Skip to content

Commit

Permalink
Merge pull request #45 from brave/shields/169
Browse files Browse the repository at this point in the history 
disable shields for any protocol other than http or https
  • Loading branch information
@bbondy
bbondy authored Jul 6, 2018
2 parents 3ae54d8 + 4e1ecda commit d4d5857
Show file tree
Hide file tree
Showing 9 changed files with 138 additions and 7 deletions.
5 changes: 3 additions & 2 deletions app/background/api/browserActionAPI.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
* You can obtain one at http://mozilla.org/MPL/2.0/. */

import { isHttpOrHttps } from '../../helpers/urlUtils'

/**
* Sets the badge text
* @param {string} text - The text to put on the badge
Expand All @@ -18,11 +20,10 @@ export const setBadgeText = (text: string) => {
export const setIcon = (url: string, tabId: number, shieldsOn: boolean) => {
const shieldsEnabledIcon = 'img/icon-16.png'
const shieldsDisabledIcon = 'img/icon-16-disabled.png'
const isHttpOrHttps = url && /^http/.test(url)

if (chrome.browserAction) {
chrome.browserAction.setIcon({
path: shieldsOn && isHttpOrHttps ? shieldsEnabledIcon : shieldsDisabledIcon,
path: shieldsOn && isHttpOrHttps(url) ? shieldsEnabledIcon : shieldsDisabledIcon,
tabId
})
}
Expand Down
4 changes: 3 additions & 1 deletion app/background/api/shieldsAPI.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
import { Tab } from '../../types/state/shieldsPannelState'
import { BlockOptions } from '../../types/other/blockTypes'
import * as resourceIdentifiers from '../../constants/resourceIdentifiers'
import { isHttpOrHttps } from '../../helpers/urlUtils'

/**
* Obtains the shields panel data for the specified tab data
Expand Down Expand Up @@ -33,12 +34,13 @@ export const getShieldSettingsForTabData = (tabData?: chrome.tabs.Tab) => {
]).then((details) => {
const fingerprinting = details[5].setting !== details[6].setting ? 'block_third_party' : details[5].setting
const cookies = details[7].setting !== details[8].setting ? 'block_third_party' : details[7].setting
const braveShields = isHttpOrHttps(origin) ? details[0].setting : 'block'
return {
url: url.href,
origin,
hostname,
id: tabData.id,
braveShields: details[0].setting,
braveShields,
ads: details[1].setting,
trackers: details[2].setting,
httpUpgradableResources: details[3].setting,
Expand Down
1 change: 1 addition & 0 deletions app/components/braveShields/braveShields.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@ export default class BraveShields extends React.Component<BraveShieldsProps, {}>
braveShields={shieldsPanelTabData.braveShields}
shieldsToggled={actions.shieldsToggled}
hostname={shieldsPanelTabData.hostname}
origin={shieldsPanelTabData.origin}
/>
<BraveShieldsStats
braveShields={shieldsPanelTabData.braveShields}
Expand Down
3 changes: 0 additions & 3 deletions app/components/braveShields/braveShieldsControls.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -134,7 +134,6 @@ export default class BraveShieldsControls extends React.Component<BraveShieldsCo

<Grid theme={theme.braveShieldsControlsSwitches}>
<Column>
{/* TODO @cezaraugusto */}
<SwitchButton
id='httpsEverywhere'
theme={theme.noUserSelect}
Expand All @@ -145,7 +144,6 @@ export default class BraveShieldsControls extends React.Component<BraveShieldsCo
/>
</Column>
<Column>
{/* TODO @cezaraugusto */}
<SwitchButton
id='blockScripts'
theme={theme.noUserSelect}
Expand All @@ -156,7 +154,6 @@ export default class BraveShieldsControls extends React.Component<BraveShieldsCo
/>
</Column>
<Column>
{/* TODO @cezaraugusto */}
<SwitchButton
id='blockPhishingMalware'
theme={theme.noUserSelect}
Expand Down
6 changes: 6 additions & 0 deletions app/components/braveShields/braveShieldsHeader.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,9 +12,11 @@ import * as shieldActions from '../../types/actions/shieldsPanelActions'
import { BlockOptions } from '../../types/other/blockTypes'
import { getMessage } from '../../background/api/localeAPI'
import theme from '../../theme'
import { isHttpOrHttps } from '../../helpers/urlUtils'

export interface BraveShieldsHeaderProps {
shieldsToggled: shieldActions.ShieldsToggled
origin: string
hostname: string
braveShields: BlockOptions
}
Expand All @@ -27,6 +29,10 @@ export default class BraveShieldsHeader extends React.PureComponent<BraveShields
}

onToggleShields (e: HTMLSelectElement) {
const { origin } = this.props
if (!isHttpOrHttps(origin)) {
return
}
const shieldsOption: BlockOptions = e.target.checked ? 'allow' : 'block'
this.props.shieldsToggled(shieldsOption)
}
Expand Down
10 changes: 10 additions & 0 deletions app/helpers/urlUtils.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
* You can obtain one at http://mozilla.org/MPL/2.0/. */

export const isHttpOrHttps = (url?: string) => {
if (!url) {
return false
}
return /^https?:/i.test(url)
}
71 changes: 70 additions & 1 deletion test/app/background/api/shieldsAPITest.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ import * as shieldsAPI from '../../../../app/background/api/shieldsAPI'
import { activeTabData } from '../../../testData'
import { Tab as TabType } from '../../../../app/types/state/shieldsPannelState'
import * as resourceIdentifiers from '../../../../app/constants/resourceIdentifiers'

describe('Shields API', () => {
describe('getShieldSettingsForTabData', function () {
it('returns a rejected promise when no tab data is specified', function (cb) {
Expand Down Expand Up @@ -54,6 +54,75 @@ describe('Shields API', () => {
console.error(e.toString())
})
})

it('returns `block` by default for braveShields when origin is either http or https', function (cb) {
const tab: chrome.tabs.Tab = {
url: 'https://www.brave.com/charizard/knows/serg',
index: 1,
pinned: false,
highlighted: false,
windowId: 1,
active: true,
incognito: false,
selected: false,
id: 1337
}

shieldsAPI.getShieldSettingsForTabData(tab).then((data) => {
const assertion = 'braveShields' in data && data.braveShields === 'block'
assert(assertion)
cb()
})
.catch((e: Error) => {
console.error(e.toString())
})
})

it('returns `block` by default for braveShields when origin is not http or https', function (cb) {
const tab: chrome.tabs.Tab = {
url: 'ftp://www.brave.com/serg/dont/know/pikachu',
index: 1,
pinned: false,
highlighted: false,
windowId: 1,
active: true,
incognito: false,
selected: false,
id: 1337
}

shieldsAPI.getShieldSettingsForTabData(tab).then((data) => {
const assertion = 'braveShields' in data && data.braveShields === 'block'
assert(assertion)
cb()
})
.catch((e: Error) => {
console.error(e.toString())
})
})

it('returns `block` by default for braveShields when origin is an about page', function (cb) {
const tab: chrome.tabs.Tab = {
url: 'chrome://welcome',
index: 1,
pinned: false,
highlighted: false,
windowId: 1,
active: true,
incognito: false,
selected: false,
id: 1337
}

shieldsAPI.getShieldSettingsForTabData(tab).then((data) => {
const assertion = 'braveShields' in data && data.braveShields === 'block'
assert(assertion)
cb()
})
.catch((e: Error) => {
console.error(e.toString())
})
})
})

describe('getTabData', function () {
Expand Down
1 change: 1 addition & 0 deletions test/app/components/braveShields/braveShieldsHeaderTest.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ import * as sinon from 'sinon'

const fakeProps: BraveShieldsHeaderProps = {
hostname: 'brave.com',
origin: 'https://brave.com',
shieldsToggled: (setting: BlockOptions) => {
return {
type: actionTypes.SHIELDS_TOGGLED,
Expand Down
44 changes: 44 additions & 0 deletions test/app/helpers/urlUtilsTest.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
* You can obtain one at http://mozilla.org/MPL/2.0/. */

import 'mocha'
import * as assert from 'assert'
import { isHttpOrHttps } from '../../../app/helpers/urlUtils'

describe('urlUtils test', function () {
describe('isHttpOrHttps', function () {
it('matches http when defined as a protocol type', function () {
const url = 'http://some-boring-unsafe-website.com'
assert.equal(isHttpOrHttps(url), true)
})
it('matches https when defined as a protocol type', function () {
const url = 'https://some-nice-safe-website.com'
assert.equal(isHttpOrHttps(url), true)
})
it('does not match http when defined as an origin', function () {
const url = 'file://http.some-website-tricking-you.com'
assert.equal(isHttpOrHttps(url), false)
})
it('does not match https when defined as an origin', function () {
const url = 'file://https.some-website-tricking-you.com'
assert.equal(isHttpOrHttps(url), false)
})
it('does not match other protocol', function () {
const url = 'ftp://some-old-website.com'
assert.equal(isHttpOrHttps(url), false)
})
it('does not match when url is not defined', function () {
const url = undefined
assert.equal(isHttpOrHttps(url), false)
})
it('matches uppercase http', function () {
const url = 'HTTP://SCREAMING-SAFE-WEBSITE.COM'
assert.equal(isHttpOrHttps(url), true)
})
it('matches uppercase https', function () {
const url = 'HTTP://SCREAMING-UNSAFE-WEBSITE.COM'
assert.equal(isHttpOrHttps(url), true)
})
})
})

0 comments on commit d4d5857

Please sign in to comment.