Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix unprotected sites flag in JS layer #51

Merged

Conversation

bwaresiak
Copy link
Collaborator

@bwaresiak bwaresiak commented Jan 14, 2022

Task/Issue URL: https://app.asana.com/0/1199178362774117/1201666147268877
Tech Design URL:
CC:

Description:
Fix JS, so when we cannot determine top level url, we won't assume it is unprotected.

Steps to test this PR:

  1. Visit https://wsj.com
  2. Validate list of blocked trackers: googlesyndication should be blocked.

In addition re-test disabling protection.

OS Testing:

  • macOS

Internal references:

Software Engineering Expectations
Technical Design Template

@bwaresiak bwaresiak changed the title Fix unprotected sites flag Fix unprotected sites flag in JS layer Jan 14, 2022
@bwaresiak bwaresiak changed the base branch from main to release/friends-and-family January 14, 2022 20:01
@bwaresiak
Copy link
Collaborator Author

@jonathanKingston would you be so kind to take a look at my JS tweaks to see if these looks ok?

@Bunn Bunn self-assigned this Jan 14, 2022
@jonathanKingston
Copy link
Collaborator

@bwaresiak I think this is fine as a fallback.

We should readdress the conversation about getTopLevelURL at some point: https://app.asana.com/0/1200437802575119/1201210452027332/f for this. I've outlined the issues there.

@jonathanKingston jonathanKingston self-requested a review January 15, 2022 01:38
Copy link
Contributor

@Bunn Bunn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.
googlesyndication is showing as blocked and before it wasn't.

@bwaresiak bwaresiak merged commit 6605419 into release/friends-and-family Jan 25, 2022
@bwaresiak bwaresiak deleted the bartek/fix-unprotected-sites-flag branch January 25, 2022 10:29
bwaresiak added a commit that referenced this pull request Feb 9, 2022
* Secure Vault autofill Pixel support (#26)

* add delegate calls after autofilling

* upd with AutofillType

* Secure Vault additions (#28)

* Finish note support.

* Note database migration

* Begin working on identities

* Further work on Identities

* Consolidate database migrations.

* Fill out remaining credit card functions.

* Remove unneeded credit card properties.

* Further autofill API work.

* Support cardholder name.

* Fix unit test compilation failures.

* Remove an incorrect marker comment.

* Add better credit card validation.

* Bump the Autofill commit.

* Add tests for the new autofill Get methods.

* Clean up the database access calls.

* Clean up a number of SwiftLint warnings and errors.

* Update the Autofill commit.

* Fill in the autofill type delegate methods.

* Ignore the release script.

* Bump autofill

Signed-off-by: Emanuele Feliziani <feliziani.emanuele@gmail.com>

Co-authored-by: Emanuele Feliziani <feliziani.emanuele@gmail.com>

* Bump autofill to version 3.3.0 (#29)

* Bump autofill to version 3.3.0

Signed-off-by: Emanuele Feliziani <feliziani.emanuele@gmail.com>

* Update the duckduckgo-autofill submodule commit.

Co-authored-by: Sam Symons <sam@samsymons.com>

* Add requiresRunInPageContentWorld to run UserScripts in page world (#30)

* Ensure that the WKContentWorld usage compiles on iOS. (#32)

* Fix lastName in identity (#33)

* Update the credit card table (#34)

* Upgrade the credit card number field to L2.

* Correctly provide the last name for Identity autofill.

* Allow the SecureVaultFactory to return the crypto classes only.

* Ensure that addressStreet2 is encoded and read correctly.

* Update the migration to remove the old column.

* Generate a display title and subtitle for notes.

* Add a new error type for if no L1 key is available.

* Move content blocking code to BSK (#35)

* Initial refactoring of content blocking to enable sharing between platforms

* Extracted Content Rules script

* Tweaks based on Mac OS X implementation

* Expand API to enable checking for result of the requested compilation

* Add option to obtain PrivacyFeature settings dictionary

* Add Surrogates user script

* API Tweaks

* Fix tests

* Content Blocking reference tests

* More Pixels

* Add tests for User Scripts and Tracker allowlist

* Reuse sha256 code in tests

* Better Privacy Config tests

* Add autoconsent as a configurable feature (#39)

* Remove unused TrackingProtectionStats dead code (#41)

* Add identities autofill (#38)

* Bump autofill pointer

Signed-off-by: Emanuele Feliziani <feliziani.emanuele@gmail.com>

* Bump autofill revision

Signed-off-by: Emanuele Feliziani <feliziani.emanuele@gmail.com>

* Bump autofill to latest version

Signed-off-by: Emanuele Feliziani <feliziani.emanuele@gmail.com>

* Bump autofill revision (#46)

Signed-off-by: Emanuele Feliziani <feliziani.emanuele@gmail.com>

* Support content scope as a user script (#45)

* Remove content scope files causing warnings (#49)

* Navigator credentials move (#47)

* Fix unprotected domains calculation for about:blank urls (#51)

* Add Resolver tests and fix cname resolving (#50)

* Multiple blocking rule lists (#53)

* Initial implementation to support multiple rules lists

* Make API open for inheritance

* Fix few bugs, update tests

* CTL delegate WIP

* Update ContentBlockerRulesUserScript.swift

* Update ContentBlockerRulesUserScript.swift

* Refactor Content Blocker User Script

* Add missing change information

* Expand error reporting API

* Unit tests for error reporting

* Workaround for missing TDS at startup issue

* Move model processing to work queue

* Kill the app only in case main TDS rule list fails to compile

* Allow for non-TDS rule lists to fail compilation in case setup fails

* Add check for embedded TDS compilation

Co-authored-by: Bartek Waresiak <bartek@duckduckgo.com>
Co-authored-by: ladamski@duckduckgo.com <ladamski@duckduckgo.com>

* Add platform.name to BrowserServices kit (#48)

* Add platform.name to BrowserServices kit

* be explicit about supported platform names

* add clickToPlay config (#56)

Co-authored-by: ladamski@duckduckgo.com <ladamski@duckduckgo.com>

* Enable unit tests via Xcode (#57)

* Have all bundle resources copied to the root directory.

* Remove a duplicate file.

* Move embedded TDS to platform code (#58)

* Filtering various suggestion types from Top Hits section of suggestions (#55)

* Filtering various suggestion types from Top Hits section of suggestions
* Suggesting bookmarks instead of history entries with the same URL
* Allowing bookmarks to be in the Top Hits if they replaced history entry
* isDownload flag removed
* Edge case with bookmark not allowed in Top Hits resolved
* Array renamed to all

* Fix Privcy Config API to correcty take into account feature type (#62)

* Update config to reflect iOS features (#64)

* Update Autofill submodule pointer with iOS fix (#65)

* Update the duckduckgo-autofill submodule commit.

* Resolve package warnings

Co-authored-by: Bartek Waresiak <bartek@duckduckgo.com>

Co-authored-by: Alexey Martemyanov <mallexxx@gmail.com>
Co-authored-by: Emanuele Feliziani <feliziani.emanuele@gmail.com>
Co-authored-by: Jonathan Kingston <jkingston@duckduckgo.com>
Co-authored-by: bwaresiak <bartek@duckduckgo.com>
Co-authored-by: Sam Macbeth <sammacbeth@users.noreply.github.com>
Co-authored-by: Brad Slayter <SlayterDev@users.noreply.github.com>
Co-authored-by: ladamski@duckduckgo.com <ladamski@duckduckgo.com>
Co-authored-by: Shane Osbourne <shane.osbourne8@gmail.com>
Co-authored-by: Lucas Adamski <ladamski@users.noreply.github.com>
Co-authored-by: Tomas Strba <57389842+tomasstrba@users.noreply.github.com>
SlayterDev added a commit that referenced this pull request Feb 21, 2022
* Secure Vault autofill Pixel support (#26)

* add delegate calls after autofilling

* upd with AutofillType

* Secure Vault additions (#28)

* Finish note support.

* Note database migration

* Begin working on identities

* Further work on Identities

* Consolidate database migrations.

* Fill out remaining credit card functions.

* Remove unneeded credit card properties.

* Further autofill API work.

* Support cardholder name.

* Fix unit test compilation failures.

* Remove an incorrect marker comment.

* Add better credit card validation.

* Bump the Autofill commit.

* Add tests for the new autofill Get methods.

* Clean up the database access calls.

* Clean up a number of SwiftLint warnings and errors.

* Update the Autofill commit.

* Fill in the autofill type delegate methods.

* Ignore the release script.

* Bump autofill

Signed-off-by: Emanuele Feliziani <feliziani.emanuele@gmail.com>

Co-authored-by: Emanuele Feliziani <feliziani.emanuele@gmail.com>

* Bump autofill to version 3.3.0 (#29)

* Bump autofill to version 3.3.0

Signed-off-by: Emanuele Feliziani <feliziani.emanuele@gmail.com>

* Update the duckduckgo-autofill submodule commit.

Co-authored-by: Sam Symons <sam@samsymons.com>

* Add requiresRunInPageContentWorld to run UserScripts in page world (#30)

* Ensure that the WKContentWorld usage compiles on iOS. (#32)

* Fix lastName in identity (#33)

* Update the credit card table (#34)

* Upgrade the credit card number field to L2.

* Correctly provide the last name for Identity autofill.

* Allow the SecureVaultFactory to return the crypto classes only.

* Ensure that addressStreet2 is encoded and read correctly.

* Update the migration to remove the old column.

* Generate a display title and subtitle for notes.

* Add a new error type for if no L1 key is available.

* Move content blocking code to BSK (#35)

* Initial refactoring of content blocking to enable sharing between platforms

* Extracted Content Rules script

* Tweaks based on Mac OS X implementation

* Expand API to enable checking for result of the requested compilation

* Add option to obtain PrivacyFeature settings dictionary

* Add Surrogates user script

* API Tweaks

* Fix tests

* Content Blocking reference tests

* More Pixels

* Add tests for User Scripts and Tracker allowlist

* Reuse sha256 code in tests

* Better Privacy Config tests

* Add autoconsent as a configurable feature (#39)

* Remove unused TrackingProtectionStats dead code (#41)

* Add identities autofill (#38)

* Bump autofill pointer

Signed-off-by: Emanuele Feliziani <feliziani.emanuele@gmail.com>

* Bump autofill revision

Signed-off-by: Emanuele Feliziani <feliziani.emanuele@gmail.com>

* Bump autofill to latest version

Signed-off-by: Emanuele Feliziani <feliziani.emanuele@gmail.com>

* Bump autofill revision (#46)

Signed-off-by: Emanuele Feliziani <feliziani.emanuele@gmail.com>

* Support content scope as a user script (#45)

* Remove content scope files causing warnings (#49)

* Navigator credentials move (#47)

* Fix unprotected domains calculation for about:blank urls (#51)

* Add Resolver tests and fix cname resolving (#50)

* Multiple blocking rule lists (#53)

* Initial implementation to support multiple rules lists

* Make API open for inheritance

* Fix few bugs, update tests

* CTL delegate WIP

* Update ContentBlockerRulesUserScript.swift

* Update ContentBlockerRulesUserScript.swift

* Refactor Content Blocker User Script

* Add missing change information

* Expand error reporting API

* Unit tests for error reporting

* Workaround for missing TDS at startup issue

* Move model processing to work queue

* Kill the app only in case main TDS rule list fails to compile

* Allow for non-TDS rule lists to fail compilation in case setup fails

* Add check for embedded TDS compilation

Co-authored-by: Bartek Waresiak <bartek@duckduckgo.com>
Co-authored-by: ladamski@duckduckgo.com <ladamski@duckduckgo.com>

* Add platform.name to BrowserServices kit (#48)

* Add platform.name to BrowserServices kit

* be explicit about supported platform names

* add clickToPlay config (#56)

Co-authored-by: ladamski@duckduckgo.com <ladamski@duckduckgo.com>

* Enable unit tests via Xcode (#57)

* Have all bundle resources copied to the root directory.

* Remove a duplicate file.

* Move embedded TDS to platform code (#58)

* Pass config to Autofill script

* lint

* Parentheses

* Fix tests

* Fix tests

* Update Autofill

* Fix var injection

* Refactor Autofill script to use SourceProvider

* Cache result

* Fix test

* Make constructor public

* Remove debug code

* Update autofill

* Update autofill to release branch

* Update Autofill

Co-authored-by: Alexey Martemyanov <mallexxx@gmail.com>
Co-authored-by: Sam Symons <sam@samsymons.com>
Co-authored-by: Emanuele Feliziani <feliziani.emanuele@gmail.com>
Co-authored-by: Jonathan Kingston <jkingston@duckduckgo.com>
Co-authored-by: bwaresiak <bartek@duckduckgo.com>
Co-authored-by: Sam Macbeth <sammacbeth@users.noreply.github.com>
Co-authored-by: ladamski@duckduckgo.com <ladamski@duckduckgo.com>
Co-authored-by: Shane Osbourne <shane.osbourne8@gmail.com>
Co-authored-by: Lucas Adamski <ladamski@users.noreply.github.com>
mallexxx added a commit that referenced this pull request Feb 22, 2022
* Secure Vault autofill Pixel support (#26)

* add delegate calls after autofilling

* upd with AutofillType

* Secure Vault additions (#28)

* Finish note support.

* Note database migration

* Begin working on identities

* Further work on Identities

* Consolidate database migrations.

* Fill out remaining credit card functions.

* Remove unneeded credit card properties.

* Further autofill API work.

* Support cardholder name.

* Fix unit test compilation failures.

* Remove an incorrect marker comment.

* Add better credit card validation.

* Bump the Autofill commit.

* Add tests for the new autofill Get methods.

* Clean up the database access calls.

* Clean up a number of SwiftLint warnings and errors.

* Update the Autofill commit.

* Fill in the autofill type delegate methods.

* Ignore the release script.

* Bump autofill

Signed-off-by: Emanuele Feliziani <feliziani.emanuele@gmail.com>

Co-authored-by: Emanuele Feliziani <feliziani.emanuele@gmail.com>

* Bump autofill to version 3.3.0 (#29)

* Bump autofill to version 3.3.0

Signed-off-by: Emanuele Feliziani <feliziani.emanuele@gmail.com>

* Update the duckduckgo-autofill submodule commit.

Co-authored-by: Sam Symons <sam@samsymons.com>

* Add requiresRunInPageContentWorld to run UserScripts in page world (#30)

* Ensure that the WKContentWorld usage compiles on iOS. (#32)

* Fix lastName in identity (#33)

* Update the credit card table (#34)

* Upgrade the credit card number field to L2.

* Correctly provide the last name for Identity autofill.

* Allow the SecureVaultFactory to return the crypto classes only.

* Ensure that addressStreet2 is encoded and read correctly.

* Update the migration to remove the old column.

* Generate a display title and subtitle for notes.

* Add a new error type for if no L1 key is available.

* Move content blocking code to BSK (#35)

* Initial refactoring of content blocking to enable sharing between platforms

* Extracted Content Rules script

* Tweaks based on Mac OS X implementation

* Expand API to enable checking for result of the requested compilation

* Add option to obtain PrivacyFeature settings dictionary

* Add Surrogates user script

* API Tweaks

* Fix tests

* Content Blocking reference tests

* More Pixels

* Add tests for User Scripts and Tracker allowlist

* Reuse sha256 code in tests

* Better Privacy Config tests

* Add autoconsent as a configurable feature (#39)

* Remove unused TrackingProtectionStats dead code (#41)

* Add identities autofill (#38)

* Bump autofill pointer

Signed-off-by: Emanuele Feliziani <feliziani.emanuele@gmail.com>

* Bump autofill revision

Signed-off-by: Emanuele Feliziani <feliziani.emanuele@gmail.com>

* Bump autofill to latest version

Signed-off-by: Emanuele Feliziani <feliziani.emanuele@gmail.com>

* Bump autofill revision (#46)

Signed-off-by: Emanuele Feliziani <feliziani.emanuele@gmail.com>

* Support content scope as a user script (#45)

* Remove content scope files causing warnings (#49)

* Navigator credentials move (#47)

* Fix unprotected domains calculation for about:blank urls (#51)

* Add Resolver tests and fix cname resolving (#50)

* Multiple blocking rule lists (#53)

* Initial implementation to support multiple rules lists

* Make API open for inheritance

* Fix few bugs, update tests

* CTL delegate WIP

* Update ContentBlockerRulesUserScript.swift

* Update ContentBlockerRulesUserScript.swift

* Refactor Content Blocker User Script

* Add missing change information

* Expand error reporting API

* Unit tests for error reporting

* Workaround for missing TDS at startup issue

* Move model processing to work queue

* Kill the app only in case main TDS rule list fails to compile

* Allow for non-TDS rule lists to fail compilation in case setup fails

* Add check for embedded TDS compilation

Co-authored-by: Bartek Waresiak <bartek@duckduckgo.com>
Co-authored-by: ladamski@duckduckgo.com <ladamski@duckduckgo.com>

* Compiled Content Rules caching

* Add platform.name to BrowserServices kit (#48)

* Add platform.name to BrowserServices kit

* be explicit about supported platform names

* add clickToPlay config (#56)

Co-authored-by: ladamski@duckduckgo.com <ladamski@duckduckgo.com>

* Invert ContentBlockerRules dependency injection

* Have all bundle resources copied to the root directory.

* Remove a duplicate file.

* fix tests

* Add ContentBlockerRulesManager cache tests

* fix linter issues

* ContentBlockerRulesManager.Rules, UpdateEvent public init for tests

* Enable unit tests via Xcode (#57)

* Have all bundle resources copied to the root directory.

* Remove a duplicate file.

* Move embedded TDS to platform code (#58)

* Filtering various suggestion types from Top Hits section of suggestions (#55)

* Filtering various suggestion types from Top Hits section of suggestions
* Suggesting bookmarks instead of history entries with the same URL
* Allowing bookmarks to be in the Top Hits if they replaced history entry
* isDownload flag removed
* Edge case with bookmark not allowed in Top Hits resolved
* Array renamed to all

* Fix Privcy Config API to correcty take into account feature type (#62)

* report CBR compilation time on success

* fix tests

* measure whole rules compilation time

* add copyright note

* minor readability improvement
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants