-
Notifications
You must be signed in to change notification settings - Fork 870
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #8281 from brave/csp-filter-rules
Update adblock-rust with CSP rule support
- Loading branch information
Showing
28 changed files
with
503 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
102 changes: 102 additions & 0 deletions
102
browser/net/brave_ad_block_csp_network_delegate_helper.cc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,102 @@ | ||
/* Copyright (c) 2021 The Brave Authors. All rights reserved. | ||
* This Source Code Form is subject to the terms of the Mozilla Public | ||
* License, v. 2.0. If a copy of the MPL was not distributed with this file, | ||
* You can obtain one at http://mozilla.org/MPL/2.0/. */ | ||
|
||
#include "brave/browser/net/brave_ad_block_csp_network_delegate_helper.h" | ||
|
||
#include <string> | ||
|
||
#include "brave/browser/brave_browser_process_impl.h" | ||
#include "brave/browser/net/url_context.h" | ||
#include "brave/components/brave_shields/browser/ad_block_service.h" | ||
#include "brave/components/brave_shields/browser/ad_block_service_helper.h" | ||
#include "net/http/http_response_headers.h" | ||
#include "url/gurl.h" | ||
|
||
namespace brave { | ||
|
||
base::Optional<std::string> GetCspDirectivesOnTaskRunner( | ||
std::shared_ptr<BraveRequestInfo> ctx, | ||
base::Optional<std::string> original_csp) { | ||
std::string source_host; | ||
if (ctx->initiator_url.is_valid()) { | ||
source_host = ctx->initiator_url.host(); | ||
} else if (ctx->request_url.is_valid()) { | ||
// Top-level document requests do not have a valid initiator URL, so we use | ||
// the request URL as the initiator. | ||
source_host = ctx->request_url.host(); | ||
} else { | ||
return base::nullopt; | ||
} | ||
|
||
base::Optional<std::string> csp_directives = | ||
g_brave_browser_process->ad_block_service()->GetCspDirectives( | ||
ctx->request_url, ctx->resource_type, source_host); | ||
|
||
brave_shields::MergeCspDirectiveInto(original_csp, &csp_directives); | ||
return csp_directives; | ||
} | ||
|
||
void OnReceiveCspDirectives( | ||
const ResponseCallback& next_callback, | ||
std::shared_ptr<BraveRequestInfo> ctx, | ||
scoped_refptr<net::HttpResponseHeaders>* override_response_headers, | ||
base::Optional<std::string> csp_directives) { | ||
DCHECK_CURRENTLY_ON(content::BrowserThread::UI); | ||
|
||
if (csp_directives) { | ||
(*override_response_headers) | ||
->AddHeader("Content-Security-Policy", *csp_directives); | ||
} | ||
|
||
next_callback.Run(); | ||
} | ||
|
||
int OnHeadersReceived_AdBlockCspWork( | ||
const net::HttpResponseHeaders* response_headers, | ||
scoped_refptr<net::HttpResponseHeaders>* override_response_headers, | ||
GURL* allowed_unsafe_redirect_url, | ||
const brave::ResponseCallback& next_callback, | ||
std::shared_ptr<brave::BraveRequestInfo> ctx) { | ||
DCHECK_CURRENTLY_ON(content::BrowserThread::UI); | ||
|
||
if (!response_headers) { | ||
return net::OK; | ||
} | ||
|
||
if (ctx->resource_type == blink::mojom::ResourceType::kMainFrame || | ||
ctx->resource_type == blink::mojom::ResourceType::kSubFrame) { | ||
// If the override_response_headers have already been populated, we should | ||
// use those directly. Otherwise, we populate them from the original | ||
// headers. | ||
if (!*override_response_headers) { | ||
*override_response_headers = | ||
new net::HttpResponseHeaders(response_headers->raw_headers()); | ||
} | ||
|
||
scoped_refptr<base::SequencedTaskRunner> task_runner = | ||
g_brave_browser_process->ad_block_service()->GetTaskRunner(); | ||
|
||
std::string original_csp_string; | ||
base::Optional<std::string> original_csp = base::nullopt; | ||
if ((*override_response_headers) | ||
->GetNormalizedHeader("Content-Security-Policy", | ||
&original_csp_string)) { | ||
original_csp = base::Optional<std::string>(original_csp_string); | ||
} | ||
|
||
(*override_response_headers)->RemoveHeader("Content-Security-Policy"); | ||
|
||
task_runner->PostTaskAndReplyWithResult( | ||
FROM_HERE, | ||
base::BindOnce(&GetCspDirectivesOnTaskRunner, ctx, original_csp), | ||
base::BindOnce(&OnReceiveCspDirectives, next_callback, ctx, | ||
override_response_headers)); | ||
return net::ERR_IO_PENDING; | ||
} | ||
|
||
return net::OK; | ||
} | ||
|
||
} // namespace brave |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
/* Copyright (c) 2021 The Brave Authors. All rights reserved. | ||
* This Source Code Form is subject to the terms of the Mozilla Public | ||
* License, v. 2.0. If a copy of the MPL was not distributed with this file, | ||
* You can obtain one at http://mozilla.org/MPL/2.0/. */ | ||
|
||
#ifndef BRAVE_BROWSER_NET_BRAVE_AD_BLOCK_CSP_NETWORK_DELEGATE_HELPER_H_ | ||
#define BRAVE_BROWSER_NET_BRAVE_AD_BLOCK_CSP_NETWORK_DELEGATE_HELPER_H_ | ||
|
||
#include <memory> | ||
|
||
#include "base/memory/scoped_refptr.h" | ||
#include "brave/browser/net/url_context.h" | ||
|
||
namespace net { | ||
class HttpResponseHeaders; | ||
} // namespace net | ||
|
||
class GURL; | ||
|
||
namespace brave { | ||
|
||
int OnHeadersReceived_AdBlockCspWork( | ||
const net::HttpResponseHeaders* original_response_headers, | ||
scoped_refptr<net::HttpResponseHeaders>* override_response_headers, | ||
GURL* allowed_unsafe_redirect_url, | ||
const brave::ResponseCallback& next_callback, | ||
std::shared_ptr<brave::BraveRequestInfo> ctx); | ||
|
||
} // namespace brave | ||
|
||
#endif // BRAVE_BROWSER_NET_BRAVE_AD_BLOCK_CSP_NETWORK_DELEGATE_HELPER_H_ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.