) {
allowedEntities[requestTabID].push(requestEntityName)
if (allowedEntities[requestTabID].indexOf(requestEntity.entityName) === -1) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of .indexOf(..) === -1, not sure if we can use Array.includes().

Seems like it's maybe supported in Firefox 43+. 🤷

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think I tried that first and got an error ... something to do with some of the elements values being numeric?

allowedEntities[requestTabID].push(requestEntity.entityName)
}
browser.pageAction.show(requestTabID)
return allowRequest(requestTabID, totalExecTime, blockTrackerRequestsStart)
return allowRequest()
}

blockedRequests[requestTabID].push(requestTopHost)
if (blockedEntities[requestTabID].indexOf(requestEntityName) === -1) {
blockedEntities[requestTabID].push(requestEntityName)
if (blockedEntities[requestTabID].indexOf(requestEntity.entityName) === -1) {
blockedEntities[requestTabID].push(requestEntity.entityName)
}

totalExecTime[requestTabID] += Date.now() - blockTrackerRequestsStart
Expand All @@ -143,7 +129,7 @@ function blockTrackerRequests (blocklist, allowedHosts, entityList, reportedHost
}

// none of the above checks matched, so default to allowing the request
return allowRequest(requestTabID, totalExecTime, blockTrackerRequestsStart)
return allowRequest()
}
}

Expand Down
36 changes: 34 additions & 2 deletions js/requests.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,40 @@
function allowRequest (tabID, totalExecTime, startDateTime) {
const {log} = require('./log')
const {hostInEntity} = require('./lists')

function requestAllower (tabID, totalExecTime, startDateTime) {
totalExecTime[tabID] += Date.now() - startDateTime
return {}
}

function getRequestEntity (entityList, originTopHost, requestTopHost, mainFrameOriginTopHost) {
let requestEntityName = null
let sameEntity = false
for (let entityName in entityList) {
let entity = entityList[entityName]
let requestIsEntityResource = false
let originIsEntityProperty = false
let mainFrameOriginIsEntityProperty = false

requestIsEntityResource = hostInEntity(entity.resources, requestTopHost)
if (requestIsEntityResource) {
requestEntityName = entityName
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@groovecoder it seems that getRequestEntity is going to always search all the entityList before returning its result (even if a match has been already found), I'm wondering if the for loop could (or should) be exited earlier when we found the first match instead.

Other questions that come to my mind currently are:

  • what is the expected result when no match has been found
  • is it possible that more then one match is found for the request in the host list? if it is, what is the expected result?

Copy link
Member Author

@groovecoder groovecoder Aug 15, 2016
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great catch! Yes we can exit the for loop as soon as we find the first match. This code was moved from background.js where it was returning as soon as it found the first match.

When no match has been found, it needs to return an object with sameEntity: false, so calling code knows that getRequestEntity couldn't verify that the request is going to a host in the same entity as the origin.

There should not be multiple matches in the entityList - i.e., resource and property domains should only belong to a single entity. If there are for some reason, that would be a bug, but we should clean out dupes upstream from this code, so this code can return as quickly as possible while monitoring network requests. (I filed mozilla-services/shavar-list-creation#40)

I will add tests for these cases.

}

originIsEntityProperty = hostInEntity(entity.properties, originTopHost)

mainFrameOriginIsEntityProperty = hostInEntity(entity.properties, mainFrameOriginTopHost)

if ((originIsEntityProperty || mainFrameOriginIsEntityProperty) && requestIsEntityResource) {
log(`originTopHost ${originTopHost} and resource requestTopHost ${requestTopHost} belong to the same entity: ${entityName}; allowing request`)
sameEntity = true
break
}
}
// TODO: https://github.com/mozilla/blok/issues/110
return {'entityName': requestEntityName, 'sameEntity': sameEntity}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Small nit, but you could probably just use the shortcut syntax for sameEntity like you do with the module.exports below:

return {entityName: requestEntityName, sameEntity}

}

module.exports = {
allowRequest
requestAllower,
getRequestEntity
}
8 changes: 8 additions & 0 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
"build": "npm test && MODE=production npm run bundle && web-ext build",
"build-dev": "npm test && MODE=dev npm run bundle && web-ext build",
"coverage": "nyc npm test",
"coveralls": "nyc npm test && nyc report --reporter=text-lcov | coveralls",
"firefox": "npm run bundle && web-ext run",
"lint": "standard && web-ext lint",
"test": "tape tests/**/*.js | faucet",
Expand All @@ -34,6 +35,7 @@
"homepage": "https://github.com/mozilla/blok#readme",
"devDependencies": {
"browserify": "13.0.1",
"coveralls": "2.11.12",
"envify": "3.4.1",
"faucet": "0.0.1",
"npm-watch": "0.1.5",
Expand All @@ -42,6 +44,12 @@
"tape": "4.6.0",
"web-ext": "1.4.0"
},
"nyc": {
"all": true,
"exclude": [
"**/*.bundle.js"
]
},
"standard": {
"globals": [
"BroadcastChannel",
Expand Down
38 changes: 35 additions & 3 deletions tests/test-requests.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,19 +1,51 @@
var test = require('tape')
var {allowRequest} = require('../js/requests')
var {requestAllower, getRequestEntity} = require('../js/requests')

var entityListFixtureData = require('./entitylist-fixture.json')

test('allowRequest returns {}', (t) => {
t.plan(1)
let tabID = 1
let totalExecTime = {}
totalExecTime[tabID] = 0
t.deepEqual(allowRequest(tabID, totalExecTime, Date.now()), {})
var allowRequest = requestAllower.bind(null, tabID, totalExecTime, Date.now())
t.deepEqual(allowRequest(), {})
})

test('allowRequest adds some ms to totalExecTime[tabID]', (t) => {
t.plan(1)
let tabID = 1
let totalExecTime = {}
totalExecTime[tabID] = 0
allowRequest(tabID, totalExecTime, 0)
var allowRequest = requestAllower.bind(null, tabID, totalExecTime, 0)
allowRequest()
t.ok(totalExecTime[tabID] > 0, 'added ms to totalExecTime[tabID]')
})

test('getRequestEntity request to google.com from facebook.com returns Google and false', (t) => {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@groovecoder Like described in the above comment, it could be reasonable to add some additional test case here, e.g. for a request that doesn't have a match in the list loaded from the fixture (and maybe one with a fake host list fixture where the request has a matches in two different "host entities" in the list?)

t.plan(2)
let requestEntity = getRequestEntity(entityListFixtureData, 'facebook.com', 'google.com', 'facebook.com')
t.equal(requestEntity.entityName, 'Google')
t.notOk(requestEntity.sameEntity)
})

test('getRequestEntity request to facebook.com from instagram.com returns Facebook and true', (t) => {
t.plan(2)
let requestEntity = getRequestEntity(entityListFixtureData, 'instagram.com', 'facebook.com', 'instagram.com')
t.equal(requestEntity.entityName, 'Facebook')
t.ok(requestEntity.sameEntity)
})

test('getRequestEntity request to facebook.com from github.io iframe on facebook.com returns Facebook and true', (t) => {
t.plan(2)
let requestEntity = getRequestEntity(entityListFixtureData, 'githhub.io', 'facebook.com', 'facebook.com')
t.equal(requestEntity.entityName, 'Facebook')
t.ok(requestEntity.sameEntity)
})

test('getRequestEntity request to ap.com from tulsaworld.com iframe returns null and false', (t) => {
t.plan(2)
let requestEntity = getRequestEntity(entityListFixtureData, 'tulsaworld.com', 'ap.com', 'tulsaworld.com')
t.equal(requestEntity.entityName, null)
t.notOk(requestEntity.sameEntity)
})