Merge remote-tracking branch 'refs/remotes/origin/master' into legacy…

…permissions # Conflicts: # js/options.js
andryou · Jun 10, 2016 · 3f3dfd3 · 3f3dfd3
2 parents 3d8219e + 5fcb494
commit 3f3dfd3
Show file tree

Hide file tree

Showing 8 changed files with 148 additions and 109 deletions.
diff --git a/html/options.html b/html/options.html
@@ -52,7 +52,7 @@
 				<tr><td class="rowtitle"><label for="updatenotify">Show Changelog on Update</label>:</td><td><input type="checkbox" id="updatenotify" class="save" /> <i>(Default: enabled; show changelog page when ScriptSafe is updated)</i></td></tr>
 				<tr><td class="rowtitle">Hotkeys:</td><td> <a href="javascript:;" id="hotkeyspage">Configure the ScriptSafe hotkeys</a> (click on "Keyboard Shortcuts")</td></tr>
 				<tr><td colspan="2" class="section">Privacy Settings</td></tr>
-				<tr><td class="rowtitle"><label for="paranoia">Paranoia Mode</label>:</td><td><input type="checkbox" id="paranoia" class="save" /> <i>(Default: disabled; block allowed domains on unknown tabs)</i></td></tr>
+				<tr><td class="rowtitle"><label for="paranoia">Paranoia Mode</label>:</td><td><input type="checkbox" id="paranoia" class="save" /> <i>(Default: disabled; block allowed domains on unlisted domains)</i></td></tr>
 				<tr><td class="rowtitle"><label for="annoyances">Block Unwanted Content</label>:</td><td><input type="checkbox" id="annoyances" class="save" /><br /><i>(Default: enabled; remove unwanted content from known ad / malware domains; domains gathered from <a href="http://winhelp2002.mvps.org/hosts.htm" target="_blank">MVPS HOSTS</a>, <a href="http://hosts-file.net" target="_blank">hpHOSTS (ad / tracking servers)</a>, <a href="http://pgl.yoyo.org/as/policy.php" target="_blank">Peter Lowe's HOSTS Project</a>, <a href="http://www.malwaredomainlist.com/" target="_blank">MalwareDomainList.com</a>)</i></td></tr>
 				<tr><td class="rowtitle"><label for="cookies">Block Unwanted Cookies</label>:</td><td><input type="checkbox" id="cookies" class="save" /><br /><i>(Default: enabled; blocks cookies from known ad / malware domains; below mode applies to this as well)</i></td></tr>
 				<tr id="annoyancesmoderow"><td class="rowtitle"><label for="annoyancesmode">Unwanted Content Mode</label>:</td><td><select id="annoyancesmode" class="savechange">
@@ -112,7 +112,11 @@
 					<option value="same">Same Tab</option>
 					<option value="new">New Tab</option>
 				</select> <i>(Default: -Unchanged-; modifies how all links are opened)</i></td></tr>
-				<tr><td class="rowtitle"><label for="preservesamedomain">Respect Same-Domain</label>:</td><td><input type="checkbox" id="preservesamedomain" class="save" /> <i>(Default: disabled; preserve same-domain elements)</i></td></tr>
+				<tr><td class="rowtitle"><label for="preservesamedomain">Respect Same-Domain</label>:</td><td><select id="preservesamedomain" class="savechange">
+					<option value="false">Disabled</option>
+					<option value="strict">Strict - allow same domain only</option>
+					<option value="true">Loose - allow same domain and subdomains</option>
+				</select><br /><i>(Default: Disabled; preserve same-domain elements)</i></td></tr>
 				<tr><td class="rowtitle"><label for="refresh">Auto-Refresh Page</label>:</td><td><input type="checkbox" id="refresh" class="save" /> <i>(Default: enabled; auto-refresh page after list change)</i></td></tr>
 				<tr><td class="rowtitle"><label for="rating">Show Rating Button</label>:</td><td><input type="checkbox" id="rating" class="save" /> <i>(Default: enabled; if ticked, adds rating button under domains in tab popup)</i></td></tr>
 				<tr><td class="rowtitle"><label for="classicoptions">Classic Options Mode</label>:</td><td><input type="checkbox" id="classicoptions" class="save" /> <i>(Default: disabled; if ticked, closes tab options everytime an option is clicked)</i></td></tr>

diff --git a/html/updated.html b/html/updated.html
@@ -8,24 +8,21 @@
 <body>
 	<div id="message"></div> 
 	<div id="main">
-	<h1>Updated to v<span id="versionno"></span>! (Thursday, June 9, 2016)</h1>
+	<h1>Updated to v<span id="versionno"></span>! (Friday, June 10, 2016)</h1>
 	<br />
 	<hr>
 	<div style="text-align: left; line-height: 18px; font-size: 13px;"><br />
 	In this version you will find the following updates:
 	<ul>
-		<li><b>v1.0.7.9:</b><ul>
+		<li><b>v1.0.7.10:</b><ul>
 			<li><strong>Announcement: <a href="https://github.com/andryou/scriptsafe/issues/29" target="_blank">changes to ScriptSafe updates</a></strong></li>
-			<li>Significant performance increase, due to improved list checking (how significant? <a href="https://github.com/andryou/scriptsafe/issues/15#issuecomment-224732853" target="_blank">Check it out!</a>)</li>
-			<li>Added new option: <b>Paranoia Mode</b> - block allowed domains on unknown tabs <i>(default: disabled)</i><ul>
-				<li>Feel free to enable this option for added security, and uncheck if you prefer to browse without it</li>
-				<li>This is disabled by default as it changes how ScriptSafe behaves up until now</li>
-				<li>I personally recommend enabling it</li>
+			<li>Important compatibility fix for ScriptSafe to work in Chrome-derivative browsers</li>
+			<li>Added more granularity for the <b>Respect Same-Domain</b> option. The three options are now:<ul>
+				<li><b>Disabled</b></li>
+				<li><b>Strict - allow same domain only</b></li>
+				<li><b>Loose - allow same domain and subdomains</b> (this was the behaviour if Respect Same-Domain was enabled in the past)</li>
 			</ul></li>
-			<li>Smart grouping of domains in the panel based on parent domain</li>
-			<li>Added support for recognizing and filtering new tab pages</li>
-			<li>Minor fixes to hotkey function, options page, and panel</li>
-			<li>Better distinction between webbugs and images</li>
+			<li>Better inline element removal</li>
 			<li>Updated unwanted content providers list</li>
 		</ul></li>
 	</ul>

diff --git a/js/options.js b/js/options.js
@@ -128,7 +128,7 @@ function loadOptions() {
 	loadElement("annoyancesmode");
 	loadCheckbox("antisocial");
 	loadCheckbox("webbugs");
-	loadCheckbox("preservesamedomain");
+	loadElement("preservesamedomain");
 	loadCheckbox("paranoia");
 	loadCheckbox("classicoptions");
 	loadCheckbox("referrer");
@@ -172,7 +172,7 @@ function saveOptions() {
 	saveElement("annoyancesmode");
 	saveCheckbox("antisocial");
 	saveCheckbox("webbugs");
-	saveCheckbox("preservesamedomain");
+	saveElement("preservesamedomain");
 	saveCheckbox("paranoia");
 	saveCheckbox("classicoptions");
 	saveCheckbox("referrer");

diff --git a/js/popup.js b/js/popup.js
@@ -152,7 +152,7 @@ function init() {
 										undesirablecount++;
 									} else if ((parentstatus == '1' || parentstatus == '-1') && domainCheckStatus == '0') {
 										$("#blocked [rel='x_"+itemdomainfriendly+"'] .box1, #blocked [rel='x_"+itemdomainfriendly+"'] .x_trust, #blocked [rel='x_"+itemdomainfriendly+"'] .box3, #blocked [rel='x_"+itemdomainfriendly+"'] .box4").hide();
-										$("#blocked [rel='x_"+itemdomainfriendly+"'] .x_blacklist").attr("title","Ignored allowed domain due to unknown tab domain").html("Ignored Allow").addClass("selected");
+										$("#blocked [rel='x_"+itemdomainfriendly+"'] .x_blacklist").attr("title","Ignored allowed domain due to unlisted tab domain").html("Ignored Allow").addClass("selected");
 									} else if (response.annoyances == 'true' && domainCheckStatus == '-1' && baddiesstatus == '1') {
 										$("#blocked [rel='x_"+itemdomainfriendly+"'] .x_"+itemdomainfriendly).hide();
 										$("#blocked [rel='x_"+itemdomainfriendly+"'] .x_blacklist").attr("title","Unwanted Content Provider").html("Unwanted").addClass("selected");
@@ -171,7 +171,7 @@ function init() {
 									}
 								}
 							}
-							$("#blocked").append($('.thirditem:has([title="Ignored allowed domain due to unknown tab domain"])'));
+							$("#blocked").append($('.thirditem:has([title="Ignored allowed domain due to unlisted tab domain"])'));
 							$("#blocked").append($('.thirditem:has([title="Unwanted Content Provider"])'));
 							$("#blocked").append($('.thirditem:has([title="Antisocial"])'));
 							$("#blocked").append($('.thirditem:not(*>:has(.choices))'));

diff --git a/js/scriptsafe.js b/js/scriptsafe.js
@@ -9,7 +9,7 @@ var version = (function () {
 var requestTypes, synctimer, blackList, whiteList, distrustList, trustList, sessionBlackList, sessionWhiteList;
 var popup = [];
 var changed = false;
-const ITEMS = {};
+var ITEMS = {};
 var experimental = 0;
 var storageapi = false;
 function refreshRequestTypes() {
@@ -176,7 +176,8 @@ function ScriptSafe(req) {
 		elementStatusCheck = true;
 		thirdPartyCheck = true;
 	} else {
-		if (domainCheckStatus == '0' && !(tabDomainCheckStatus == '-1' && localStorage['mode'] == 'block' && localStorage['paranoia'] == 'true')) thirdPartyCheck = false;
+		if ((domainCheckStatus == '0' && !(tabDomainCheckStatus == '-1' && localStorage['mode'] == 'block' && localStorage['paranoia'] == 'true')) || (localStorage['preservesamedomain'] == 'strict' && extractedDomain == extractedReqDomain)) thirdPartyCheck = false;
+		else if (localStorage['preservesamedomain'] == 'strict' && extractedDomain != extractedReqDomain) thirdPartyCheck = true;
 		else thirdPartyCheck = thirdParty(req.url, extractedDomain);
 		if ((tabDomainCheckStatus == '-1' && localStorage['mode'] == 'block' && localStorage['paranoia'] == 'true') || (domainCheckStatus != '0' && (domainCheckStatus == '1' || (domainCheckStatus == '-1' && localStorage['mode'] == 'block'))) || ((localStorage['annoyances'] == 'true' && (localStorage['annoyancesmode'] == 'strict' || (localStorage['annoyancesmode'] == 'relaxed' && domainCheckStatus != '0'))) && baddiesCheck == '1') || (localStorage['antisocial'] == 'true' && baddiesCheck == '2'))
 			elementStatusCheck = true;
@@ -188,7 +189,7 @@ function ScriptSafe(req) {
 	} else {
 		return { cancel: false };
 	}
-	if (elementStatusCheck && ((localStorage['preservesamedomain'] == 'true' && (thirdPartyCheck || domainCheckStatus == '1' || baddiesCheck)) || localStorage['preservesamedomain'] == 'false')) {
+	if (elementStatusCheck && ((localStorage['preservesamedomain'] != 'false' && (thirdPartyCheck || domainCheckStatus == '1' || baddiesCheck)) || localStorage['preservesamedomain'] == 'false')) {
 		if (typeof ITEMS[req.tabId]['blocked'] === 'undefined') ITEMS[req.tabId]['blocked'] = [];
 		if (!UrlInList(removeParams(req.url), ITEMS[req.tabId]['blocked'])) {
 			if (extractedReqDomain.substr(0,4) == 'www.') extractedReqDomain = extractedReqDomain.substr(4);
@@ -422,8 +423,8 @@ function setDefaultOptions() {
 	chrome.browserAction.setBadgeBackgroundColor({color:[208, 0, 24, 255]});
 }
 function updateCount(tabId) {
-	const TAB_ITEMS = ITEMS[tabId] || (ITEMS[tabId] = [0]);
-	const TAB_BLOCKED_COUNT = ++TAB_ITEMS[0];
+	var TAB_ITEMS = ITEMS[tabId] || (ITEMS[tabId] = [0]);
+	var TAB_BLOCKED_COUNT = ++TAB_ITEMS[0];
 	chrome.browserAction.setBadgeBackgroundColor({ color: [208, 0, 24, 255], tabId: tabId });
 	chrome.browserAction.setBadgeText({tabId: tabId, text: TAB_BLOCKED_COUNT + ''});
 }
@@ -543,7 +544,7 @@ chrome.extension.onConnect.addListener(function(port) {
 });
 chrome.extension.onRequest.addListener(function(request, sender, sendResponse) {
 	if (request.reqtype == 'get-settings') {
-		sendResponse({status: localStorage['enable'], enable: enabled(sender.tab.url), experimental: experimental, mode: localStorage['mode'], annoyancesmode: localStorage['annoyancesmode'], antisocial: localStorage['antisocial'], whitelist: whiteList, blacklist: blackList, whitelistSession: sessionWhiteList, blackListSession: sessionBlackList, script: localStorage['script'], noscript: localStorage['noscript'], object: localStorage['object'], applet: localStorage['applet'], embed: localStorage['embed'], iframe: localStorage['iframe'], frame: localStorage['frame'], audio: localStorage['audio'], video: localStorage['video'], image: localStorage['image'], annoyances: localStorage['annoyances'], preservesamedomain: localStorage['preservesamedomain'], webbugs: localStorage['webbugs'], referrer: localStorage['referrer'], linktarget: localStorage['linktarget']});
+		sendResponse({status: localStorage['enable'], enable: enabled(sender.tab.url), experimental: experimental, mode: localStorage['mode'], annoyancesmode: localStorage['annoyancesmode'], antisocial: localStorage['antisocial'], whitelist: whiteList, blacklist: blackList, whitelistSession: sessionWhiteList, blackListSession: sessionBlackList, script: localStorage['script'], noscript: localStorage['noscript'], object: localStorage['object'], applet: localStorage['applet'], embed: localStorage['embed'], iframe: localStorage['iframe'], frame: localStorage['frame'], audio: localStorage['audio'], video: localStorage['video'], image: localStorage['image'], annoyances: localStorage['annoyances'], preservesamedomain: localStorage['preservesamedomain'], webbugs: localStorage['webbugs'], referrer: localStorage['referrer'], linktarget: localStorage['linktarget'], paranoia: localStorage['paranoia']});
 		if (typeof ITEMS[sender.tab.id] === 'undefined') {
 			resetTabData(sender.tab.id, sender.tab.url);
 		} else {
@@ -568,11 +569,15 @@ chrome.extension.onRequest.addListener(function(request, sender, sendResponse) {
 	} else if (request.reqtype == 'update-blocked') {
 		if (request.src) {
 			if (typeof ITEMS[sender.tab.id]['blocked'] === 'undefined') ITEMS[sender.tab.id]['blocked'] = [];
-			if (!UrlInList(removeParams(request.src), ITEMS[sender.tab.id]['blocked'])) {
+			if (!UrlInList(removeParams(request.src), ITEMS[sender.tab.id]['blocked']) || request.node == 'NOSCRIPT') {
 				var extractedDomain = extractDomainFromURL(request.src);
 				if (extractedDomain.substr(0,4) == 'www.') extractedDomain = extractedDomain.substr(4);
 				var extractedTabDomain = extractDomainFromURL(ITEMS[sender.tab.id]['url']);
-				ITEMS[sender.tab.id]['blocked'].push([removeParams(request.src), request.node, extractedDomain, domainCheck(request.src, 1), domainCheck(extractedTabDomain, 1), baddies(request.src, localStorage['annoyancesmode'], localStorage['antisocial'], 2)]);
+				if (request.node == 'NOSCRIPT') {
+					ITEMS[sender.tab.id]['blocked'].push([request.src, request.node, request.src, '-1', '-1', false]);
+				} else {
+					ITEMS[sender.tab.id]['blocked'].push([removeParams(request.src), request.node, extractedDomain, domainCheck(request.src, 1), domainCheck(extractedTabDomain, 1), baddies(request.src, localStorage['annoyancesmode'], localStorage['antisocial'], 2)]);
+				}
 				updateCount(sender.tab.id);
 			}
 		}