v1.0.7.0

- significant performance improvements from a major overhaul of the core
domain matching logic and other tweaks throughout ScriptSafe
- domain whitelisting/blacklisting now supports basic regex: entire
domain, wildcard, and single character matching (more info in Options
page - you may want to revisit your whitelist/blacklist and revise
accordingly)
- added IPv6 address whitelist/blacklist support (e.g.
[2001:4860:0:2001::68] - must contain square brackets)
- added a check and notification in the Options page if WebRTC
Protection isn't supported by the current Chrome version
- allowed XMLHTTPREQUEST items are now listed in the ScriptSafe dialog
to allow for blacklisting
- added option to control all XMLHTTPREQUEST items
- reduced pre-specified whitelist to just "*.googlevideo.com" (for basic
YouTube support). Rationale: it should not be up to anyone to predefine
what is "acceptable" to load. With the update to the domain matching
logic, matching is now more reliable.
- updated sync notifications to use the new chrome.notifications API
- updated unwanted content providers and antisocial lists
- updated core logic so that if there are any whitelist/blacklist
conflicts, the whitelist is applied first

html/updated.html

@@ -8,26 +8,30 @@
 <body>
 	<div id="message"></div> 
 	<div id="main">
-	<h1>Updated to v<span id="versionno"></span>! (Thursday, May 26, 2016)</h1>
+	<h1>Updated to v<span id="versionno"></span>! (Monday, May 30, 2016)</h1>
 	<br />
 	<hr>
 	<div style="text-align: left; line-height: 18px; font-size: 13px;"><br />
-	Hello! A lot has happened in my life over the past 2 years, and here I am again today. I apologize for my absence and thank you all for your continued support.<br /><br />
-	This update brings protection against WebRTC, optimizations to the code, maintenance updates to various blacklists and the jQuery framework, and more notably updated links to Github project which will be where this project and submitted issues will live:
+	Hello, it's me again!<br /><br />
+	This update is a big one. It brings <b>noticeable performance improvements and completely written domain matching logic for more reliable, granular matching</b>. Feel free to take some time to read the changelog below:
 	<ul>
-		<li><b>v1.0.6.19:</b><ul>
-			<li>added WebRTC Protection - requires Chrome v48 or newer ("Protect Local IP" by default; visit Options page for additional choices)</li>
-			<li>overall code and performance optimization</li>
+		<li><b>v1.0.7.0:</b><ul>
+			<li><strong>IMPORTANT</strong> - due to the number of changes, <strong>it is recommended you restart Chrome</strong>, otherwise you might run into issues with the tooltip for existing tabs</a></li>
+			<li>significant performance improvements from a major overhaul of the core domain matching logic and other tweaks throughout ScriptSafe</li>
+			<li>domain whitelisting/blacklisting now supports basic regex: entire domain, wildcard, and single character matching (more info in Options page - you may want to revisit your whitelist/blacklist and revise accordingly)</li>
+			<li>added IPv6 address whitelist/blacklist support (e.g. [2001:4860:0:2001::68] - must contain square brackets)</li>
+			<li>added a check and notification in the Options page if WebRTC Protection isn't supported by the current Chrome version</li>
+			<li>allowed XMLHTTPREQUEST items are now listed in the ScriptSafe dialog to allow for blacklisting</li>
+			<li>added option to control all XMLHTTPREQUEST items</li>
+			<li>reduced pre-specified whitelist to just "*.googlevideo.com" (for basic YouTube support). Rationale: it should not be up to anyone to predefine what is "acceptable" to load. With the update to the domain matching logic, matching is now more reliable.</li>
+			<li>updated sync notifications to use the new chrome.notifications API</li>
 			<li>updated unwanted content providers and antisocial lists</li>
-			<li>updated jQuery to latest version (2.2.4)</li>
-			<li>updated browsers and operating systems (for the User-Agent Spoofing option)</li>
-			<li>moved project to Github and updated the links within ScriptSafe accordingly: <a href="https://github.com/andryou/scriptsafe" target="_blank">https://github.com/andryou/scriptsafe</a><ul><li>If you run into any issues, please <a href="https://github.com/andryou/scriptsafe/issues" target="_blank">create an issue in Github</a></li></ul></li>
+			<li>updated core logic so that if there are any whitelist/blacklist conflicts, the whitelist is applied first</li>
+			<li><strong>FYI - <a href="https://github.com/andryou/scriptsafe/issues/6" target="_blank">info</a> on new "Privacy" permission required starting from v1.0.6.19 (tl;dr - it's harmless and ScriptSafe is safe)</strong></a></li>
+			<li>if you run into any issues, please <a href="https://github.com/andryou/scriptsafe/issues" target="_blank">create an issue in Github</a>. This release is completely synced up to Github so the latest source code is available for review.</li>
 		</ul></li>
 	</ul>
-	I'm all for options and choice: if you're an advanced user or like trying extensions out, check out <a href="https://chrome.google.com/webstore/detail/umatrix/ogfcmafjalglgifnmanfmnieipoejdcf" target="_blank">uMatrix</a>, similar to ScriptSafe but with more granular control.<br /><br />
-	On that note, my philosophy with ScriptSafe is: <strong>keep it simple</strong>. ScriptSafe was relevant 2 years ago, and it is even moreso today.<br /><br />
-	In the short-term, I hope to focus on fixing bugs, adding support for the latest web technologies and languages (an example addressed in this update: WebRTC), and improving ScriptSafe. In the long-term, I hope to make ScriptSafe even lighter and faster and also add more granularity, while keeping it as simple and easy to use as possible.<br /><br />
-	I am quite active on Twitter, so if you don't mind the occasional cat tweet, you are free to follow me: <a href="https://twitter.com/andryou" target="_blank">@andryou</a>.<br /><br />
+	I am quite active on Twitter, so if you don't mind the occasional cat tweet, you are free to follow me: <a href="https://twitter.com/andryou" target="_blank">@andryou</a>.<br /><br />If you like ScriptSafe, check out one of my other extensions: <a href="https://chrome.google.com/webstore/detail/decreased-productivity/nlbpiflhmdcklcbihngeffpmoklbiooj" target="_blank">Decreased Productivity</a><br /><br />
 	Thank you,<br /><br />
 	-Andrew<br /><br /></div>
 	<hr>
@@ -43,10 +47,10 @@ <h1>Updated to v<span id="versionno"></span>! (Thursday, May 26, 2016)</h1>
 	<br />
 	<form action="https://www.paypal.com/cgi-bin/webscr" method="post" style="display: inline;">
 	<input type="hidden" name="cmd" value="_s-xclick">
-	<input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----MIIHdwYJKoZIhvcNAQcEoIIHaDCCB2QCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYCTc0i+Ou0+4itejcXDMSomELT0be/DuV0huZ5eezsNzlefoBY1ySA2b2t6S0f3JfKBYf4vIhpCqp5kT5apsbYChEAtrKRibed9LY0NdYVGzBwYd7zGPF6IRW6sKTl4XH1WygO/ToxlYo79HA5k/KYVeuWOVWKKXu6rPk1XbLweNDELMAkGBSsOAwIaBQAwgfQGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQItlY8JkoT7RSAgdDF2kfFw6qanCxHeRxUqlxEv8fGvP+9zndyfs8WNOTkpBh5wYOruoh9zwmUfKc5221CP/fgZL342eB9LCA9FQCfBU4ryr4++UJF7dQRC2y6t+XYOMBxxOsAdRvWfPi7JeTimpZwaMqCCbbN5z8DkSEpbtXEFSXQlI4FC/M6WhNQxA5NFqd65d6VSaIE0YiFkLsJM5KyWmLoLmxyT6g72ckh4OFmAYHeoCqkBL2QPeoc2brmRA4BOgho7Hsionj20YZjEmBDgxmVsXOfYa98NTzkoIIDhzCCA4MwggLsoAMCAQICAQAwDQYJKoZIhvcNAQEFBQAwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tMB4XDTA0MDIxMzEwMTMxNVoXDTM1MDIxMzEwMTMxNVowgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBR07d/ETMS1ycjtkpkvjXZe9k+6CieLuLsPumsJ7QC1odNz3sJiCbs2wC0nLE0uLGaEtXynIgRqIddYCHx88pb5HTXv4SZeuv0Rqq4+axW9PLAAATU8w04qqjaSXgbGLP3NmohqM6bV9kZZwZLR/klDaQGo1u9uDb9lr4Yn+rBQIDAQABo4HuMIHrMB0GA1UdDgQWBBSWn3y7xm8XvVk/UtcKG+wQ1mSUazCBuwYDVR0jBIGzMIGwgBSWn3y7xm8XvVk/UtcKG+wQ1mSUa6GBlKSBkTCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb22CAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCBXzpWmoBa5e9fo6ujionW1hUhPkOBakTr3YCDjbYfvJEiv/2P+IobhOGJr85+XHhN0v4gUkEDI8r2/rNk1m0GA8HKddvTjyGw/XqXa+LSTlDYkqI8OwR8GEYj4efEtcRpRYBxV8KxAW93YDWzFGvruKnnLbDAF6VR5w/cCMn5hzGCAZowggGWAgEBMIGUMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbQIBADAJBgUrDgMCGgUAoF0wGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTEwODA0MDQwNzQ4WjAjBgkqhkiG9w0BCQQxFgQUmf0Ci0hItIKCiCOLyBIhC+uH2PMwDQYJKoZIhvcNAQEBBQAEgYCUJPsHoxbuuO6choADcQBoIaDR+EWOysfyw4b+dEir3FP1YPK6NgLfJAGD4BFcsJ84wVpSys9/H8K7R1uQ6qSq9NyEkZ3VfXolg7ZsiXNDNPKhTckVwl8U7dr/YrkTTi18JVXskC4ml+48V9E8NeyOFC28RDKsd++3lJYOe1hwfA==-----END PKCS7-----">
+	<input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----MIIHfwYJKoZIhvcNAQcEoIIHcDCCB2wCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYAvV5foGvoKYexq2oZBKeHGIGFrfzYgv+pNgqApLGz2h7P5SdhZY4x4O8b1tQZBte6yt/MQWxhuqDEpDFsmDfrOvLxQTK3NvsWdLIytEgFHJezAGzS2DG5YSmKI1skoPkEAN32m2LjJSDBme3+tBPu72jmZKkOWdv/X48B0jkm+UjELMAkGBSsOAwIaBQAwgfwGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIkP7PBvDsSK6Agdhs9lWxUxuoqTOtdnWdieapq6cL5V00kwNAQrDNxouaOgSdWnaRjNefW1qO09kMi7iNpxMl5gTIE2PkjgZYinVekfoAp4VgdXkqP3hMH41K9uCnojckeKxoBj6o/TWuupJu/5jYfpfOES7VQN0A6lnSMECdTa3uxPh3qNS0oJNR0V8gNryh+pP0qhAVldPumPp65uUD1Mfsgz7EYZOm7GQ5Q5y80SABBguBhPQgfIMfKCpoHmXDDZPjxr9nprTGjcJxEFl+Qeig55LFSoetT6iN9KEThSrUvwigggOHMIIDgzCCAuygAwIBAgIBADANBgkqhkiG9w0BAQUFADCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20wHhcNMDQwMjEzMTAxMzE1WhcNMzUwMjEzMTAxMzE1WjCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMFHTt38RMxLXJyO2SmS+Ndl72T7oKJ4u4uw+6awntALWh03PewmIJuzbALScsTS4sZoS1fKciBGoh11gIfHzylvkdNe/hJl66/RGqrj5rFb08sAABNTzDTiqqNpJeBsYs/c2aiGozptX2RlnBktH+SUNpAajW724Nv2Wvhif6sFAgMBAAGjge4wgeswHQYDVR0OBBYEFJaffLvGbxe9WT9S1wob7BDWZJRrMIG7BgNVHSMEgbMwgbCAFJaffLvGbxe9WT9S1wob7BDWZJRroYGUpIGRMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbYIBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAIFfOlaagFrl71+jq6OKidbWFSE+Q4FqROvdgIONth+8kSK//Y/4ihuE4Ymvzn5ceE3S/iBSQQMjyvb+s2TWbQYDwcp129OPIbD9epdr4tJOUNiSojw7BHwYRiPh58S1xGlFgHFXwrEBb3dgNbMUa+u4qectsMAXpVHnD9wIyfmHMYIBmjCCAZYCAQEwgZQwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tAgEAMAkGBSsOAwIaBQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0xNjA1MjkwOTM2NTFaMCMGCSqGSIb3DQEJBDEWBBQc8Qi2P34lIIMhgqdbZg0TMUwL3TANBgkqhkiG9w0BAQEFAASBgES4SXnm8NL5dtyN2no5Q8RU4AdSxySN4sLJznyTrW/JYlH3avVuYaxLY7wK31KCzhvVou1cL3fNRUNKjHjSsL/6wsHJbyvr5sU2HcZEwI2PNVpJt1TKi7Zg9tqW6vAwBSLcZs2+kJec9eEBxV+1TK9sRC9VduhC5KVY2E91Seto-----END PKCS7-----">
 	<input type="image" src="../img/heartbig.png" border="0" name="submit" alt="Support Andrew!" title="Support Andrew!">
 	</form><br />
-	<i><a href="https://github.com/andryou/scriptsafe" target="_blank">ScriptSafe on Github</a> | <a href="https://chrome.google.com/extensions/detail/oiigbmnaadbkfbmpbfijlflahbdbdgdf" target="_blank">ScriptSafe on the Chrome Web Store</a></i>
+	<i><a href="https://github.com/andryou/scriptsafe" target="_blank">ScriptSafe on Github</a> | <a href="https://chrome.google.com/webstore/detail/scriptsafe/oiigbmnaadbkfbmpbfijlflahbdbdgdf" target="_blank">ScriptSafe on the Chrome Web Store</a></i>
 	</div>
 	<script type="text/javascript" src="../js/updated.js"></script>
 </body>

js/common.js

@@ -1,20 +1,18 @@
-// (c) Andrew Y. <[email protected]>
+// (c) Andrew Y.
 function baddies(src, amode, antisocial) {
-	// Confucius say: you go to JAIL, BAD BOY!
-	src = src.toLowerCase();
 	var dmn = extractDomainFromURL(relativeToAbsoluteUrl(src));
 	var topDomain = getDomain(dmn);
 	if (dmn.indexOf(".") == -1 && src.indexOf(".") != -1) dmn = src;
-	if (antisocial == 'true' && (antisocial2.indexOf(dmn) != -1 || antisocial1.indexOf(topDomain) != -1 || src.indexOf("digg.com/tools/diggthis.js") != -1 || src.indexOf("/googleapis.client__plusone.js") != -1 || src.indexOf("apis.google.com/js/plusone.js") != -1 || src.indexOf(".facebook.com/connect") != -1 || src.indexOf(".facebook.com/plugins") != -1 || src.indexOf(".facebook.com/widgets") != -1 || src.indexOf(".fbcdn.net/connect.php/js") != -1 || src.indexOf(".stumbleupon.com/hostedbadge") != -1 || src.indexOf(".youtube.com/subscribe_widget") != -1 || src.indexOf(".ytimg.com/yt/jsbin/www-subscribe-widget") != -1))
+	if (antisocial == 'true' && (antisocial2.indexOf(dmn) != -1 || antisocial1.indexOf(topDomain) != -1 || src.indexOf("digg.com/tools/diggthis.js") != -1 || src.indexOf("/googleapis.client__plusone.js") != -1 || src.indexOf("apis.google.com/js/plusone.js") != -1 || src.indexOf(".facebook.com/connect") != -1 || src.indexOf(".facebook.com/plugins") != -1 || src.indexOf(".facebook.com/widgets") != -1 || src.indexOf(".fbcdn.net/connect.php/js") != -1 || src.indexOf(".stumbleupon.com/hostedbadge") != -1 || src.indexOf(".youtube.com/subscribe_widget") != -1 || src.indexOf(".ytimg.com/yt/jsbin/www-subscribe-widget") != -1 || src.indexOf("apis.google.com/js/platform.js") != -1 || src.indexOf("plus.google.com/js/client:plusone.js") != -1 || src.indexOf("linkedin.com/countserv/count/share") != -1))
 		return '2';
 	if (((amode == 'relaxed' && domainCheck(dmn, 1) != '0') || amode == 'strict') && (yoyo2.indexOf(dmn) != -1 || yoyo1.indexOf(topDomain) != -1))
 		return '1';
 	return false;
 }
 function elementStatus(src, mode, taburl) {
-	src = relativeToAbsoluteUrl(src).toLowerCase();
-	if (taburl === undefined) taburl = window.location.hostname.toLowerCase();
-	else taburl = extractDomainFromURL(taburl.toLowerCase());
+	src = relativeToAbsoluteUrl(src);
+	if (taburl === undefined) taburl = window.location.hostname;
+	else taburl = extractDomainFromURL(taburl);
 	var domainCheckStatus = domainCheck(src);
 	var thirdPartyStatus = thirdParty(src, taburl);
 	var extractedDomain = extractDomainFromURL(src);
@@ -23,16 +21,16 @@ function elementStatus(src, mode, taburl) {
 }
 function thirdParty(url, taburl) {
 	if (url) {
-		var requestHost = relativeToAbsoluteUrl(url.toLowerCase());
+		var requestHost = relativeToAbsoluteUrl(url);
 		if (domainCheck(requestHost) == '0') return false;
 		var requestHost = extractDomainFromURL(requestHost);
-		if (taburl === undefined) documentHost = window.location.hostname.toLowerCase();
+		if (taburl === undefined) documentHost = window.location.hostname;
 		else documentHost = taburl;
 		requestHost = requestHost.replace(/\.+$/, "");
 		documentHost = documentHost.replace(/\.+$/, "");
 		if (requestHost == documentHost) return false; // if they match exactly (same domain), our job here is done
 		// handle IP addresses (if we're still here, then it means the ip addresses don't match)
-		if (requestHost.match(/^((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9]{1,2})\.){3}(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9]{1,2})$/g) || documentHost.match(/^((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9]{1,2})\.){3}(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9]{1,2})$/g)) return true;
+		if (requestHost.match(/^((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9]{1,2})\.){3}(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9]{1,2})$/g) || documentHost.match(/^((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9]{1,2})\.){3}(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9]{1,2})$/g) || requestHost.match(/^(?:\[(?:[A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}\])(:[0-9]+)?$/g) || documentHost.match(/^(?:\[(?:[A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}\])(:[0-9]+)?$/g)) return true;
 		// now that IP addresses have been processed, carry on.
 		var elConst = requestHost.split('.').reverse(); // work backwards :)
 		var pageConst = documentHost.split('.').reverse();
@@ -64,20 +62,23 @@ function relativeToAbsoluteUrl(url) { // credit: NotScripts
 }
 function extractDomainFromURL(url) { // credit: NotScripts
 	if (!url) return "";
-	var x = url.toLowerCase();
+	var x = url;
 	if (x.indexOf("://") != -1) x = x.substr(url.indexOf("://") + 3);
 	if (x.indexOf("/") != -1) x = x.substr(0, x.indexOf("/"));
 	if (x.indexOf("@") != -1) x = x.substr(x.indexOf("@") + 1);
+	if (x.match(/^(?:\[(?:[A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}\])(:[0-9]+)?$/g)) {
+		if (x.indexOf("]:") != -1) return x.substr(0, x.indexOf("]:")+1);
+		return x;
+	}
 	if (x.indexOf(":") > 0) x = x.substr(0, x.indexOf(":"));
 	return x;
 }
 function getDomain(url, type) {
-	if (url && !url.match(/^((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9]{1,2})\.){3}(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9]{1,2})$/g) && url.indexOf(".") != -1) {
-		// below line may be edited/removed in the future to support granular trust-ing
-		if (url[0] == '*' && url[1] == '.') return url.substr(2);
-		url = url.toLowerCase().split(".").reverse();
-		len = url.length;
+	if (url && !url.match(/^((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9]{1,2})\.){3}(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9]{1,2})$/g) && !url.match(/^(?:\[(?:[A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}\])(:[0-9]+)?$/g) && url.indexOf(".") != -1) {
+		if (url[0] == '*' && url[1] == '*' && url[2] == '.') return url.substr(3);
+		url = url.split(".").reverse();
 		var domain;
+		var len = url.length;
 		if (len > 1) {
 			if (type === undefined) domain = url[1]+'.'+url[0];
 			else domain = url[1];
@@ -90,15 +91,7 @@ function getDomain(url, type) {
 	}
 	return url;
 }
-function in_array(needle, haystack) { // credit: NotScripts
-	for (key in haystack) {
-		if (haystack[key]==needle) {
-			return '1';
-			break;
-		} else if (haystack[key][0] == '*' && haystack[key][1] == '.' && needle.indexOf(haystack[key].substr(2)) != -1 && getDomain(needle) == getDomain(haystack[key])) {
-			return '2';
-			break;
-		}
-	}
+function in_array(needle, haystack) {
+	if (haystack && new RegExp(haystack).test(needle)) return '1';
 	return false;
 }