+++ /dev/null
-/*
- * Copyright ©2010 Kris Maglione <maglione.k at Gmail>
- * Distributable under the terms of the MIT license.
- *
- * Documentation is at the tail of this file.
- */
-"use strict";
-
-dactyl.assert("noscriptOverlay" in window,
- "This plugin requires the NoScript add-on.");
-
-/*
- * this.globalJS ? !this.alwaysBlockUntrustedContent || !this.untrustedSites.matches(s)
- * : this.jsPolicySites.matches(s) && !this.untrustedSites.matches(s) && !this.isForbiddenByHttpsStatus(s));
- */
-
-function getSites() {
- // This logic comes directly from NoScript. To my mind, it's insane.
- const ns = services.noscript;
- const global = options["script"];
- const groups = { allowed: ns.jsPolicySites, temp: ns.tempSites, untrusted: ns.untrustedSites };
- const show = Set(options["noscript-list"]);
- const sites = window.noscriptOverlay.getSites();
-
- const blockUntrusted = global && ns.alwaysBlockUntrustedContent;
-
- let res = [];
- for (let site in array.iterValues(Array.concat(sites.topSite, sites))) {
- let ary = [];
-
- let untrusted = groups.untrusted.matches(site);
- let matchingSite = null;
- if (!untrusted)
- matchingSite = groups.allowed.matches(site) || blockUntrusted && site;
-
- let enabled = Boolean(matchingSite);
- if (site == sites.topSite && !ns.dom.getDocShellForWindow(content).allowJavascript)
- enabled = false;
-
- let hasPort = /:\d+$/.test(site);
-
- if (enabled && !global || untrusted) {
- if (!enabled || global)
- matchingSite = untrusted;
-
- if (hasPort && ns.ignorePorts)
- if (site = groups.allowed.matches(site.replace(/:\d+$/, "")))
- matchingSite = site;
- ary.push(matchingSite);
- }
- else {
- if ((!hasPort || ns.ignorePorts) && (show.full || show.base)) {
- let domain = !ns.isForbiddenByHttpsStatus(site) && ns.getDomain(site);
- if (domain && ns.isJSEnabled(domain) == enabled) {
- ary = util.subdomains(domain);
- if (!show.base && ary.length > 1)
- ary = ary.slice(1);
- if (!show.full)
- ary = ary.slice(0, 1);
- }
- }
-
- if (show.address || ary.length == 0) {
- ary.push(site);
-
- if (hasPort && ns.ignorePorts) {
- site = site.replace(/:\d+$/, "");
- if (!groups.allowed.matches(site))
- ary.push(site);
- }
- }
- }
- res = res.concat(ary);
- }
-
- let seen = {};
- return res.filter(function (h) !Set.add(seen, h));
-}
-function getObjects() {
- let sites = noscriptOverlay.getSites();
- let general = [], specific = [];
- for (let group in values(sites.pluginExtras))
- for (let obj in array.iterValues(group)) {
- if (!obj.placeholder && (ns.isAllowedObject(obj.url, obj.mime) || obj.tag))
- continue;
- specific.push(obj.mime + "@" + obj.url);
- general.push("*@" + obj.url);
- general.push("*@" + obj.site);
- }
- let sites = buffer.allFrames().map(function (f) f.location.host);
- for (let filter in values(options["noscript-objects"])) {
- let host = util.getHost(util.split(filter, /@/, 2)[1]);
- if (sites.some(function (s) s == host))
- specific.push(filter);
- }
- let seen = {};
- return specific.concat(general).filter(function (site) !Set.add(seen, site));
-}
-
-var onUnload = overlay.overlayObject(gBrowser, {
- // Extend NoScript's bookmarklet handling hack to the command-line
- // Modified from NoScript's own wrapper.
- loadURIWithFlags: function loadURIWithFlags(url) {
- let args = arguments;
- function load() loadURIWithFlags.superapply(gBrowser, args);
-
- if (!commandline.command || !util.isDactyl(Components.stack.caller))
- return load();
-
- try {
- for (let [cmd, args] in commands.parseCommands(commandline.command))
- var origURL = args.literalArg;
-
- let isJS = function isJS(url) /^(?:data|javascript):/i.test(url);
- let allowJS = prefs.get("noscript.allowURLBarJS", true);
-
- if (isJS(origURL) && allowJS) {
- if (services.noscript.executeJSURL(origURL, load))
- return;
- }
- else if (url != origURL && isJS(url)) {
- if(services.noscript.handleBookmark(url, load))
- return;
- }
- }
- catch (e) {
- util.reportError(e);
- }
- return load();
- }
-});
-
-highlight.loadCSS(literal(/*
- NoScriptAllowed color: green;
- NoScriptBlocked color: #444; font-style: italic;
- NoScriptTemp color: blue;
- NoScriptUntrusted color: #c00; font-style: italic;
-*/));
-
-let groupProto = {};
-["temp", "jsPolicy", "untrusted"].forEach(function (group)
- memoize(groupProto, group, function () services.noscript[group + "Sites"].matches(this.site)));
-let groupDesc = {
- NoScriptTemp: "Temporarily allowed",
- NoScriptAllowed: "Allowed permanently",
- NoScriptUntrusted: "Untrusted",
- NoScriptBlocked: "Blocked"
-};
-
-function splitContext(context, list) {
- for (let [name, title, filter] in values(list)) {
- let ctxt = context.split(name);
- ctxt.title = [title];
- ctxt.filters.push(filter);
- }
-}
-
-completion.noscriptObjects = function (context) {
- let whitelist = options.get("noscript-objects").set;
- context = context.fork();
- context.compare = CompletionContext.Sort.unsorted;
- context.generate = getObjects;
- context.keys = {
- text: util.identity,
- description: function (key) Set.has(whitelist, key) ? "Allowed" : "Forbidden"
- };
- splitContext(context, getObjects, [
- ["forbidden", "Forbidden objects", function (item) !Set.has(whitelist, item.item)],
- ["allowed", "Allowed objects", function (item) Set.has(whitelist, item.item)]]);
-};
-completion.noscriptSites = function (context) {
- context.compare = CompletionContext.Sort.unsorted;
- context.generate = getSites;
- context.keys = {
- text: util.identity,
- description: function (site) groupDesc[this.highlight] +
- (this.groups.untrusted && this.highlight != "NoScriptUntrusted" ? " (untrusted)" : ""),
-
- highlight: function (site) this.groups.temp ? "NoScriptTemp" :
- this.groups.jsPolicy ? "NoScriptAllowed" :
- this.groups.untrusted ? "NoScriptUntrusted" :
- "NoScriptBlocked",
- groups: function (site) ({ site: site, __proto__: groupProto })
- };
- splitContext(context, [
- ["normal", "Active sites", function (item) item.groups.jsPolicy || !item.groups.untrusted],
- ["untrusted", "Untrusted sites", function (item) !item.groups.jsPolicy && item.groups.untrusted]]);
- context.maxItems = 100;
-}
-
-services.add("noscript", "@maone.net/noscript-service;1");
-
-var PrefBase = "noscript.";
-var Pref = Struct("text", "pref", "description");
-let prefs = {
- forbid: [
- ["bookmarklet", "forbidBookmarklets", "Forbid bookmarklets"],
- ["collapse", "collapseObject", "Collapse forbidden objects"],
- ["flash", "forbidFlash", "Block Adobe® Flash® animations"],
- ["fonts", "forbidFonts", "Forbid remote font loading"],
- ["frame", "forbidFrames", "Block foreign <frame> elements"],
- ["iframe", "forbidIFrames", "Block foreign <iframe> elements"],
- ["java", "forbidJava", "Block Java™ applets"],
- ["media", "forbidMedia", "Block <audio> and <video> elements"],
- ["placeholder", "showPlaceholder", "Replace forbidden objects with a placeholder"],
- ["plugins", "forbidPlugins", "Forbid other plugins"],
- ["refresh", "forbidMetaRefresh", "Block <meta> page directions"],
- ["silverlight", "forbidSilverlight", "Block Microsoft® Silverlight™ objects"],
- ["trusted", "contentBlocker", "Block media and plugins even on trusted sites"],
- ["webbug", "blockNSWB", "Block “web bug” tracking images"],
- ["xslt", "forbidXSLT", "Forbid XSLT stylesheets"]
- ],
- list: [
- ["address", "showAddress", "Show the full address (http://www.google.com)"],
- ["base", "showBaseDomain", "Show the base domain (google.com)"],
- ["full", "showDomain", "Show the full domain (www.google.com)"]
- ]
-};
-for (let [k, v] in Iterator(prefs))
- prefs[k] = array(v).map(function (v) [v[0], Pref.fromArray(v.map(UTF8))]).toObject();
-
-function getPref(pref) modules.prefs.get(PrefBase + pref);
-function setPref(pref, val) modules.prefs.set(PrefBase + pref, val);
-
-prefs.complete = function prefsComplete(group) function (context) {
- context.keys = { text: "text", description: "description" };
- context.completions = values(prefs[group]);
-}
-prefs.get = function prefsGet(group) [p.text for (p in values(this[group])) if (getPref(p.pref))];
-prefs.set = function prefsSet(group, val) {
- for (let p in values(this[group]))
- setPref(p.pref, val.indexOf(p.text) >= 0);
- return val;
-}
-prefs.descs = function prefDescs(group) ["dl", {},
- template.map(values(this[group]), function (pref)
- [["dt", {}, pref.text], ["dd", {}, pref.description]])];
-
-function groupParams(group) ( {
- getter: function () prefs.get(group),
- completer: prefs.complete(group),
- setter: function (val) prefs.set(group, val),
- initialValue: true,
- persist: false
-});
-group.options.add(["noscript-forbid", "nsf"],
- "The set of permissions forbidden to untrusted sites",
- "stringlist", "",
- groupParams("forbid"));
-group.options.add(["noscript-list", "nsl"],
- "The set of domains to show in the menu and completion list",
- "stringlist", "",
- groupParams("list"));
-
-group.options.add(["script"],
- "Whether NoScript is enabled",
- "boolean", false,
- {
- getter: function () services.noscript.jsEnabled,
- setter: function (val) services.noscript.jsEnabled = val,
- initialValue: true,
- persist: false
- });
-
-[
- {
- names: ["noscript-sites", "nss"],
- description: "The list of sites allowed to execute scripts",
- action: function (add, sites) sites.length && noscriptOverlay.safeAllow(sites, add, false, -1),
- completer: function (context) completion.noscriptSites(context),
- has: function (val) Set.has(services.noscript.jsPolicySites.sitesMap, val) &&
- !Set.has(services.noscript.tempSites.sitesMap, val),
- get set() Set.subtract(
- services.noscript.jsPolicySites.sitesMap,
- services.noscript.tempSites.sitesMap)
- }, {
- names: ["noscript-tempsites", "nst"],
- description: "The list of sites temporarily allowed to execute scripts",
- action: function (add, sites) sites.length && noscriptOverlay.safeAllow(sites, add, true, -1),
- completer: function (context) completion.noscriptSites(context),
- get set() services.noscript.tempSites.sitesMap
- }, {
- names: ["noscript-untrusted", "nsu"],
- description: "The list of untrusted sites",
- action: function (add, sites) sites.length && services.noscript.setUntrusted(sites, add),
- completer: function (context) completion.noscriptSites(context),
- get set() services.noscript.untrustedSites.sitesMap
- }, {
- names: ["noscript-objects", "nso"],
- description: "The list of allowed objects",
- get set() Set(array.flatten(
- [Array.concat(v).map(function (v) v + "@" + this, k)
- for ([k, v] in Iterator(services.noscript.objectWhitelist))])),
- action: function (add, patterns) {
- for (let pattern in values(patterns)) {
- let [mime, site] = util.split(pattern, /@/, 2);
- if (add)
- services.noscript.allowObject(site, mime);
- else {
- let list = services.noscript.objectWhitelist[site];
- if (list) {
- if (list == "*") {
- delete services.noscript.objectWhitelist[site];
- services.noscript.objectWhitelistLen--;
- }
- else {
- let types = list.filter(function (type) type != mime);
- services.noscript.objectWhitelistLen -= list.length - types.length;
- services.noscript.objectWhitelist[site] = types;
- if (!types.length)
- delete services.noscript.objectWhitelist[site];
- }
- }
- }
- }
- if (add)
- services.noscript.reloadAllowedObjects(config.browser.selectedBrowser);
- },
- completer: function (context) completion.noscriptObjects(context)
- }
-].forEach(function (params)
- group.options.add(params.names, params.description,
- "stringlist", "",
- {
- completer: function (context) {
- context.anchored = false;
- if (params.completer)
- params.completer(context)
- },
- domains: params.domains || function (values) values,
- has: params.has || function (val) Set.has(params.set, val),
- initialValue: true,
- getter: params.getter || function () Object.keys(params.set),
- setter: function (values) {
- let newset = Set(values);
- let current = params.set;
- let value = this.value;
- params.action(true, values.filter(function (site) !Set.has(current, site)))
- params.action(false, value.filter(function (site) !Set.has(newset, site)));
- return this.value;
- },
- persist: false,
- privateData: true,
- validator: params.validator || function () true
- }));
-
-var INFO =
-["plugin", { name: "noscript",
- version: "0.8",
- href: "http://dactyl.sf.net/pentadactyl/plugins#noscript-plugin",
- summary: "NoScript integration",
- xmlns: "dactyl" },
- ["author", { email: "maglione.k@gmail.com" }, "Kris Maglione"],
- ["license", { href: "http://opensource.org/licenses/mit-license.php" }, "MIT"],
- ["project", { name: "Pentadactyl", "min-version": "1.0" }],
-
- ["p", {},
- "This plugin provides tight integration with the NoScript add-on. ",
- "In addition to commands and options to control the behavior of ",
- "NoScript, this plugin also provides integration with both the ",
- config.appName, " and ", config.host, " sanitization systems sorely ",
- "lacking in the add-on itself. Namely, when data for a domain is ",
- "purged, all of its associated NoScript permissions are purged as ",
- "well, and temporary permissions are purged along with session ",
- "data."],
-
- ["note", {},
- "As most options provided by this script directly alter NoScript ",
- "preferences, which are persistent, their values are automatically ",
- "preserved across restarts."],
-
- ["item", {},
- ["tags", {}, "'script' 'noscript'"],
- ["strut", {}],
- ["spec", {}, "'script'"],
- ["type", {}, "boolean"],
- ["default", {}, "noscript"],
- ["description", {},
- ["p", {},
- "When on, all sites are allowed to execute scripts and ",
- "load plugins. When off, only specifically allowed sites ",
- "may do so."]]],
-
- ["item", {},
- ["tags", {}, "'nsf' 'noscript-forbid'"],
- ["spec", {}, "'noscript-forbid'"],
- ["type", {}, "stringlist"],
- ["default", {}, ""],
- ["description", {},
- ["p", {},
- "The set of permissions forbidden to untrusted sites."],
- prefs.descs("forbid"),
- ["p", {},
- "See also ", ["o", {}, "noscript-objects"], "."]]],
-
- ["item", {},
- ["tags", {}, "'nsl' 'noscript-list'"],
- ["spec", {}, "'noscript-list'"],
- ["type", {}, "stringlist"],
- ["default", {}, ""],
- ["description", {},
- ["p", {},
- "The set of items to show in the main completion list and ",
- "NoScript menu."],
- prefs.descs("list")]],
-
- ["item", {},
- ["tags", {}, "'nso' 'noscript-objects'"],
- ["spec", {}, "'noscript-objects'"],
- ["type", {}, "stringlist"],
- ["default", {}, ""],
- ["description", {},
- ["p", {},
- "The list of objects which allowed to display. See also ",
- ["o", {}, "noscript-forbid"], "."],
- ["example", {},
- ["ex", {}, ":map ", ["k", { name: "A-c", link: "false" }]], " ",
- ["ex", {}, ":set nso!=", ["k", { name: "A-Tab", link: "c_<A-Tab>" }]]]]],
-
- ["item", {},
- ["tags", {}, "'nss' 'noscript-sites'"],
- ["spec", {}, "'noscript-sites'"],
- ["type", {}, "stringlist"],
- ["default", {}, ""],
- ["description", {},
- ["p", {},
- "The list of sites which are permanently allowed to execute ",
- "scripts."],
- ["example", {},
- ["ex", {}, ":map ", ["k", { name: "A-s", link: "false" }]], " ",
- ["ex", {}, ":set nss!=", ["k", { name: "A-Tab", link: "c_<A-Tab>" }]]]]],
-
- ["item", {},
- ["tags", {}, "'nst' 'noscript-tempsites'"],
- ["spec", {}, "'noscript-tempsites'"],
- ["type", {}, "stringlist"],
- ["default", {}, ""],
- ["description", {},
- ["p", {},
- "The list of sites which are temporarily allowed to execute ",
- "scripts. The value is not preserved across application ",
- "restarts."],
- ["example", {},
- ["ex", {}, ":map ", ["k", { name: "A-S-s", link: "false" }]], " ",
- ["ex", {}, ":set nst!=", ["k", { name: "A-Tab", link: "c_<A-Tab>" }]]]]],
-
- ["item", {},
- ["tags", {}, "'nsu' 'noscript-untrusted'"],
- ["spec", {}, "'noscript-untrusted'"],
- ["type", {}, "stringlist"],
- ["default", {}, ""],
- ["description", {},
- ["p", {},
- "The list of untrusted sites which are not allowed to activate, ",
- "nor are listed in the main completion lists or NoScript menu."],
- ["example", {},
- ["ex", {}, ":map ", ["k", { name: "A-C-s", link: "false" }]], " ",
- ["ex", {}, ":set nsu!=", ["k", { name: "A-Tab", link: "c_<A-Tab>" }]]]]]];
-
-/* vim:se sts=4 sw=4 et: */
projects / x_full.git / blobdiff