-
Notifications
You must be signed in to change notification settings - Fork 870
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update adblock-rust with CSP rule support #8281
Changes from all commits
d0d845b
3eeb2c9
0cdcb68
01b3e0a
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,102 @@ | ||
/* Copyright (c) 2021 The Brave Authors. All rights reserved. | ||
* This Source Code Form is subject to the terms of the Mozilla Public | ||
* License, v. 2.0. If a copy of the MPL was not distributed with this file, | ||
* You can obtain one at http://mozilla.org/MPL/2.0/. */ | ||
|
||
#include "brave/browser/net/brave_ad_block_csp_network_delegate_helper.h" | ||
|
||
#include <string> | ||
|
||
#include "brave/browser/brave_browser_process_impl.h" | ||
#include "brave/browser/net/url_context.h" | ||
#include "brave/components/brave_shields/browser/ad_block_service.h" | ||
#include "brave/components/brave_shields/browser/ad_block_service_helper.h" | ||
#include "net/http/http_response_headers.h" | ||
#include "url/gurl.h" | ||
|
||
namespace brave { | ||
|
||
base::Optional<std::string> GetCspDirectivesOnTaskRunner( | ||
std::shared_ptr<BraveRequestInfo> ctx, | ||
base::Optional<std::string> original_csp) { | ||
std::string source_host; | ||
if (ctx->initiator_url.is_valid()) { | ||
source_host = ctx->initiator_url.host(); | ||
} else if (ctx->request_url.is_valid()) { | ||
// Top-level document requests do not have a valid initiator URL, so we use | ||
// the request URL as the initiator. | ||
source_host = ctx->request_url.host(); | ||
} else { | ||
return base::nullopt; | ||
} | ||
|
||
base::Optional<std::string> csp_directives = | ||
g_brave_browser_process->ad_block_service()->GetCspDirectives( | ||
ctx->request_url, ctx->resource_type, source_host); | ||
|
||
brave_shields::MergeCspDirectiveInto(original_csp, &csp_directives); | ||
return csp_directives; | ||
} | ||
|
||
void OnReceiveCspDirectives( | ||
const ResponseCallback& next_callback, | ||
std::shared_ptr<BraveRequestInfo> ctx, | ||
scoped_refptr<net::HttpResponseHeaders>* override_response_headers, | ||
base::Optional<std::string> csp_directives) { | ||
DCHECK_CURRENTLY_ON(content::BrowserThread::UI); | ||
|
||
if (csp_directives) { | ||
(*override_response_headers) | ||
->AddHeader("Content-Security-Policy", *csp_directives); | ||
} | ||
|
||
next_callback.Run(); | ||
} | ||
|
||
int OnHeadersReceived_AdBlockCspWork( | ||
const net::HttpResponseHeaders* response_headers, | ||
scoped_refptr<net::HttpResponseHeaders>* override_response_headers, | ||
GURL* allowed_unsafe_redirect_url, | ||
const brave::ResponseCallback& next_callback, | ||
std::shared_ptr<brave::BraveRequestInfo> ctx) { | ||
DCHECK_CURRENTLY_ON(content::BrowserThread::UI); | ||
|
||
if (!response_headers) { | ||
return net::OK; | ||
} | ||
|
||
if (ctx->resource_type == blink::mojom::ResourceType::kMainFrame || | ||
ctx->resource_type == blink::mojom::ResourceType::kSubFrame) { | ||
// If the override_response_headers have already been populated, we should | ||
// use those directly. Otherwise, we populate them from the original | ||
// headers. | ||
if (!*override_response_headers) { | ||
*override_response_headers = | ||
new net::HttpResponseHeaders(response_headers->raw_headers()); | ||
} | ||
|
||
scoped_refptr<base::SequencedTaskRunner> task_runner = | ||
g_brave_browser_process->ad_block_service()->GetTaskRunner(); | ||
|
||
std::string original_csp_string; | ||
base::Optional<std::string> original_csp = base::nullopt; | ||
if ((*override_response_headers) | ||
->GetNormalizedHeader("Content-Security-Policy", | ||
&original_csp_string)) { | ||
original_csp = base::Optional<std::string>(original_csp_string); | ||
} | ||
|
||
(*override_response_headers)->RemoveHeader("Content-Security-Policy"); | ||
|
||
task_runner->PostTaskAndReplyWithResult( | ||
FROM_HERE, | ||
base::BindOnce(&GetCspDirectivesOnTaskRunner, ctx, original_csp), | ||
base::BindOnce(&OnReceiveCspDirectives, next_callback, ctx, | ||
override_response_headers)); | ||
return net::ERR_IO_PENDING; | ||
} | ||
|
||
return net::OK; | ||
} | ||
|
||
} // namespace brave |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
/* Copyright (c) 2021 The Brave Authors. All rights reserved. | ||
* This Source Code Form is subject to the terms of the Mozilla Public | ||
* License, v. 2.0. If a copy of the MPL was not distributed with this file, | ||
* You can obtain one at http://mozilla.org/MPL/2.0/. */ | ||
|
||
#ifndef BRAVE_BROWSER_NET_BRAVE_AD_BLOCK_CSP_NETWORK_DELEGATE_HELPER_H_ | ||
#define BRAVE_BROWSER_NET_BRAVE_AD_BLOCK_CSP_NETWORK_DELEGATE_HELPER_H_ | ||
|
||
#include <memory> | ||
|
||
#include "base/memory/scoped_refptr.h" | ||
#include "brave/browser/net/url_context.h" | ||
|
||
namespace net { | ||
class HttpResponseHeaders; | ||
} // namespace net | ||
|
||
class GURL; | ||
|
||
namespace brave { | ||
|
||
int OnHeadersReceived_AdBlockCspWork( | ||
const net::HttpResponseHeaders* original_response_headers, | ||
scoped_refptr<net::HttpResponseHeaders>* override_response_headers, | ||
GURL* allowed_unsafe_redirect_url, | ||
const brave::ResponseCallback& next_callback, | ||
std::shared_ptr<brave::BraveRequestInfo> ctx); | ||
|
||
} // namespace brave | ||
|
||
#endif // BRAVE_BROWSER_NET_BRAVE_AD_BLOCK_CSP_NETWORK_DELEGATE_HELPER_H_ |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -11,6 +11,7 @@ | |
#include "base/feature_list.h" | ||
#include "base/metrics/histogram_macros.h" | ||
#include "base/task/post_task.h" | ||
#include "brave/browser/net/brave_ad_block_csp_network_delegate_helper.h" | ||
#include "brave/browser/net/brave_ad_block_tp_network_delegate_helper.h" | ||
#include "brave/browser/net/brave_common_static_redirect_network_delegate_helper.h" | ||
#include "brave/browser/net/brave_httpse_network_delegate_helper.h" | ||
|
@@ -21,6 +22,7 @@ | |
#include "brave/common/pref_names.h" | ||
#include "brave/components/brave_referrals/buildflags/buildflags.h" | ||
#include "brave/components/brave_rewards/browser/buildflags/buildflags.h" | ||
#include "brave/components/brave_shields/common/features.h" | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Needs a dep in |
||
#include "brave/components/brave_webtorrent/browser/buildflags/buildflags.h" | ||
#include "brave/components/ipfs/buildflags/buildflags.h" | ||
#include "chrome/browser/browser_process.h" | ||
|
@@ -122,6 +124,13 @@ void BraveRequestHandler::SetupCallbacks() { | |
base::Bind(webtorrent::OnHeadersReceived_TorrentRedirectWork); | ||
headers_received_callbacks_.push_back(headers_received_callback); | ||
#endif | ||
|
||
if (base::FeatureList::IsEnabled( | ||
::brave_shields::features::kBraveAdblockCspRules)) { | ||
brave::OnHeadersReceivedCallback headers_received_callback2 = | ||
base::Bind(brave::OnHeadersReceived_AdBlockCspWork); | ||
headers_received_callbacks_.push_back(headers_received_callback2); | ||
} | ||
} | ||
|
||
void BraveRequestHandler::InitPrefChangeRegistrar() { | ||
|
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't really like the idea of adding new thread hops, but we probably can leave it for now until bigger refactoring. I think at some point we should allow querying certain things (e.g. csp rules) from the service on UI thread to avoid jumping between threads, since the jump adds more delay than the lookup