Skip to content

Commit

Permalink
Merge pull request #323 from brave/quoted-args
Browse files Browse the repository at this point in the history 
Support quoted scriptlet arguments
  • Loading branch information
@antonok-edm
antonok-edm authored Nov 7, 2023
2 parents 949a6e1 + 6ff6a52 commit dd49b9b
Show file tree
Hide file tree
Showing 4 changed files with 326 additions and 50 deletions.
35 changes: 35 additions & 0 deletions src/engine.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -853,4 +853,39 @@ mod tests {
assert_eq!(engine.url_cosmetic_resources("https://sub8.example.com").injected_script, wrap_try("trusted-set-cookie"));
assert_eq!(engine.url_cosmetic_resources("https://sub9.example.com").injected_script, wrap_try("brave-fix"));
}

#[test]
fn quoted_scriptlet_args() {
use crate::resources::{MimeType, ResourceType};

let resources = [
Resource {
name: "trusted-set-local-storage-item.js".into(),
aliases: vec![],
kind: ResourceType::Mime(MimeType::ApplicationJavascript),
content: base64::encode("function trustedSetLocalStorageItem(key = '', value = '') { setLocalStorageItemFn('local', true, key, value); }"),
dependencies: vec![],
permission: Default::default(),
},
];

let mut filter_set = FilterSet::new(false);
filter_set.add_filters([
r#"dailymail.co.uk##+js(trusted-set-local-storage-item, mol.ads.cmp.tcf.cache, '{"getTCData":{"cmpId":27,"cmpVersion":3,"gdprApplies":true,"tcfPolicyVersion":2,"tcString":"CPyz5QAPyz5QAAbADCENC6CgAAAAAAAAAAwIAAASjAJINW4gCLMscGaQEIoEAIgjCQggUAAFAILRAQAODgp2VgE6MIkAAAUARABAhwAQAQCAAASABCAAJAAwQAAAiAQAAAAQCAAAMCAILACgAAAABANAhRCgAECQAyIAIpTAgKgSCAFsKAAADJCQCAKgMAKARGgEACIIARGAAACwMAgBICFggABMQbBAAMACAESoBoCTEwBACDQFgBkADLAGzAPsA_ACAAEFAIwASYAp8BaAFpAOqAfIBDoCJgEiAKRAXIAyMBk4DlAI_gSKEQEwBkADLAGzAPsA_ACAAEYAJMAU8A6oB8gEOgJEAUiAuQBkYDJwHKAR_AkU.f_gAAagAAAAA","eventStatus":"useractioncomplete","cmpStatus":"loaded","isServiceSpecific":true,"useNonStandardStacks":false,"publisherCC":"GB","purposeOneTreatment":false,"addtlConsent":"1~","acmVersion":2,"molGvlVersion":"186.gb.web","nrvString":"1~","nrvVersion":1,"repromptVersion":5},"getStoredRepromptVersion":5,"hasUserConsentedToAll":false,"hasUserDissentedToAll":true,"getConsentDegree":"no","getValidTCData":{"cmpId":27,"cmpVersion":3,"gdprApplies":true,"tcfPolicyVersion":2,"tcString":"CPyz5QAPyz5QAAbADCENC6CgAAAAAAAAAAwIAAASjAJINW4gCLMscGaQEIoEAIgjCQggUAAFAILRAQAODgp2VgE6MIkAAAUARABAhwAQAQCAAASABCAAJAAwQAAAiAQAAAAQCAAAMCAILACgAAAABANAhRCgAECQAyIAIpTAgKgSCAFsKAAADJCQCAKgMAKARGgEACIIARGAAACwMAgBICFggABMQbBAAMACAESoBoCTEwBACDQFgBkADLAGzAPsA_ACAAEFAIwASYAp8BaAFpAOqAfIBDoCJgEiAKRAXIAyMBk4DlAI_gSKEQEwBkADLAGzAPsA_ACAAEYAJMAU8A6oB8gEOgJEAUiAuQBkYDJwHKAR_AkU.f_gAAagAAAAA","listenerId":1,"eventStatus":"useractioncomplete","cmpStatus":"loaded","isServiceSpecific":true,"useNonStandardStacks":false,"publisherCC":"GB","purposeOneTreatment":false,"addtlConsent":"1~","acmVersion":2,"molGvlVersion":"186.gb.web","nrvString":"1~","nrvVersion":1,"repromptVersion":5}}')"#,
// invalid - unclosed quoted arg
r#"example.com##+js(trusted-set-local-storage-item, "test)"#,
// invalid - closing quote does not surround the argument
r#"example.com##+js(trusted-set-local-storage-item, "test"test, 3)"#,
], Default::default());

let mut engine = Engine::from_filter_set(filter_set, true);
engine.use_resources(resources);

assert_eq!(engine.url_cosmetic_resources("https://dailymail.co.uk").injected_script, r#"try {
(function trustedSetLocalStorageItem(key = '', value = '') { setLocalStorageItemFn('local', true, key, value); })("mol.ads.cmp.tcf.cache", "{\"getTCData\":{\"cmpId\":27,\"cmpVersion\":3,\"gdprApplies\":true,\"tcfPolicyVersion\":2,\"tcString\":\"CPyz5QAPyz5QAAbADCENC6CgAAAAAAAAAAwIAAASjAJINW4gCLMscGaQEIoEAIgjCQggUAAFAILRAQAODgp2VgE6MIkAAAUARABAhwAQAQCAAASABCAAJAAwQAAAiAQAAAAQCAAAMCAILACgAAAABANAhRCgAECQAyIAIpTAgKgSCAFsKAAADJCQCAKgMAKARGgEACIIARGAAACwMAgBICFggABMQbBAAMACAESoBoCTEwBACDQFgBkADLAGzAPsA_ACAAEFAIwASYAp8BaAFpAOqAfIBDoCJgEiAKRAXIAyMBk4DlAI_gSKEQEwBkADLAGzAPsA_ACAAEYAJMAU8A6oB8gEOgJEAUiAuQBkYDJwHKAR_AkU.f_gAAagAAAAA\",\"eventStatus\":\"useractioncomplete\",\"cmpStatus\":\"loaded\",\"isServiceSpecific\":true,\"useNonStandardStacks\":false,\"publisherCC\":\"GB\",\"purposeOneTreatment\":false,\"addtlConsent\":\"1~\",\"acmVersion\":2,\"molGvlVersion\":\"186.gb.web\",\"nrvString\":\"1~\",\"nrvVersion\":1,\"repromptVersion\":5},\"getStoredRepromptVersion\":5,\"hasUserConsentedToAll\":false,\"hasUserDissentedToAll\":true,\"getConsentDegree\":\"no\",\"getValidTCData\":{\"cmpId\":27,\"cmpVersion\":3,\"gdprApplies\":true,\"tcfPolicyVersion\":2,\"tcString\":\"CPyz5QAPyz5QAAbADCENC6CgAAAAAAAAAAwIAAASjAJINW4gCLMscGaQEIoEAIgjCQggUAAFAILRAQAODgp2VgE6MIkAAAUARABAhwAQAQCAAASABCAAJAAwQAAAiAQAAAAQCAAAMCAILACgAAAABANAhRCgAECQAyIAIpTAgKgSCAFsKAAADJCQCAKgMAKARGgEACIIARGAAACwMAgBICFggABMQbBAAMACAESoBoCTEwBACDQFgBkADLAGzAPsA_ACAAEFAIwASYAp8BaAFpAOqAfIBDoCJgEiAKRAXIAyMBk4DlAI_gSKEQEwBkADLAGzAPsA_ACAAEYAJMAU8A6oB8gEOgJEAUiAuQBkYDJwHKAR_AkU.f_gAAagAAAAA\",\"listenerId\":1,\"eventStatus\":\"useractioncomplete\",\"cmpStatus\":\"loaded\",\"isServiceSpecific\":true,\"useNonStandardStacks\":false,\"publisherCC\":\"GB\",\"purposeOneTreatment\":false,\"addtlConsent\":\"1~\",\"acmVersion\":2,\"molGvlVersion\":\"186.gb.web\",\"nrvString\":\"1~\",\"nrvVersion\":1,\"repromptVersion\":5}}")
} catch ( e ) { }
"#.to_owned());

assert_eq!(engine.url_cosmetic_resources("https://example.com").injected_script, "");
}
}
6 changes: 6 additions & 0 deletions src/filters/cosmetic.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,8 @@ pub enum CosmeticFilterError {
EmptyRule,
#[error("html filtering is unsupported")]
HtmlFilteringUnsupported,
#[error("scriptlet args could not be parsed")]
InvalidScriptletArgs,
}

/// Refer to <https://github.com/uBlockOrigin/uBlock-issues/wiki/Static-filter-syntax#action-operators>
Expand Down Expand Up @@ -349,6 +351,10 @@ impl CosmeticFilter {
if sharp_index == 0 {
return Err(CosmeticFilterError::GenericScriptInject);
}
let args = &line[suffix_start_index + 4..line.len() - 1];
if crate::resources::parse_scriptlet_args(args).is_none() {
return Err(CosmeticFilterError::InvalidScriptletArgs);
}
mask |= CosmeticFilterMask::SCRIPT_INJECT;
(
String::from(&line[suffix_start_index + 4..line.len() - 1]),
Expand Down
1 change: 1 addition & 0 deletions src/resources/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ pub mod resource_assembler;
mod resource_storage;
#[doc(inline)]
pub use resource_storage::{AddResourceError, ResourceStorage, ScriptletResourceError};
pub(crate) use resource_storage::parse_scriptlet_args;

use memchr::memrchr as find_char_reverse;
use serde::{Deserialize, Serialize};
Expand Down
Loading

0 comments on commit dd49b9b

Please sign in to comment.