From d6d9e376c9be9da7826b131e1ae0ce35b233281d Mon Sep 17 00:00:00 2001 From: Ruben Rodriguez Date: Wed, 31 Oct 2018 13:53:54 -0400 Subject: Reimplement intrinsic event iteration. The new code processes any attribute that starts with "on", or href attributes that start with "javascript:" and parses them assigning them a unique url, so that all of them are independently addressable by the panel and by white/blacklisting. This fixes the fact that the previous code would only parse some types of attributes using a list of names, would only parse the first matching attribute in an element, and would only list one intrinsic event per page in the panel. It also fixes the content of the attribute being mangled to the first character of the original code. --- main_background.js | 46 ++++++++++++---------------------------------- 1 file changed, 12 insertions(+), 34 deletions(-) diff --git a/main_background.js b/main_background.js index 5c2e8df..14d2668 100644 --- a/main_background.js +++ b/main_background.js @@ -61,29 +61,6 @@ function hash(source){ return shaObj.getHash("HEX"); } - -// the list of all available event attributes -var intrinsic_events = [ - "onload", - "onunload", - "onclick", - "ondblclick", - "onmousedown", - "onmouseup", - "onmouseovr", - "onmousemove", - "onmouseout", - "onfocus", - "onblur", - "onkeypress", - "onkeydown", - "onkeyup", - "onsubmit", - "onreset", - "onselect", - "onchange" -]; - /* NONTRIVIAL THINGS: - Fetch @@ -1056,20 +1033,21 @@ async function editHtml(html, documentUrl, tabId, frameId, whitelisted){ let modified = false; // Deal with intrinsic events + let intrinsecindex = 0; for (let element of html_doc.all) { - let attributes = element.attributes; - for (let event of intrinsic_events) { - if (event in attributes) { - let attr = attributes[event]; + for (let attr of element.attributes){ + if (attr.name.startsWith("on") || (attr.name === "href" && attr.value.startsWith("javascript:"))){ + intrinsecindex++; try { - let edited = await get_script(attr.value, `Intrinsic event [${event}]`); - if (edited) { - let value = edited[0]; - if (value !== attr.value) { - modified = true; - attr.value = value; + let url = `${documentUrl}# Intrinsic event ${intrinsecindex} [${attr.name}]`; + let edited = await get_script(attr.value, url, tabId, whitelist.contains(url)); + if (edited) { + let value = edited; + if (value !== attr.value) { + modified = true; + attr.value = value; + } } - } } catch (e) { console.error(e); } -- cgit v1.2.3