-
Notifications
You must be signed in to change notification settings - Fork 56
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Proposal: Add ancestorMatches
/excludeAncestorMatches
in scripting API
#668
Comments
Would you still need this feature if Firefox were to support MDN: https://developer.mozilla.org/en-US/docs/Web/API/Location/ancestorOrigins |
I wasn't aware of this property. However I don't see that it is usable in the current issue in uBOL because the injected content scripts are static and declaratively injected, and as such the content script code has no knowledge of which origins are currently being excluded from filtering by the user. |
There are ongoing discussions here about a way to dynamically declare values to become available synchronously to content scripts, e.g.:
Even without new APIs, it is already possible to fetch state dynamically with synchronous XHR and configure the response with declarativeNetRequest.updateDynamicRules/updateSessionRules (with defaults provided via static rules). I admit that this is a hack, but potentially viable for infrequently used configuration. E.g. the NoScript extension uses this technique (well synchronous XHR+webRequest, not specifically DNR). Also you may need a way to have a sufficiently secret URL that cannot be guessed by web pages to avoid information leakage. In any case, back to the original question: would a way to synchronously retrieve values in content scripts + |
This specific comment in the proposal aligns more with solving the specific issue I am facing in uBOL:
In such case, then yes, I wouldn't mind uBOL's content scripts do the exclusion work, there is already such work done (for example). |
A hack now causing some pages to break badly. |
Discussed in today's meeting, meeting notes pending review at #671. One question is on use cases - what is the extent of the anticipated use of this requested API? If it is specialized and use cases relatively minor, |
I would say the rationale for supporting |
A big benefit would be present in the case of style injections declarative in frames with specific ancestor matches. It would be beneficial to have a way to specify the extensions origin as allowed ancestor origin. Currently in some extensions I would need to set a global css flag (like a class on the html tag) using JavaScript to make sure it is only applied when intended. It would also save a lot of unnecessary injection of content scripts in top level documents. This would address #117 |
Proposal: Add
ancestorMatches
/excludeAncestorMatches
as conditions in RegisteredContentScript of scripting APIBackground
For similar reasons as to the existence of
allowAllRequests
in the DNR API, there is a need to exclude content script injection in subdocuments when a specific ancestor document is being excluded from filtering.Example of the issue, let's posit:
a.com
is a main document loaded in a browser tabb.com
is a main document loaded in another browser tabm.com
is a frame embedded in a webpage froma.com
and a webpage fromb.com
n.com
is a frame embedded in a webpage fromm.com
Content script
m_and_n.js
is registered through thescripting
API to be injected in documents and subdocuments fromm.com
andn.com
:User chooses to exclude
a.com
from being filtered.A DNR
allowAllRequests
rule fora.com
allows to exclude DNR fitlering for all resources pulled bya.com
, including those from embedded documents from different origin.However, this does not work for injected content scripts: we can't unregister content script
m_and_n.js
to accommodate exclusion ofa.com
from filtering because this would also cause exclusion ofm_and_n.js
forb.com
(and all other origins), which is not meant to be excluded from filtering.Not being able to exclude a registered content script from a specific ancestor domain leads to unsolvable issues in uBO Lite extension, see uBlockOrigin/uBOL-home#20
The text was updated successfully, but these errors were encountered: