aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorYuchen Pei <hi@ypei.me>2022-09-20 18:00:35 +1000
committerYuchen Pei <hi@ypei.me>2022-09-20 18:00:35 +1000
commit3020fc5718c955d905080158502610b60c1bf921 (patch)
treeda82d63d828eda2e47d7a64e763c7b3f91e93b27
parent11dac1ce018cb22dc535249be605c974977287b2 (diff)
clean up checks for reserved objects
-rw-r--r--main_background.js49
1 files changed, 26 insertions, 23 deletions
diff --git a/main_background.js b/main_background.js
index a9bfd7d..087c583 100644
--- a/main_background.js
+++ b/main_background.js
@@ -67,7 +67,7 @@ function dbg_print(a, b) {
*/
// These are objects that it will search for in an initial regex pass over non-free scripts.
-var reserved_objects = [
+const RESERVED_OBJECTS = [
//"document",
//"window",
'fetch',
@@ -416,6 +416,12 @@ var fname_data = require('./fname_data.json').fname_data;
//************************this part can be tested in the HTML file index.html's script test.js****************************
+/**
+ * Checks whether script is trivial by analysing its tokens.
+ *
+ * Returns an array of
+ * [flag (boolean, true if trivial), reason (string, human readable report)].
+ */
function full_evaluate(script) {
if (script === undefined || script == '') {
return [true, 'Harmless null script'];
@@ -536,40 +542,37 @@ function full_evaluate(script) {
*
*/
function evaluate(script, name) {
- function reserved_object_regex(object) {
- var arith_operators = '\\+\\-\\*\\/\\%\\=';
+ const reservedResult = evaluateForReservedObj(script, name);
+ if (reservedResult[0] === true) {
+ dbg_print('%c pass', 'color:green;');
+ } else {
+ return reservedResult;
+ }
+
+ return full_evaluate(script);
+}
+
+function evaluateForReservedObj(script, name) {
+ function reservedObjectRegex(object) {
+ const arith_operators = '\\+\\-\\*\\/\\%\\=';
return new RegExp('(?:[^\\w\\d]|^|(?:' + arith_operators + '))' + object + '(?:\\s*?(?:[\\;\\,\\.\\(\\[])\\s*?)', 'g');
}
- reserved_object_regex('window');
const ml_comment = /\/\*([\s\S]+?)\*\//g;
const il_comment = /\/\/.+/gm;
- var temp = script.replace(/'.+?'+/gm, '\'string\'');
- temp = temp.replace(/".+?"+/gm, '"string"');
- temp = temp.replace(ml_comment, '');
- temp = temp.replace(il_comment, '');
+ const temp = script.replace(/'.+?'+/gm, '\'string\'').replace(/".+?"+/gm, '"string"').replace(ml_comment, '').replace(il_comment, '');
dbg_print('%c ------evaluation results for ' + name + '------', 'color:white');
dbg_print('Script accesses reserved objects?');
- var flag = true;
- var reason = ''
+
// This is where individual "passes" are made over the code
- for (var i = 0; i < reserved_objects.length; i++) {
- var res = reserved_object_regex(reserved_objects[i]).exec(temp);
- if (res != null) {
+ for (const reserved of RESERVED_OBJECTS) {
+ if (reservedObjectRegex(reserved).exec(temp) != null) {
dbg_print('%c fail', 'color:red;');
- flag = false;
- reason = 'Script uses a reserved object (' + reserved_objects[i] + ')';
+ return [false, 'Script uses a reserved object (' + reserved + ')'];
}
}
- if (flag) {
- dbg_print('%c pass', 'color:green;');
- } else {
- return [flag, reason];
- }
-
- return full_evaluate(script);
+ return [true, 'Reserved object not found.'];
}
-
function validateLicense(matches) {
if (!(Array.isArray(matches) && matches.length >= 4)) {
return [false, 'Malformed or unrecognized license tag.'];