From ae0a93ef829a664ab17038d57b6534d57c947171 Mon Sep 17 00:00:00 2001
From: Peter Snyder <snyderp@gmail.com>
Date: Fri, 10 Dec 2021 10:40:43 -0600
Subject: [PATCH 1/6] add title to speedreader docs, fixes
 brave/brave-browser#19182

---
 .../speedreader/rust/lib/src/readability/src/extractor.rs     | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/components/speedreader/rust/lib/src/readability/src/extractor.rs b/components/speedreader/rust/lib/src/readability/src/extractor.rs
index 9807f176a891..f80175ffd0b7 100644
--- a/components/speedreader/rust/lib/src/readability/src/extractor.rs
+++ b/components/speedreader/rust/lib/src/readability/src/extractor.rs
@@ -254,6 +254,10 @@ pub fn extract_dom<S: ::std::hash::BuildHasher>(
         let charset_blob = format!("<meta charset=\"{}\"/>", charset);
         content = charset_blob + &content;
     }
+    if !meta.title.is_empty() {
+        let title_blob = format!("<title>{}</title>", &meta.title);
+        content = title_blob + &content;
+    }
     Ok(Product { meta, content })
 }
 

From 90a2fb53c39f38d7a413ab8c53dfbed68901725b Mon Sep 17 00:00:00 2001
From: Peter Snyder <snyderp@gmail.com>
Date: Fri, 10 Dec 2021 14:15:41 -0600
Subject: [PATCH 2/6] add csp protections

---
 .../speedreader/speedreader_rewriter_service.cc      | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/components/speedreader/speedreader_rewriter_service.cc b/components/speedreader/speedreader_rewriter_service.cc
index f15932af2dbc..330e005f29f4 100644
--- a/components/speedreader/speedreader_rewriter_service.cc
+++ b/components/speedreader/speedreader_rewriter_service.cc
@@ -7,10 +7,13 @@
 
 #include <utility>
 
+#include "base/base64.h"
 #include "base/bind.h"
+#include "base/containers/span.h"
 #include "base/feature_list.h"
 #include "base/files/file_util.h"
 #include "base/logging.h"
+#include "base/strings/string_piece.h"
 #include "base/strings/string_util.h"
 #include "base/task/post_task.h"
 #include "base/task/thread_pool.h"
@@ -19,6 +22,7 @@
 #include "brave/components/speedreader/speedreader_component.h"
 #include "brave/components/speedreader/speedreader_util.h"
 #include "components/grit/brave_components_resources.h"
+#include "crypto/sha2.h"
 #include "ui/base/resource/resource_bundle.h"
 #include "url/gurl.h"
 
@@ -36,7 +40,13 @@ std::string GetDistilledPageStylesheet(const base::FilePath& stylesheet_path) {
         IDR_SPEEDREADER_STYLE_DESKTOP);
   }
 
-  return "<style id=\"brave_speedreader_style\">" + stylesheet + "</style>";
+  const std::string style_hash = crypto::SHA256HashString(stylesheet);
+  const std::string style_hash_b64 = base::Base64Encode(base::as_bytes(
+    base::make_span(style_hash)));
+
+  return "<meta http-equiv=\"Content-Security-Policy\" content=\""
+            "script-src 'none'; style-src 'sha256-" + style_hash_b64 + "'\">\n"
+         "<style id=\"brave_speedreader_style\">" + stylesheet + "</style>";
 }
 
 }  // namespace

From 548ffac40843b7a27825c9a7ce800d866e7bf83d Mon Sep 17 00:00:00 2001
From: Peter Snyder <snyderp@gmail.com>
Date: Fri, 10 Dec 2021 14:30:52 -0600
Subject: [PATCH 3/6] remove no-longer needed dep

---
 components/speedreader/speedreader_rewriter_service.cc | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/components/speedreader/speedreader_rewriter_service.cc b/components/speedreader/speedreader_rewriter_service.cc
index 330e005f29f4..ca0fe331c5ca 100644
--- a/components/speedreader/speedreader_rewriter_service.cc
+++ b/components/speedreader/speedreader_rewriter_service.cc
@@ -13,7 +13,6 @@
 #include "base/feature_list.h"
 #include "base/files/file_util.h"
 #include "base/logging.h"
-#include "base/strings/string_piece.h"
 #include "base/strings/string_util.h"
 #include "base/task/post_task.h"
 #include "base/task/thread_pool.h"
@@ -41,12 +40,12 @@ std::string GetDistilledPageStylesheet(const base::FilePath& stylesheet_path) {
   }
 
   const std::string style_hash = crypto::SHA256HashString(stylesheet);
-  const std::string style_hash_b64 = base::Base64Encode(base::as_bytes(
-    base::make_span(style_hash)));
+  const std::string style_hash_b64 =
+      base::Base64Encode(base::as_bytes(base::make_span(style_hash)));
 
   return "<meta http-equiv=\"Content-Security-Policy\" content=\""
-            "script-src 'none'; style-src 'sha256-" + style_hash_b64 + "'\">\n"
-         "<style id=\"brave_speedreader_style\">" + stylesheet + "</style>";
+      "script-src 'none'; style-src 'sha256-" + style_hash_b64 + "'\">\n"
+      "<style id=\"brave_speedreader_style\">" + stylesheet + "</style>";
 }
 
 }  // namespace

From 3c5fb368e1e3606015bee801e019a9727367aa1d Mon Sep 17 00:00:00 2001
From: Peter Snyder <snyderp@gmail.com>
Date: Fri, 10 Dec 2021 15:06:52 -0600
Subject: [PATCH 4/6] move CSP code to a helper funciton, apply to stylesheet
 property

---
 .../speedreader_rewriter_service.cc           | 24 ++++++++++---------
 1 file changed, 13 insertions(+), 11 deletions(-)

diff --git a/components/speedreader/speedreader_rewriter_service.cc b/components/speedreader/speedreader_rewriter_service.cc
index ca0fe331c5ca..4db586be093c 100644
--- a/components/speedreader/speedreader_rewriter_service.cc
+++ b/components/speedreader/speedreader_rewriter_service.cc
@@ -29,6 +29,16 @@ namespace speedreader {
 
 namespace {
 
+std::string WrapStylesheetWithCSP(const std::string &stylesheet) {
+  const std::string style_hash = crypto::SHA256HashString(stylesheet);
+  const std::string style_hash_b64 =
+      base::Base64Encode(base::as_bytes(base::make_span(style_hash)));
+
+  return "<meta http-equiv=\"Content-Security-Policy\" content=\""
+      "script-src 'none'; style-src 'sha256-" + style_hash_b64 + "'\">\n"
+      "<style id=\"brave_speedreader_style\">" + stylesheet + "</style>";
+}
+
 std::string GetDistilledPageStylesheet(const base::FilePath& stylesheet_path) {
   std::string stylesheet;
   const bool success = base::ReadFileToString(stylesheet_path, &stylesheet);
@@ -39,13 +49,7 @@ std::string GetDistilledPageStylesheet(const base::FilePath& stylesheet_path) {
         IDR_SPEEDREADER_STYLE_DESKTOP);
   }
 
-  const std::string style_hash = crypto::SHA256HashString(stylesheet);
-  const std::string style_hash_b64 =
-      base::Base64Encode(base::as_bytes(base::make_span(style_hash)));
-
-  return "<meta http-equiv=\"Content-Security-Policy\" content=\""
-      "script-src 'none'; style-src 'sha256-" + style_hash_b64 + "'\">\n"
-      "<style id=\"brave_speedreader_style\">" + stylesheet + "</style>";
+  return WrapStylesheetWithCSP(stylesheet);
 }
 
 }  // namespace
@@ -55,11 +59,9 @@ SpeedreaderRewriterService::SpeedreaderRewriterService(
     : component_(new speedreader::SpeedreaderComponent(delegate)),
       speedreader_(new speedreader::SpeedReader) {
   // Load the built-in stylesheet as the default
-  content_stylesheet_ =
-      "<style id=\"brave_speedreader_style\">" +
+  content_stylesheet_ = WrapStylesheetWithCSP(
       ui::ResourceBundle::GetSharedInstance().LoadDataResourceString(
-          IDR_SPEEDREADER_STYLE_DESKTOP) +
-      "</style>";
+          IDR_SPEEDREADER_STYLE_DESKTOP));
 
   // Check the paths from the component as observer may register
   // later than the paths were available in the component.

From d9df4c817332d81d6cb15af9ee03422d8beebce1 Mon Sep 17 00:00:00 2001
From: Peter Snyder <snyderp@gmail.com>
Date: Fri, 10 Dec 2021 15:49:58 -0600
Subject: [PATCH 5/6] i made it look worse to make the robots happy

---
 components/speedreader/speedreader_rewriter_service.cc | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/components/speedreader/speedreader_rewriter_service.cc b/components/speedreader/speedreader_rewriter_service.cc
index 4db586be093c..7c57ceabe61f 100644
--- a/components/speedreader/speedreader_rewriter_service.cc
+++ b/components/speedreader/speedreader_rewriter_service.cc
@@ -29,14 +29,17 @@ namespace speedreader {
 
 namespace {
 
-std::string WrapStylesheetWithCSP(const std::string &stylesheet) {
+std::string WrapStylesheetWithCSP(const std::string& stylesheet) {
   const std::string style_hash = crypto::SHA256HashString(stylesheet);
   const std::string style_hash_b64 =
       base::Base64Encode(base::as_bytes(base::make_span(style_hash)));
 
   return "<meta http-equiv=\"Content-Security-Policy\" content=\""
-      "script-src 'none'; style-src 'sha256-" + style_hash_b64 + "'\">\n"
-      "<style id=\"brave_speedreader_style\">" + stylesheet + "</style>";
+         "script-src 'none'; style-src 'sha256-" +
+         style_hash_b64 +
+         "'\">\n"
+         "<style id=\"brave_speedreader_style\">" +
+         stylesheet + "</style>";
 }
 
 std::string GetDistilledPageStylesheet(const base::FilePath& stylesheet_path) {

From e8b0f378af0eeccc5a5a307f435f467656bf40ad Mon Sep 17 00:00:00 2001
From: Peter Snyder <snyderp@gmail.com>
Date: Mon, 13 Dec 2021 11:40:09 -0600
Subject: [PATCH 6/6] add crypto to deps and build

---
 components/speedreader/BUILD.gn | 1 +
 components/speedreader/DEPS     | 1 +
 2 files changed, 2 insertions(+)

diff --git a/components/speedreader/BUILD.gn b/components/speedreader/BUILD.gn
index cce90adab918..635afbb3db32 100644
--- a/components/speedreader/BUILD.gn
+++ b/components/speedreader/BUILD.gn
@@ -52,6 +52,7 @@ static_library("speedreader") {
     "//components/prefs:prefs",
     "//components/sessions:sessions",
     "//content/public/browser",
+    "//crypto",
     "//services/network/public/cpp",
     "//services/network/public/mojom",
     "//third_party/blink/public/common",
diff --git a/components/speedreader/DEPS b/components/speedreader/DEPS
index a79e71ba20fa..736ab6b67a1e 100644
--- a/components/speedreader/DEPS
+++ b/components/speedreader/DEPS
@@ -3,6 +3,7 @@ include_rules = [
   "+components/prefs",
   "+components/sessions/content",
   "+content/public/browser",
+  "+crypto",
   "+services/network/public",
   "+services/network/public/cpp",
   "+services/network/public/mojom",