diff --git a/CHANGELOG.md b/CHANGELOG.md index 5d4765d..e39b3aa 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,19 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [1.8.2] - 2019-09-23 + +### Compatibility note +- Require Firefox >= 55 +- Require Chrome >= 22 + +### Changed +- Only redirects, if request is of type main or sub frame to prevent security issues on automatically loaded ressource like images + +### Fixed +- Fixed [#253](https://gitlab.com/KevinRoebert/ClearUrls/issues/253) +- Fixed [#254](https://gitlab.com/KevinRoebert/ClearUrls/issues/254) + ## [1.8.1] - 2019-09-12 ### Compatibility note diff --git a/clearurls.js b/clearurls.js index 517bf42..b8fa160 100644 --- a/clearurls.js +++ b/clearurls.js @@ -630,146 +630,148 @@ function start() * Expand urls and bypass tracking. * Cancel the active request. */ - if(result.redirect) - { - if(providers[i].shouldForceRedirect()) { - browser.tabs.update(request.tabId, {url: result.url}); - return {cancel: true}; + if(result.redirect && + request.type === 'main_frame' || + request.type === 'sub_frame') + { + if(providers[i].shouldForceRedirect() ) { + browser.tabs.update(request.tabId, {url: result.url}); + return {cancel: true}; + } + + return { + redirectUrl: result.url + }; } - return { - redirectUrl: result.url - }; - } + /* + * Cancel the Request and redirect to the site blocked alert page, + * to inform the user about the full url blocking. + */ + if(result.cancel){ + return { + redirectUrl: siteBlockedAlert + }; + } - /* - * Cancel the Request and redirect to the site blocked alert page, - * to inform the user about the full url blocking. - */ - if(result.cancel){ - return { - redirectUrl: siteBlockedAlert - }; - } - - /* - * Ensure that the function go not into - * a loop. - */ - if(result.changes){ - return { - redirectUrl: result.url - }; + /* + * Ensure that the function go not into + * a loop. + */ + if(result.changes){ + return { + redirectUrl: result.url + }; + } } } - } - // Default case - return {}; - } - - /** - * Call loadOldDataFromStore, getHash, counter, status and log functions - */ - - loadOldDataFromStore(); - getHash(); - setBadgedStatus(); - - /** - * Call by each tab is updated. - * And if url has changed. - */ - function handleUpdated(tabId, changeInfo, tabInfo) { - if(changeInfo.url) - { - delete badges[tabId]; - } - currentURL = tabInfo.url; - } - - /** - * Call by each tab is updated. - */ - browser.tabs.onUpdated.addListener(handleUpdated); - - /** - * Call by each tab change to set the actual tab id - */ - function handleActivated(activeInfo) { - tabid = activeInfo.tabId; - browser.tabs.get(tabid).then(function (tab) { - currentURL = tab.url; - }); - } - - /** - * Call by each tab change. - */ - browser.tabs.onActivated.addListener(handleActivated); - - /** - * Check the request. - */ - function promise(requestDetails) - { - if(isDataURL(requestDetails)) - { + // Default case return {}; } - else { - var ret = clearUrl(requestDetails); - return ret; + + /** + * Call loadOldDataFromStore, getHash, counter, status and log functions + */ + + loadOldDataFromStore(); + getHash(); + setBadgedStatus(); + + /** + * Call by each tab is updated. + * And if url has changed. + */ + function handleUpdated(tabId, changeInfo, tabInfo) { + if(changeInfo.url) + { + delete badges[tabId]; + } + currentURL = tabInfo.url; + } + + /** + * Call by each tab is updated. + */ + browser.tabs.onUpdated.addListener(handleUpdated); + + /** + * Call by each tab change to set the actual tab id + */ + function handleActivated(activeInfo) { + tabid = activeInfo.tabId; + browser.tabs.get(tabid).then(function (tab) { + currentURL = tab.url; + }); + } + + /** + * Call by each tab change. + */ + browser.tabs.onActivated.addListener(handleActivated); + + /** + * Check the request. + */ + function promise(requestDetails) + { + if(isDataURL(requestDetails)) + { + return {}; + } + else { + var ret = clearUrl(requestDetails); + return ret; + } + } + + /** + * To prevent long loading on data urls + * we will check here for data urls. + * + * @type {requestDetails} + * @return {boolean} + */ + function isDataURL(requestDetails) { + var s = requestDetails.url; + + return s.substring(0,4) == "data"; + } + + /** + * Call by each Request and checking the url. + * + * @type {Array} + */ + browser.webRequest.onBeforeRequest.addListener( + promise, + {urls: [""], types: getData("types")}, + ["blocking"] + ); + } + + /** + * Function to log all activities from ClearUrls. + * Only logging when activated. + * The log is only temporary saved in the cache and will + * permanently saved with the saveLogOnClose function. + * + * @param beforeProcessing the url before the clear process + * @param afterProcessing the url after the clear process + * @param rule the rule that triggered the process + */ + function pushToLog(beforeProcessing, afterProcessing, rule) + { + if(storage.loggingStatus) + { + storage.log.log.push( + { + "before": beforeProcessing, + "after": afterProcessing, + "rule": rule, + "timestamp": Date.now() + } + ); + deferSaveOnDisk('log'); } } - - /** - * To prevent long loading on data urls - * we will check here for data urls. - * - * @type {requestDetails} - * @return {boolean} - */ - function isDataURL(requestDetails) { - var s = requestDetails.url; - - return s.substring(0,4) == "data"; - } - - /** - * Call by each Request and checking the url. - * - * @type {Array} - */ - browser.webRequest.onBeforeRequest.addListener( - promise, - {urls: [""], types: getData("types")}, - ["blocking"] - ); - } - - /** - * Function to log all activities from ClearUrls. - * Only logging when activated. - * The log is only temporary saved in the cache and will - * permanently saved with the saveLogOnClose function. - * - * @param beforeProcessing the url before the clear process - * @param afterProcessing the url after the clear process - * @param rule the rule that triggered the process - */ - function pushToLog(beforeProcessing, afterProcessing, rule) - { - if(storage.loggingStatus) - { - storage.log.log.push( - { - "before": beforeProcessing, - "after": afterProcessing, - "rule": rule, - "timestamp": Date.now() - } - ); - deferSaveOnDisk('log'); - } - } diff --git a/data/data.min.json b/data/data.min.json index 9d68f80..1fbbf23 100644 --- a/data/data.min.json +++ b/data/data.min.json @@ -96,8 +96,7 @@ ".*(google\\.).*\\/s\\?tbm=map.*gs_[a-zA-Z]*=[^\\/|\\?|&]*(\\/|&(amp;)?)?", ".*(news\\.google\\.).*\\?hl=.*", ".*(google\\.).*\\/setprefs\\?.*hl=[^\\/|\\?|&]*(\\/|&(amp;)?)?", - ".*(google\\.).*\\/appsactivity\\/.*", - ".*googleusercontent\\..*\\/proxy\\/.*#.*url=([^&]*).*" + ".*(google\\.).*\\/appsactivity\\/.*" ], "redirections": [ ".*google\\..*\\/.*url\\?.*url=((https|http)[^&]*)", diff --git a/manifest.json b/manifest.json index 6518272..f5288ec 100644 --- a/manifest.json +++ b/manifest.json @@ -1,7 +1,7 @@ { "manifest_version": 2, "name": "ClearURLs", - "version": "1.8.1", + "version": "1.8.2", "author": "Kevin Röbert", "description": "Remove tracking elements from URLs.", "homepage_url": "https://gitlab.com/KevinRoebert/ClearUrls",