From b975f183fe19250c67b2c8617c2a76f9cdf71548 Mon Sep 17 00:00:00 2001
From: NateN1222 <nathannichols454@gmail.com>
Date: Sat, 9 Sep 2017 14:10:26 -0500
Subject: Implemented buttons in context menu, improved options screen, added
 window to the list of nontrivial objects

---
 html/display_panel/content/main_panel.js      | 11 +++--
 html/preferences_panel/pref.js                | 24 ++++++++-
 html/preferences_panel/preferences_panel.html |  6 ++-
 main_background.js                            | 70 ++++++++++++++++++++++++---
 4 files changed, 95 insertions(+), 16 deletions(-)

diff --git a/html/display_panel/content/main_panel.js b/html/display_panel/content/main_panel.js
index 9752e10..fddc3a6 100644
--- a/html/display_panel/content/main_panel.js
+++ b/html/display_panel/content/main_panel.js
@@ -70,7 +70,7 @@ function write_elements(data,name,color){
 	} else{
 		heading.innerHTML = "<h2 class='blocked-js'>List of <div style='display:inline; color:"+color+";'>" + name.toUpperCase() + "</div> javascript in " + data["url"]+":</h2>";
 	}
-	// Iterate over data[name] and generate bulleted list
+	// Iterate over data[name] and generate list
 	for(var i = 0; i < data[name].length; i++){
 		list.innerHTML += "<li><b>"+data[name][i][0]+ ":</b><br>" + data[name][i][1]+"\n"+button_html+"<br><br>\n"+button_html_2+"<br><br>\n"+button_html_3+"</li>";
 		document.getElementById("temp").id = name+"_"+i;
@@ -154,9 +154,9 @@ function generate_HTML(blocked_data){
 	// This should send a message to invoke the content finder
 	var button_complain = '<a id="complain-contact" class="button white" href="#">Complain to site owner</a>';
 	// This should update the persistent options
-    var button_allow_all = '<a id="allow-button" class="button white" href="#">Allow all scripts in this page</a>';
+    var button_allow_all = '<a id="allow-button" class="button white" href="#">'+"Add page's domain to whitelist"+'</a>';
 	// This will call "Forget preferences" on every script.
-    var button_block_nonfree = '<a id="disallow-button" class="button white" href="#">Block all nonfree/nontrivial scripts from this page</a>';
+    var button_block_nonfree = '<a id="disallow-button" class="button white" href="#">'+"Remove page's domain from whitelist"+'</a>';
 	// This should send a message that calls "open_popup_tab()" in the background script
     var button_new_tab = '<a id="open-in-tab" class="button white" href="#">Open this report in a new tab</a>';
 
@@ -175,10 +175,11 @@ function generate_HTML(blocked_data){
 	if( blocked_data["blacklisted"].length != 0 || blocked_data["blocked"].length != 0 ||
 	blocked_data["whitelisted"].length != 0 || blocked_data["accepted"].length != 0){
 		write_button(button_allow_all,function(){
-			console.log("button_allow_all");
+			myPort.postMessage({"allow_all": blocked_data});
 		});
 		write_button(button_block_nonfree,function(){
-			console.log("button_block_nonfree");
+			myPort.postMessage({"block_all": blocked_data});
+
 		});
 		write_button(button_complain,function(){			
 			myPort.postMessage({"invoke_contact_finder": blocked_data});
diff --git a/html/preferences_panel/pref.js b/html/preferences_panel/pref.js
index aa88f5d..223165f 100644
--- a/html/preferences_panel/pref.js
+++ b/html/preferences_panel/pref.js
@@ -20,16 +20,31 @@ set_webex();
 
 function storage_got(items){
 	var inputs = document.getElementsByTagName("input");
+
+	if(items["pref_whitelist"] == "undefined"){
+			items["pref_whitelist"] = "";
+	}
+
+	if(items["pref_subject"] == "undefined" || items["pref_subject"] == ""){
+			items["pref_subject"] = "Issues with Javascript on your website";
+	}
+
+	if(items["pref_body"] == "undefined" || items["pref_body"] == ""){
+			items["pref_body"] = "Please consider using a free license for the Javascript on your website. [Message generated by LibreJS. See https://www.gnu.org/software/librejs/ for more information]";
+	}
+
 	for(var i = 0; i < inputs.length; i++){
 		if(inputs[i].id.indexOf("pref_") != -1){
 			if(inputs[i].type == "checkbox" && items[inputs[i].id]){
 				inputs[i].checked = true;
 			}
-			if(inputs[i].type == "text"){
+			if(inputs[i].type == "text" && items[inputs[i].id] != undefined){
 				inputs[i].value = items[inputs[i].id];
 			} 
 		}
 	}
+
+
 }
 webex.storage.local.get(storage_got);
 
@@ -43,13 +58,18 @@ document.getElementById("save_changes").addEventListener("click", function(){
 			if(inputs[i].type == "checkbox"){
 				input_val = inputs[i].checked;
 			} else{
-				input_val = inputs[i].value;
+				if(inputs[i.value] != "undefined"){
+					input_val = inputs[i].value;
+				} else{
+					input_val = "";
+				}
 			}
 			var input_id = inputs[i].id;
 			data[input_id] = input_val;
 		}
 	}
 	console.log(data);
+
 	webex.storage.local.set(data);
 });
 
diff --git a/html/preferences_panel/preferences_panel.html b/html/preferences_panel/preferences_panel.html
index 5c5a217..2d01f94 100644
--- a/html/preferences_panel/preferences_panel.html
+++ b/html/preferences_panel/preferences_panel.html
@@ -34,9 +34,11 @@
 
 	<table>
 		<tr>
-		    <td><p>Whitelist domains, seperated by comma (wildcard is *)</p></td>
+		    <td><p>Allow all scripts from pages with this text <br> in their URL. (Comma seperated, wildcard is *)</p></td>
 			<td><input id="pref_whitelist" type="text"></input></td>
 		</tr>
+		<!--
+
 		<tr>
 		    <td><p>Display complaint tab on sites where nonfree nontrivial Javascript detected</p></td>
 			<td><input id="pref_complaint_tab" type="checkbox"></input></td>
@@ -45,6 +47,8 @@
 		    <td><p>Display notifications of the JavaScript code being analyzed by LibreJS</p></td>
 			<td><input id="pref_notify_analyze" type="checkbox"></input></td>
 		</tr>
+
+		-->
 		<tr>
 		    <td><p>Default complaint email subject</p></td>
 			<td><input id="pref_subject" type="text"></input></td>
diff --git a/main_background.js b/main_background.js
index 8a0e6ff..cf9c790 100644
--- a/main_background.js
+++ b/main_background.js
@@ -179,8 +179,10 @@ var licenses = {
 	}
 }
 
-// Objects which could be used to do nontrivial things
+// Objects which could be used to do nontrivial things.
+// Scripts are not allowed to call any methods on these objects or access them in any way.
 var reserved_objects = [
+	"window",
 	"fetch",
 	"XMLHttpRequest",
 	"chrome", // only on chrome
@@ -313,7 +315,7 @@ function debug_print_local(){
 *
 *	NOTE: This WILL break if you provide inconsistent URLs to it.
 *	Make sure it will use the right URL when refering to a certain script.
-*
+* 
 */
 function update_popup(tab_id,blocked_info,update=false){
 	var new_blocked_data;
@@ -345,10 +347,10 @@ function update_popup(tab_id,blocked_info,update=false){
 			}
 
 			if(default_whitelist[src_hash] !== undefined){
-				console.log("Found script in default whitelist: "+default_whitelist[src_hash]);				
+				//console.log("Found script in default whitelist: "+default_whitelist[src_hash]);				
 				return "whitelist";
 			} else{
-				console.log("script " + script_name + " not in default whitelist.");
+				//console.log("script " + script_name + " not in default whitelist.");
 			}
 			return "none";
 		}
@@ -478,10 +480,10 @@ function add_popup_entry(tab_id,src_hash,blocked_info,update=false){
 				}
 
 				if(default_whitelist[src_hash] !== undefined){
-					console.log("Found script in default whitelist: "+default_whitelist[src_hash]);				
+					//console.log("Found script in default whitelist: "+default_whitelist[src_hash]);				
 					return "whitelist";
 				} else{
-					console.log("script " + script_name + " not in default whitelist.");
+					//console.log("script " + script_name + " not in default whitelist.");
 				}
 
 				return "none";
@@ -626,7 +628,16 @@ function connected(p) {
 		if(m["deletelocalstorage"] !== undefined){
 			debug_delete_local();
 		}
-
+		// Add this domain to the whitelist
+		if(m["allow_all"] !== undefined){
+			var domain = get_domain(m["allow_all"]["url"]);
+			add_csv_whitelist(domain);
+		}
+		// Remote this domain from the whitelist
+		if(m["block_all"] !== undefined){
+			var domain = get_domain(m["block_all"]["url"]);
+			remove_csv_whitelist(domain);
+		}
 		function logTabs(tabs) {
 			if(contact_finder){
 				console.log("[TABID:"+tab_id+"] Injecting contact finder");
@@ -1058,7 +1069,7 @@ function test_url_whitelisted(url){
 	return new Promise((resolve, reject) => {
 		function cb(items){
 			var wl = items["pref_whitelist"];
-			if(wl !== undefined){
+			if(wl !== undefined && wl !== ""){
 				wl = wl.split(",");
 			} else{
 				resolve(false);
@@ -1093,6 +1104,49 @@ function inject_contact_finder(tab_id){
 	}
 	var executing = webex.tabs.executeScript(tab_id, {file: "/contact_finder.js"}, executed);
 }
+/**
+*	Adds given domain to the whitelist in options
+*/
+function add_csv_whitelist(domain){
+	function storage_got(items){
+		if(items["pref_whitelist"] == ""){
+			items["pref_whitelist"] = domain + "*";
+		} else if(items["pref_whitelist"] == "undefined"){
+			items["pref_whitelist"] = domain + "*";		
+		} else{
+			items["pref_whitelist"] += "," + domain + "*";		
+		}
+		console.log("New CSV whitelist:");
+		console.log(items["pref_whitelist"]);
+		webex.storage.local.set({"pref_whitelist":items["pref_whitelist"]});
+	}
+	webex.storage.local.get(storage_got);	
+}
+
+/**
+*	removes given domain from the whitelist in options
+*/
+function remove_csv_whitelist(domain){
+	function storage_got(items){
+		if(items["pref_whitelist"] != ""){
+			domain = domain + "\\*";
+			domain.replace(/\./g,"\.");
+			// remove domain
+			console.log(new RegExp(domain,"g"));
+			items["pref_whitelist"] = items["pref_whitelist"].replace(new RegExp(domain,"g"),"")
+			// if an entry was deleted, it will leave an extra comma
+			items["pref_whitelist"] = items["pref_whitelist"].replace(/,+/g,",");
+			// remove trailing comma if the last one was deleted
+			if(items["pref_whitelist"].charAt(items["pref_whitelist"].length-1) == ","){
+				items["pref_whitelist"] = items["pref_whitelist"].substr(0,items["pref_whitelist"].length-2);
+			}
+		}
+		console.log("New CSV whitelist:");
+		console.log(items["pref_whitelist"]);
+		webex.storage.local.set({"pref_whitelist":items["pref_whitelist"]});
+	}
+	webex.storage.local.get(storage_got);	
+}
 
 init_addon();
 
-- 
cgit v1.2.3