aboutsummaryrefslogtreecommitdiff
path: root/modules/pentadactyl/pentadactyl.dot/plugins.link/noscript.js
diff options
context:
space:
mode:
Diffstat (limited to 'modules/pentadactyl/pentadactyl.dot/plugins.link/noscript.js')
-rw-r--r--modules/pentadactyl/pentadactyl.dot/plugins.link/noscript.js461
1 files changed, 461 insertions, 0 deletions
diff --git a/modules/pentadactyl/pentadactyl.dot/plugins.link/noscript.js b/modules/pentadactyl/pentadactyl.dot/plugins.link/noscript.js
new file mode 100644
index 0000000..1c69c68
--- /dev/null
+++ b/modules/pentadactyl/pentadactyl.dot/plugins.link/noscript.js
@@ -0,0 +1,461 @@
+/*
+ * Copyright ©2010 Kris Maglione <maglione.k at Gmail>
+ * Distributable under the terms of the MIT license.
+ *
+ * Documentation is at the tail of this file.
+ */
+/* use strict */
+
+dactyl.assert("noscriptOverlay" in window,
+ "This plugin requires the NoScript add-on.");
+
+/*
+ * this.globalJS ? !this.alwaysBlockUntrustedContent || !this.untrustedSites.matches(s)
+ * : this.jsPolicySites.matches(s) && !this.untrustedSites.matches(s) && !this.isForbiddenByHttpsStatus(s));
+ */
+
+function getSites() {
+ // This logic comes directly from NoScript. To my mind, it's insane.
+ const ns = services.noscript;
+ const global = options["script"];
+ const groups = { allowed: ns.jsPolicySites, temp: ns.tempSites, untrusted: ns.untrustedSites };
+ const show = Set(options["noscript-list"]);
+ const sites = window.noscriptOverlay.getSites();
+
+ const blockUntrusted = global && ns.alwaysBlockUntrustedContent;
+
+ let res = [];
+ for (let site in array.iterValues(Array.concat(sites.topSite, sites))) {
+ let ary = [];
+
+ let untrusted = groups.untrusted.matches(site);
+ let matchingSite = null;
+ if (!untrusted)
+ matchingSite = groups.allowed.matches(site) || blockUntrusted && site;
+
+ let enabled = Boolean(matchingSite);
+ if (site == sites.topSite && !ns.dom.getDocShellForWindow(content).allowJavascript)
+ enabled = false;
+
+ let hasPort = /:\d+$/.test(site);
+
+ if (enabled && !global || untrusted) {
+ if (!enabled || global)
+ matchingSite = untrusted;
+
+ if (hasPort && ns.ignorePorts)
+ if (site = groups.allowed.matches(site.replace(/:\d+$/, "")))
+ matchingSite = site;
+ ary.push(matchingSite);
+ }
+ else {
+ if ((!hasPort || ns.ignorePorts) && (show.full || show.base)) {
+ let domain = !ns.isForbiddenByHttpsStatus(site) && ns.getDomain(site);
+ if (domain && ns.isJSEnabled(domain) == enabled) {
+ ary = util.subdomains(domain);
+ if (!show.base && ary.length > 1)
+ ary = ary.slice(1);
+ if (!show.full)
+ ary = ary.slice(0, 1);
+ }
+ }
+
+ if (show.address || ary.length == 0) {
+ ary.push(site);
+
+ if (hasPort && ns.ignorePorts) {
+ site = site.replace(/:\d+$/, "");
+ if (!groups.allowed.matches(site))
+ ary.push(site);
+ }
+ }
+ }
+ res = res.concat(ary);
+ }
+
+ let seen = {};
+ return res.filter(function (h) !Set.add(seen, h));
+}
+function getObjects() {
+ let sites = noscriptOverlay.getSites();
+ let general = [], specific = [];
+ for (let group in values(sites.pluginExtras))
+ for (let obj in array.iterValues(group)) {
+ if (!obj.placeholder && (ns.isAllowedObject(obj.url, obj.mime) || obj.tag))
+ continue;
+ specific.push(obj.mime + "@" + obj.url);
+ general.push("*@" + obj.url);
+ general.push("*@" + obj.site);
+ }
+ let sites = buffer.allFrames().map(function (f) f.location.host);
+ for (let filter in values(options["noscript-objects"])) {
+ let host = util.getHost(util.split(filter, /@/, 2)[1]);
+ if (sites.some(function (s) s == host))
+ specific.push(filter);
+ }
+ let seen = {};
+ return specific.concat(general).filter(function (site) !Set.add(seen, site));
+}
+
+var onUnload = overlay.overlayObject(gBrowser, {
+ // Extend NoScript's bookmarklet handling hack to the command-line
+ // Modified from NoScript's own wrapper.
+ loadURIWithFlags: function loadURIWithFlags(url) {
+ let args = arguments;
+ function load() loadURIWithFlags.superapply(gBrowser, args);
+
+ if (!commandline.command || !util.isDactyl(Components.stack.caller))
+ return load();
+
+ try {
+ for (let [cmd, args] in commands.parseCommands(commandline.command))
+ var origURL = args.literalArg;
+
+ let isJS = function isJS(url) /^(?:data|javascript):/i.test(url);
+ let allowJS = prefs.get("noscript.allowURLBarJS", true);
+
+ if (isJS(origURL) && allowJS) {
+ if (services.noscript.executeJSURL(origURL, load))
+ return;
+ }
+ else if (url != origURL && isJS(url)) {
+ if(services.noscript.handleBookmark(url, load))
+ return;
+ }
+ }
+ catch (e) {
+ util.reportError(e);
+ }
+ return load();
+ }
+});
+
+highlight.loadCSS(<css>
+ NoScriptAllowed color: green;
+ NoScriptBlocked color: #444; font-style: italic;
+ NoScriptTemp color: blue;
+ NoScriptUntrusted color: #c00; font-style: italic;
+</css>);
+
+let groupProto = {};
+["temp", "jsPolicy", "untrusted"].forEach(function (group)
+ memoize(groupProto, group, function () services.noscript[group + "Sites"].matches(this.site)));
+let groupDesc = {
+ NoScriptTemp: "Temporarily allowed",
+ NoScriptAllowed: "Allowed permanently",
+ NoScriptUntrusted: "Untrusted",
+ NoScriptBlocked: "Blocked"
+};
+
+function splitContext(context, list) {
+ for (let [name, title, filter] in values(list)) {
+ let ctxt = context.split(name);
+ ctxt.title = [title];
+ ctxt.filters.push(filter);
+ }
+}
+
+completion.noscriptObjects = function (context) {
+ let whitelist = options.get("noscript-objects").set;
+ context = context.fork();
+ context.compare = CompletionContext.Sort.unsorted;
+ context.generate = getObjects;
+ context.keys = {
+ text: util.identity,
+ description: function (key) Set.has(whitelist, key) ? "Allowed" : "Forbidden"
+ };
+ splitContext(context, getObjects, [
+ ["forbidden", "Forbidden objects", function (item) !Set.has(whitelist, item.item)],
+ ["allowed", "Allowed objects", function (item) Set.has(whitelist, item.item)]]);
+};
+completion.noscriptSites = function (context) {
+ context.compare = CompletionContext.Sort.unsorted;
+ context.generate = getSites;
+ context.keys = {
+ text: util.identity,
+ description: function (site) groupDesc[this.highlight] +
+ (this.groups.untrusted && this.highlight != "NoScriptUntrusted" ? " (untrusted)" : ""),
+
+ highlight: function (site) this.groups.temp ? "NoScriptTemp" :
+ this.groups.jsPolicy ? "NoScriptAllowed" :
+ this.groups.untrusted ? "NoScriptUntrusted" :
+ "NoScriptBlocked",
+ groups: function (site) ({ site: site, __proto__: groupProto })
+ };
+ splitContext(context, [
+ ["normal", "Active sites", function (item) item.groups.jsPolicy || !item.groups.untrusted],
+ ["untrusted", "Untrusted sites", function (item) !item.groups.jsPolicy && item.groups.untrusted]]);
+ context.maxItems = 100;
+}
+
+services.add("noscript", "@maone.net/noscript-service;1");
+
+var PrefBase = "noscript.";
+var Pref = Struct("text", "pref", "description");
+let prefs = {
+ forbid: [
+ ["bookmarklet", "forbidBookmarklets", "Forbid bookmarklets"],
+ ["collapse", "collapseObject", "Collapse forbidden objects"],
+ ["flash", "forbidFlash", "Block Adobe® Flash® animations"],
+ ["fonts", "forbidFonts", "Forbid remote font loading"],
+ ["frame", "forbidFrames", "Block foreign <frame> elements"],
+ ["iframe", "forbidIFrames", "Block foreign <iframe> elements"],
+ ["java", "forbidJava", "Block Java™ applets"],
+ ["media", "forbidMedia", "Block <audio> and <video> elements"],
+ ["placeholder", "showPlaceholder", "Replace forbidden objects with a placeholder"],
+ ["plugins", "forbidPlugins", "Forbid other plugins"],
+ ["refresh", "forbidMetaRefresh", "Block <meta> page directions"],
+ ["silverlight", "forbidSilverlight", "Block Microsoft® Silverlight™ objects"],
+ ["trusted", "contentBlocker", "Block media and plugins even on trusted sites"],
+ ["webbug", "blockNSWB", "Block “web bug” tracking images"],
+ ["xslt", "forbidXSLT", "Forbid XSLT stylesheets"]
+ ],
+ list: [
+ ["address", "showAddress", "Show the full address (http://www.google.com)"],
+ ["base", "showBaseDomain", "Show the base domain (google.com)"],
+ ["full", "showDomain", "Show the full domain (www.google.com)"]
+ ]
+};
+for (let [k, v] in Iterator(prefs))
+ prefs[k] = array(v).map(function (v) [v[0], Pref.fromArray(v.map(UTF8))]).toObject();
+
+function getPref(pref) modules.prefs.get(PrefBase + pref);
+function setPref(pref, val) modules.prefs.set(PrefBase + pref, val);
+
+prefs.complete = function prefsComplete(group) function (context) {
+ context.keys = { text: "text", description: "description" };
+ context.completions = values(prefs[group]);
+}
+prefs.get = function prefsGet(group) [p.text for (p in values(this[group])) if (getPref(p.pref))];
+prefs.set = function prefsSet(group, val) {
+ for (let p in values(this[group]))
+ setPref(p.pref, val.indexOf(p.text) >= 0);
+ return val;
+}
+prefs.descs = function prefDescs(group) <dl>
+ { template.map(values(this[group]), function (pref)
+ <><dt>{pref.text}</dt> <dd>{pref.description}</dd></>) }
+</dl>;
+
+function groupParams(group) ( {
+ getter: function () prefs.get(group),
+ completer: prefs.complete(group),
+ setter: function (val) prefs.set(group, val),
+ initialValue: true,
+ persist: false
+});
+group.options.add(["noscript-forbid", "nsf"],
+ "The set of permissions forbidden to untrusted sites",
+ "stringlist", "",
+ groupParams("forbid"));
+group.options.add(["noscript-list", "nsl"],
+ "The set of domains to show in the menu and completion list",
+ "stringlist", "",
+ groupParams("list"));
+
+group.options.add(["script"],
+ "Whether NoScript is enabled",
+ "boolean", false,
+ {
+ getter: function () services.noscript.jsEnabled,
+ setter: function (val) services.noscript.jsEnabled = val,
+ initialValue: true,
+ persist: false
+ });
+
+[
+ {
+ names: ["noscript-sites", "nss"],
+ description: "The list of sites allowed to execute scripts",
+ action: function (add, sites) sites.length && noscriptOverlay.safeAllow(sites, add, false, -1),
+ completer: function (context) completion.noscriptSites(context),
+ has: function (val) Set.has(services.noscript.jsPolicySites.sitesMap, val) &&
+ !Set.has(services.noscript.tempSites.sitesMap, val),
+ get set() Set.subtract(
+ services.noscript.jsPolicySites.sitesMap,
+ services.noscript.tempSites.sitesMap)
+ }, {
+ names: ["noscript-tempsites", "nst"],
+ description: "The list of sites temporarily allowed to execute scripts",
+ action: function (add, sites) sites.length && noscriptOverlay.safeAllow(sites, add, true, -1),
+ completer: function (context) completion.noscriptSites(context),
+ get set() services.noscript.tempSites.sitesMap
+ }, {
+ names: ["noscript-untrusted", "nsu"],
+ description: "The list of untrusted sites",
+ action: function (add, sites) sites.length && services.noscript.setUntrusted(sites, add),
+ completer: function (context) completion.noscriptSites(context),
+ get set() services.noscript.untrustedSites.sitesMap
+ }, {
+ names: ["noscript-objects", "nso"],
+ description: "The list of allowed objects",
+ get set() Set(array.flatten(
+ [Array.concat(v).map(function (v) v + "@" + this, k)
+ for ([k, v] in Iterator(services.noscript.objectWhitelist))])),
+ action: function (add, patterns) {
+ for (let pattern in values(patterns)) {
+ let [mime, site] = util.split(pattern, /@/, 2);
+ if (add)
+ services.noscript.allowObject(site, mime);
+ else {
+ let list = services.noscript.objectWhitelist[site];
+ if (list) {
+ if (list == "*") {
+ delete services.noscript.objectWhitelist[site];
+ services.noscript.objectWhitelistLen--;
+ }
+ else {
+ let types = list.filter(function (type) type != mime);
+ services.noscript.objectWhitelistLen -= list.length - types.length;
+ services.noscript.objectWhitelist[site] = types;
+ if (!types.length)
+ delete services.noscript.objectWhitelist[site];
+ }
+ }
+ }
+ }
+ if (add)
+ services.noscript.reloadAllowedObjects(config.browser.selectedBrowser);
+ },
+ completer: function (context) completion.noscriptObjects(context)
+ }
+].forEach(function (params)
+ group.options.add(params.names, params.description,
+ "stringlist", "",
+ {
+ completer: function (context) {
+ context.anchored = false;
+ if (params.completer)
+ params.completer(context)
+ },
+ domains: params.domains || function (values) values,
+ has: params.has || function (val) Set.has(params.set, val),
+ initialValue: true,
+ getter: params.getter || function () Object.keys(params.set),
+ setter: function (values) {
+ let newset = Set(values);
+ let current = params.set;
+ let value = this.value;
+ params.action(true, values.filter(function (site) !Set.has(current, site)))
+ params.action(false, value.filter(function (site) !Set.has(newset, site)));
+ return this.value;
+ },
+ persist: false,
+ privateData: true,
+ validator: params.validator || function () true
+ }));
+
+XML.ignoreWhitespace = false;
+XML.prettyPrinting = false;
+var INFO =
+<plugin name="noscript" version="0.8"
+ href="http://dactyl.sf.net/pentadactyl/plugins#noscript-plugin"
+ summary="NoScript integration"
+ xmlns={NS}>
+ <author email="maglione.k@gmail.com">Kris Maglione</author>
+ <license href="http://opensource.org/licenses/mit-license.php">MIT</license>
+ <project name="Pentadactyl" min-version="1.0"/>
+ <p>
+ This plugin provides tight integration with the NoScript add-on.
+ In addition to commands and options to control the behavior of
+ NoScript, this plugin also provides integration with both the
+ {config.appName} and {config.host} sanitization systems sorely
+ lacking in the add-on itself. Namely, when data for a domain is
+ purged, all of its associated NoScript permissions are purged as
+ well, and temporary permissions are purged along with session
+ data.
+ </p>
+ <note>
+ As most options provided by this script directly alter NoScript
+ preferences, which are persistent, their values are automatically
+ preserved across restarts.
+ </note>
+ <item>
+ <tags>'script' 'noscript'</tags>
+ <strut/>
+ <spec>'script'</spec>
+ <type>boolean</type> <default>noscript</default>
+ <description>
+ <p>
+ When on, all sites are allowed to execute scripts and
+ load plugins. When off, only specifically allowed sites
+ may do so.
+ </p>
+ </description>
+ </item>
+ <item>
+ <tags>'nsf' 'noscript-forbid'</tags>
+ <spec>'noscript-forbid'</spec>
+ <type>stringlist</type> <default></default>
+ <description>
+ <p>
+ The set of permissions forbidden to untrusted sites.
+ </p>
+ { prefs.descs("forbid") }
+ <p>See also <o>noscript-objects</o>.</p>
+ </description>
+ </item>
+ <item>
+ <tags>'nsl' 'noscript-list'</tags>
+ <spec>'noscript-list'</spec>
+ <type>stringlist</type> <default></default>
+ <description>
+ <p>
+ The set of items to show in the main completion list and
+ NoScript menu.
+ </p>
+ { prefs.descs("list") }
+ </description>
+ </item>
+ <item>
+ <tags>'nso' 'noscript-objects'</tags>
+ <spec>'noscript-objects'</spec>
+ <type>stringlist</type> <default></default>
+ <description>
+ <p>
+ The list of objects which allowed to display. See also
+ <o>noscript-forbid</o>.
+ </p>
+ <example><ex>:map <k name="A-c" link="false"/></ex> <ex>:set nso!=<k name="A-Tab" link="c_&lt;A-Tab>"/></ex></example>
+ </description>
+ </item>
+ <item>
+ <tags>'nss' 'noscript-sites'</tags>
+ <spec>'noscript-sites'</spec>
+ <type>stringlist</type> <default></default>
+ <description>
+ <p>
+ The list of sites which are permanently allowed to execute
+ scripts.
+ </p>
+ <example><ex>:map <k name="A-s" link="false"/></ex> <ex>:set nss!=<k name="A-Tab" link="c_&lt;A-Tab>"/></ex></example>
+ </description>
+ </item>
+ <item>
+ <tags>'nst' 'noscript-tempsites'</tags>
+ <spec>'noscript-tempsites'</spec>
+ <type>stringlist</type> <default></default>
+ <description>
+ <p>
+ The list of sites which are temporarily allowed to execute
+ scripts. The value is not preserved across application
+ restarts.
+ </p>
+ <example><ex>:map <k name="A-S-s" link="false"/></ex> <ex>:set nst!=<k name="A-Tab" link="c_&lt;A-Tab>"/></ex></example>
+ </description>
+ </item>
+ <item>
+ <tags>'nsu' 'noscript-untrusted'</tags>
+ <spec>'noscript-untrusted'</spec>
+ <type>stringlist</type> <default></default>
+ <description>
+ <p>
+ The list of untrusted sites which are not allowed to activate,
+ nor are listed in the main completion lists or NoScript menu.
+ </p>
+ <example><ex>:map <k name="A-C-s" link="false"/></ex> <ex>:set nsu!=<k name="A-Tab" link="c_&lt;A-Tab>"/></ex></example>
+ </description>
+ </item>
+</plugin>;
+
+/* vim:se sts=4 sw=4 et: */