|
|
|
@ -19,6 +19,8 @@ |
|
|
|
Home: https://github.com/gorhill/uMatrix
|
|
|
|
*/ |
|
|
|
|
|
|
|
/* global µMatrix */ |
|
|
|
|
|
|
|
// rhill 2013-12-14: the whole cookie management has been rewritten so as
|
|
|
|
// to avoid having to call chrome API whenever a single cookie changes, and
|
|
|
|
// to record cookie for a web page *only* when its value changes.
|
|
|
|
@ -35,6 +37,8 @@ |
|
|
|
|
|
|
|
/******************************************************************************/ |
|
|
|
|
|
|
|
var µm = µMatrix; |
|
|
|
|
|
|
|
var recordPageCookiesQueue = {}; |
|
|
|
var removePageCookiesQueue = {}; |
|
|
|
var removeCookieQueue = {}; |
|
|
|
@ -51,21 +55,24 @@ CookieEntry.prototype.set = function(cookie) { |
|
|
|
this.secure = cookie.secure; |
|
|
|
this.session = cookie.session; |
|
|
|
this.anySubdomain = cookie.domain.charAt(0) === '.'; |
|
|
|
this.domain = this.anySubdomain ? cookie.domain.slice(1) : cookie.domain; |
|
|
|
this.hostname = this.anySubdomain ? cookie.domain.slice(1) : cookie.domain; |
|
|
|
this.domain = µm.URI.domainFromHostname(this.hostname) || this.hostname; |
|
|
|
this.path = cookie.path; |
|
|
|
this.name = cookie.name; |
|
|
|
this.value = cookie.value; |
|
|
|
this.tstamp = Date.now(); |
|
|
|
this.usedOn = {}; |
|
|
|
return this; |
|
|
|
}; |
|
|
|
|
|
|
|
// Release anything which may consume too much memory
|
|
|
|
|
|
|
|
CookieEntry.prototype.unset = function() { |
|
|
|
this.domain = ''; |
|
|
|
this.hostname = ''; |
|
|
|
this.path = ''; |
|
|
|
this.name = ''; |
|
|
|
this.value = ''; |
|
|
|
this.usedOn = {}; |
|
|
|
return this; |
|
|
|
}; |
|
|
|
|
|
|
|
@ -134,7 +141,7 @@ var cookieKeyFromCookie = function(cookie) { |
|
|
|
}; |
|
|
|
|
|
|
|
var cookieKeyFromCookieURL = function(url, type, name) { |
|
|
|
var µmuri = µMatrix.URI.set(url); |
|
|
|
var µmuri = µm.URI.set(url); |
|
|
|
var cb = cookieKeyBuilder; |
|
|
|
cb[0] = µmuri.scheme; |
|
|
|
cb[2] = µmuri.hostname; |
|
|
|
@ -156,21 +163,21 @@ var cookieURLFromCookieEntry = function(entry) { |
|
|
|
if ( !entry ) { |
|
|
|
return ''; |
|
|
|
} |
|
|
|
return (entry.secure ? 'https://' : 'http://') + entry.domain + entry.path; |
|
|
|
return (entry.secure ? 'https://' : 'http://') + entry.hostname + entry.path; |
|
|
|
}; |
|
|
|
|
|
|
|
/******************************************************************************/ |
|
|
|
|
|
|
|
var cookieMatchDomains = function(cookieKey, domains) { |
|
|
|
var cookieMatchDomains = function(cookieKey, allHostnamesString) { |
|
|
|
var cookieEntry = cookieDict[cookieKey]; |
|
|
|
if ( !cookieEntry ) { |
|
|
|
return false; |
|
|
|
} |
|
|
|
if ( domains.indexOf(' ' + cookieEntry.domain + ' ') < 0 ) { |
|
|
|
if ( allHostnamesString.indexOf(' ' + cookieEntry.hostname + ' ') < 0 ) { |
|
|
|
if ( !cookieEntry.anySubdomain ) { |
|
|
|
return false; |
|
|
|
} |
|
|
|
if ( domains.indexOf('.' + cookieEntry.domain + ' ') < 0 ) { |
|
|
|
if ( allHostnamesString.indexOf('.' + cookieEntry.hostname + ' ') < 0 ) { |
|
|
|
return false; |
|
|
|
} |
|
|
|
} |
|
|
|
@ -189,9 +196,9 @@ var recordPageCookiesAsync = function(pageStats) { |
|
|
|
if ( !pageStats ) { |
|
|
|
return; |
|
|
|
} |
|
|
|
var pageURL = µMatrix.pageUrlFromPageStats(pageStats); |
|
|
|
var pageURL = µm.pageUrlFromPageStats(pageStats); |
|
|
|
recordPageCookiesQueue[pageURL] = pageStats; |
|
|
|
µMatrix.asyncJobs.add( |
|
|
|
µm.asyncJobs.add( |
|
|
|
'cookieHunterPageRecord', |
|
|
|
null, |
|
|
|
processPageRecordQueue, |
|
|
|
@ -211,11 +218,9 @@ var cookieLogEntryBuilder = [ |
|
|
|
'}' |
|
|
|
]; |
|
|
|
|
|
|
|
var recordPageCookie = function(pageStats, cookieKey) { |
|
|
|
var µm = µMatrix; |
|
|
|
var recordPageCookie = function(pageStore, cookieKey) { |
|
|
|
var cookieEntry = cookieDict[cookieKey]; |
|
|
|
var pageURL = pageStats.pageUrl; |
|
|
|
var block = µm.mustBlock(µm.scopeFromURL(pageURL), cookieEntry.domain, 'cookie'); |
|
|
|
var block = µm.mustBlock(pageStore.pageHostname, cookieEntry.hostname, 'cookie'); |
|
|
|
|
|
|
|
cookieLogEntryBuilder[0] = cookieURLFromCookieEntry(cookieEntry); |
|
|
|
cookieLogEntryBuilder[2] = cookieEntry.session ? 'session' : 'persistent'; |
|
|
|
@ -224,12 +229,14 @@ var recordPageCookie = function(pageStats, cookieKey) { |
|
|
|
// rhill 2013-11-20:
|
|
|
|
// https://github.com/gorhill/httpswitchboard/issues/60
|
|
|
|
// Need to URL-encode cookie name
|
|
|
|
pageStats.recordRequest( |
|
|
|
pageStore.recordRequest( |
|
|
|
'cookie', |
|
|
|
cookieLogEntryBuilder.join(''), |
|
|
|
block |
|
|
|
); |
|
|
|
|
|
|
|
cookieEntry.usedOn[pageStore.pageHostname] = true; |
|
|
|
|
|
|
|
// rhill 2013-11-21:
|
|
|
|
// https://github.com/gorhill/httpswitchboard/issues/65
|
|
|
|
// Leave alone cookies from behind-the-scene requests if
|
|
|
|
@ -255,9 +262,9 @@ var removePageCookiesAsync = function(pageStats) { |
|
|
|
if ( !pageStats ) { |
|
|
|
return; |
|
|
|
} |
|
|
|
var pageURL = µMatrix.pageUrlFromPageStats(pageStats); |
|
|
|
var pageURL = µm.pageUrlFromPageStats(pageStats); |
|
|
|
removePageCookiesQueue[pageURL] = pageStats; |
|
|
|
µMatrix.asyncJobs.add( |
|
|
|
µm.asyncJobs.add( |
|
|
|
'cookieHunterPageRemove', |
|
|
|
null, |
|
|
|
processPageRemoveQueue, |
|
|
|
@ -284,12 +291,12 @@ var chromeCookieRemove = function(url, name) { |
|
|
|
} |
|
|
|
var cookieKey = cookieKeyFromCookieURL(details.url, 'session', details.name); |
|
|
|
if ( removeCookieFromDict(cookieKey) ) { |
|
|
|
µMatrix.cookieRemovedCounter += 1; |
|
|
|
µm.cookieRemovedCounter += 1; |
|
|
|
return; |
|
|
|
} |
|
|
|
cookieKey = cookieKeyFromCookieURL(details.url, 'persistent', details.name); |
|
|
|
if ( removeCookieFromDict(cookieKey) ) { |
|
|
|
µMatrix.cookieRemovedCounter += 1; |
|
|
|
µm.cookieRemovedCounter += 1; |
|
|
|
} |
|
|
|
}; |
|
|
|
|
|
|
|
@ -325,7 +332,7 @@ var processPageRemoveQueue = function() { |
|
|
|
// Effectively remove cookies.
|
|
|
|
|
|
|
|
var processRemoveQueue = function() { |
|
|
|
var userSettings = µMatrix.userSettings; |
|
|
|
var userSettings = µm.userSettings; |
|
|
|
var deleteCookies = userSettings.deleteCookies; |
|
|
|
|
|
|
|
// Session cookies which timestamp is *after* tstampObsolete will
|
|
|
|
@ -335,7 +342,9 @@ var processRemoveQueue = function() { |
|
|
|
Date.now() - userSettings.deleteUnusedSessionCookiesAfter * 60 * 1000 : |
|
|
|
0; |
|
|
|
|
|
|
|
var srcHostnames; |
|
|
|
var cookieEntry; |
|
|
|
|
|
|
|
for ( var cookieKey in removeCookieQueue ) { |
|
|
|
if ( removeCookieQueue.hasOwnProperty(cookieKey) === false ) { |
|
|
|
continue; |
|
|
|
@ -348,7 +357,7 @@ var processRemoveQueue = function() { |
|
|
|
// investigate how (A session cookie has same name as a
|
|
|
|
// persistent cookie?)
|
|
|
|
if ( !cookieEntry ) { |
|
|
|
console.error('HTTP Switchboard> cookies.js/processRemoveQueue(): no cookieEntry for "%s"', cookieKey); |
|
|
|
// console.error('cookies.js > processRemoveQueue(): no cookieEntry for "%s"', cookieKey);
|
|
|
|
continue; |
|
|
|
} |
|
|
|
|
|
|
|
@ -357,10 +366,15 @@ var processRemoveQueue = function() { |
|
|
|
continue; |
|
|
|
} |
|
|
|
|
|
|
|
// Query scopes only if we are going to use them
|
|
|
|
if ( srcHostnames === undefined ) { |
|
|
|
srcHostnames = µm.tMatrix.extractAllSourceHostnames(); |
|
|
|
} |
|
|
|
|
|
|
|
// Ensure cookie is not allowed on ALL current web pages: It can
|
|
|
|
// happen that a cookie is blacklisted on one web page while
|
|
|
|
// being whitelisted on another (because of per-page permissions).
|
|
|
|
if ( canRemoveCookie(cookieKey) === false ) { |
|
|
|
if ( canRemoveCookie(cookieKey, srcHostnames) === false ) { |
|
|
|
// Exception: session cookie may have to be removed even though
|
|
|
|
// they are seen as being whitelisted.
|
|
|
|
if ( cookieEntry.session === false || cookieEntry.tstamp > tstampObsolete ) { |
|
|
|
@ -373,7 +387,7 @@ var processRemoveQueue = function() { |
|
|
|
continue; |
|
|
|
} |
|
|
|
|
|
|
|
console.debug('µMatrix> cookies.js/processRemoveQueue(): removing "%s" (age=%s min)', cookieKey, ((Date.now() - cookieEntry.tstamp) / 60000).toFixed(1)); |
|
|
|
// console.debug('cookies.js > processRemoveQueue(): removing "%s" (age=%s min)', cookieKey, ((Date.now() - cookieEntry.tstamp) / 60000).toFixed(1));
|
|
|
|
chromeCookieRemove(url, cookieEntry.name); |
|
|
|
} |
|
|
|
}; |
|
|
|
@ -399,12 +413,11 @@ var processClean = function() { |
|
|
|
/******************************************************************************/ |
|
|
|
|
|
|
|
var findAndRecordPageCookies = function(pageStats) { |
|
|
|
var domains = ' ' + Object.keys(pageStats.domains).join(' ') + ' '; |
|
|
|
for ( var cookieKey in cookieDict ) { |
|
|
|
if ( !cookieDict.hasOwnProperty(cookieKey) ) { |
|
|
|
continue; |
|
|
|
} |
|
|
|
if ( !cookieMatchDomains(cookieKey, domains) ) { |
|
|
|
if ( cookieMatchDomains(cookieKey, pageStats.allHostnamesString) === false ) { |
|
|
|
continue; |
|
|
|
} |
|
|
|
recordPageCookie(pageStats, cookieKey); |
|
|
|
@ -414,12 +427,11 @@ var findAndRecordPageCookies = function(pageStats) { |
|
|
|
/******************************************************************************/ |
|
|
|
|
|
|
|
var findAndRemovePageCookies = function(pageStats) { |
|
|
|
var domains = ' ' + Object.keys(pageStats.domains).join(' ') + ' '; |
|
|
|
for ( var cookieKey in cookieDict ) { |
|
|
|
if ( !cookieDict.hasOwnProperty(cookieKey, domains) ) { |
|
|
|
if ( !cookieDict.hasOwnProperty(cookieKey) ) { |
|
|
|
continue; |
|
|
|
} |
|
|
|
if ( !cookieMatchDomains(cookieKey, domains) ) { |
|
|
|
if ( !cookieMatchDomains(cookieKey, pageStats.allHostnamesString) ) { |
|
|
|
continue; |
|
|
|
} |
|
|
|
removeCookieAsync(cookieKey); |
|
|
|
@ -428,69 +440,44 @@ var findAndRemovePageCookies = function(pageStats) { |
|
|
|
|
|
|
|
/******************************************************************************/ |
|
|
|
|
|
|
|
// Check all scopes to ensure none of them fulfill the following
|
|
|
|
// conditions:
|
|
|
|
// - The hostname of the target cookie matches the hostname of the scope
|
|
|
|
// - The target cookie is allowed in the scope
|
|
|
|
// Check all pages to ensure none of them fulfill both following
|
|
|
|
// conditions:
|
|
|
|
// - refers to the target cookie
|
|
|
|
// - the target cookie is is allowed
|
|
|
|
// If one of the above set of conditions is fulfilled at least once,
|
|
|
|
// the cookie can NOT be removed.
|
|
|
|
// TODO: cache the joining of hostnames into a single string for search
|
|
|
|
// purpose.
|
|
|
|
|
|
|
|
var canRemoveCookie = function(cookieKey) { |
|
|
|
var entry = cookieDict[cookieKey]; |
|
|
|
if ( !entry ) { |
|
|
|
var canRemoveCookie = function(cookieKey, srcHostnames) { |
|
|
|
var cookieEntry = cookieDict[cookieKey]; |
|
|
|
if ( !cookieEntry ) { |
|
|
|
return false; |
|
|
|
} |
|
|
|
var µm = µMatrix; |
|
|
|
var cookieHostname = entry.domain; |
|
|
|
var cookieDomain = µm.URI.domainFromHostname(cookieHostname); |
|
|
|
|
|
|
|
// rhill 2014-01-11: Do not delete cookies which are whitelisted
|
|
|
|
// in at least one scope. Limitation: this can be done only
|
|
|
|
// for cookies which domain matches domain of scope. This is
|
|
|
|
// because a scope with whitelist *|* would cause all cookies to not
|
|
|
|
// be removable.
|
|
|
|
// https://github.com/gorhill/httpswitchboard/issues/126
|
|
|
|
var srcHostnames = µm.tMatrix.extractAllSourceHostnames(); |
|
|
|
var i = srcHostnames.length; |
|
|
|
var cookieHostname = cookieEntry.hostname; |
|
|
|
var srcHostname; |
|
|
|
while ( i-- ) { |
|
|
|
// Cookie related to scope domain?
|
|
|
|
srcHostname = µm.URI.domainFromHostname(srcHostnames[i]); |
|
|
|
if ( srcHostname === '' || srcHostname !== cookieDomain ) { |
|
|
|
|
|
|
|
for ( srcHostname in cookieEntry.usedOn ) { |
|
|
|
if ( cookieEntry.usedOn.hasOwnProperty(srcHostname) === false ) { |
|
|
|
continue; |
|
|
|
} |
|
|
|
if ( µm.mustBlock(srcHostname, cookieHostname, 'cookie') === false ) { |
|
|
|
// console.log('cookies.js/canRemoveCookie()> can NOT remove "%s" because of scope "%s"', cookieKey, scopeKey);
|
|
|
|
if ( µm.mustAllow(srcHostname, cookieHostname, 'cookie') ) { |
|
|
|
return false; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
// If we reach this point, we will check whether the cookie is actually
|
|
|
|
// in use for a currently opened web page. This is necessary to
|
|
|
|
// prevent the deletion of 3rd-party cookies which might be whitelisted
|
|
|
|
// for a currently opened web page.
|
|
|
|
var pageStats = µm.pageStats; |
|
|
|
for ( var pageURL in pageStats ) { |
|
|
|
if ( pageStats.hasOwnProperty(pageURL) === false ) { |
|
|
|
continue; |
|
|
|
// Maybe there is a scope in which the cookie is 1st-party-allowed.
|
|
|
|
// For example, if I am logged in into `github.com`, I do not want to be
|
|
|
|
// logged out just because I did not yet open a `github.com` page after
|
|
|
|
// re-starting the browser.
|
|
|
|
srcHostname = cookieHostname; |
|
|
|
var pos; |
|
|
|
for (;;) { |
|
|
|
if ( srcHostnames.hasOwnProperty(srcHostname) ) { |
|
|
|
if ( µm.mustAllow(srcHostname, cookieHostname, 'cookie') ) { |
|
|
|
return false; |
|
|
|
} |
|
|
|
} |
|
|
|
if ( !cookieMatchDomains(cookieKey, ' ' + Object.keys(pageStats[pageURL].domains).join(' ') + ' ') ) { |
|
|
|
continue; |
|
|
|
if ( srcHostname === cookieEntry.domain ) { |
|
|
|
break; |
|
|
|
} |
|
|
|
if ( µm.mustAllow(µm.scopeFromURL(pageURL), cookieHostname, 'cookie') ) { |
|
|
|
// console.log('cookies.js/canRemoveCookie()> can NOT remove "%s" because of scope "%s"', cookieKey, scopeKey);
|
|
|
|
return false; |
|
|
|
pos = srcHostname.indexOf('.'); |
|
|
|
if ( pos === -1 ) { |
|
|
|
break; |
|
|
|
} |
|
|
|
srcHostname = srcHostname.slice(pos + 1); |
|
|
|
} |
|
|
|
|
|
|
|
// console.log('cookies.js/canRemoveCookie()> can remove "%s"', cookieKey);
|
|
|
|
return true; |
|
|
|
return true; |
|
|
|
}; |
|
|
|
|
|
|
|
/******************************************************************************/ |
|
|
|
@ -520,17 +507,17 @@ var onChromeCookieChanged = function(changeInfo) { |
|
|
|
|
|
|
|
// Go through all pages and update if needed, as one cookie can be used
|
|
|
|
// by many web pages, so they need to be recorded for all these pages.
|
|
|
|
var allPageStats = µMatrix.pageStats; |
|
|
|
var pageStats; |
|
|
|
for ( var pageURL in allPageStats ) { |
|
|
|
if ( !allPageStats.hasOwnProperty(pageURL) ) { |
|
|
|
var pageStores = µm.pageStats; |
|
|
|
var pageStore; |
|
|
|
for ( var pageURL in pageStores ) { |
|
|
|
if ( pageStores.hasOwnProperty(pageURL) === false ) { |
|
|
|
continue; |
|
|
|
} |
|
|
|
pageStats = allPageStats[pageURL]; |
|
|
|
if ( !cookieMatchDomains(cookieKey, ' ' + Object.keys(pageStats.domains).join(' ') + ' ') ) { |
|
|
|
pageStore = pageStores[pageURL]; |
|
|
|
if ( !cookieMatchDomains(cookieKey, pageStore.allHostnamesString) ) { |
|
|
|
continue; |
|
|
|
} |
|
|
|
recordPageCookie(pageStats, cookieKey); |
|
|
|
recordPageCookie(pageStore, cookieKey); |
|
|
|
} |
|
|
|
}; |
|
|
|
|
|
|
|
@ -539,8 +526,8 @@ var onChromeCookieChanged = function(changeInfo) { |
|
|
|
chrome.cookies.getAll({}, addCookiesToDict); |
|
|
|
chrome.cookies.onChanged.addListener(onChromeCookieChanged); |
|
|
|
|
|
|
|
// µMatrix.asyncJobs.add('cookieHunterRemove', null, processRemoveQueue, 2 * 60 * 1000, true);
|
|
|
|
// µMatrix.asyncJobs.add('cookieHunterClean', null, processClean, 10 * 60 * 1000, true);
|
|
|
|
µm.asyncJobs.add('cookieHunterRemove', null, processRemoveQueue, 2 * 60 * 1000, true); |
|
|
|
µm.asyncJobs.add('cookieHunterClean', null, processClean, 10 * 60 * 1000, true); |
|
|
|
|
|
|
|
/******************************************************************************/ |
|
|
|
|
|
|
|
|
gorhill
10 years ago