mirror of
https://github.com/bitwarden/browser
synced 2025-12-16 16:23:44 +00:00
use disabled URIs service state as a preemptive conditon to injecting content scripts
This commit is contained in:
Jonathan Prusik
@@ -98,7 +98,11 @@ describe("AutofillService", () => {
|
|||||||
let messageListener: MockProxy<MessageListener>;
|
let messageListener: MockProxy<MessageListener>;
|
||||||
|
|
||||||
beforeEach(() => {
|
beforeEach(() => {
|
||||||
scriptInjectorService = new BrowserScriptInjectorService(platformUtilsService, logService);
|
scriptInjectorService = new BrowserScriptInjectorService(
|
||||||
|
domainSettingsService,
|
||||||
|
platformUtilsService,
|
||||||
|
logService,
|
||||||
|
);
|
||||||
inlineMenuVisibilityMock$ = new BehaviorSubject(AutofillOverlayVisibility.OnFieldFocus);
|
inlineMenuVisibilityMock$ = new BehaviorSubject(AutofillOverlayVisibility.OnFieldFocus);
|
||||||
showInlineMenuCardsMock$ = new BehaviorSubject(false);
|
showInlineMenuCardsMock$ = new BehaviorSubject(false);
|
||||||
showInlineMenuIdentitiesMock$ = new BehaviorSubject(false);
|
showInlineMenuIdentitiesMock$ = new BehaviorSubject(false);
|
||||||
|
|||||||
@@ -957,6 +957,7 @@ export default class MainBackground {
|
|||||||
this.totpService = new TotpService(this.cryptoFunctionService, this.logService);
|
this.totpService = new TotpService(this.cryptoFunctionService, this.logService);
|
||||||
|
|
||||||
this.scriptInjectorService = new BrowserScriptInjectorService(
|
this.scriptInjectorService = new BrowserScriptInjectorService(
|
||||||
|
this.domainSettingsService,
|
||||||
this.platformUtilsService,
|
this.platformUtilsService,
|
||||||
this.logService,
|
this.logService,
|
||||||
);
|
);
|
||||||
|
|||||||
@@ -1,5 +1,6 @@
|
|||||||
import { mock } from "jest-mock-extended";
|
import { mock } from "jest-mock-extended";
|
||||||
|
|
||||||
|
import { DomainSettingsService } from "@bitwarden/common/autofill/services/domain-settings.service";
|
||||||
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
|
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
|
||||||
import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
|
import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
|
||||||
|
|
||||||
@@ -25,11 +26,16 @@ describe("ScriptInjectorService", () => {
|
|||||||
let scriptInjectorService: BrowserScriptInjectorService;
|
let scriptInjectorService: BrowserScriptInjectorService;
|
||||||
jest.spyOn(BrowserApi, "executeScriptInTab").mockImplementation();
|
jest.spyOn(BrowserApi, "executeScriptInTab").mockImplementation();
|
||||||
jest.spyOn(BrowserApi, "isManifestVersion");
|
jest.spyOn(BrowserApi, "isManifestVersion");
|
||||||
|
const domainSettingsService = mock<DomainSettingsService>();
|
||||||
const platformUtilsService = mock<PlatformUtilsService>();
|
const platformUtilsService = mock<PlatformUtilsService>();
|
||||||
const logService = mock<LogService>();
|
const logService = mock<LogService>();
|
||||||
|
|
||||||
beforeEach(() => {
|
beforeEach(() => {
|
||||||
scriptInjectorService = new BrowserScriptInjectorService(platformUtilsService, logService);
|
scriptInjectorService = new BrowserScriptInjectorService(
|
||||||
|
domainSettingsService,
|
||||||
|
platformUtilsService,
|
||||||
|
logService,
|
||||||
|
);
|
||||||
});
|
});
|
||||||
|
|
||||||
describe("inject", () => {
|
describe("inject", () => {
|
||||||
|
|||||||
@@ -1,3 +1,7 @@
|
|||||||
|
import { Subject, takeUntil } from "rxjs";
|
||||||
|
|
||||||
|
import { DomainSettingsService } from "@bitwarden/common/autofill/services/domain-settings.service";
|
||||||
|
import { NeverDomains } from "@bitwarden/common/models/domain/domain-service";
|
||||||
// FIXME: Update this file to be type safe and remove this and next line
|
// FIXME: Update this file to be type safe and remove this and next line
|
||||||
// @ts-strict-ignore
|
// @ts-strict-ignore
|
||||||
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
|
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
|
||||||
@@ -12,11 +16,22 @@ import {
|
|||||||
} from "./abstractions/script-injector.service";
|
} from "./abstractions/script-injector.service";
|
||||||
|
|
||||||
export class BrowserScriptInjectorService extends ScriptInjectorService {
|
export class BrowserScriptInjectorService extends ScriptInjectorService {
|
||||||
|
disabledDomains: Set<string> = null;
|
||||||
|
|
||||||
|
private destroy$ = new Subject<void>();
|
||||||
|
|
||||||
constructor(
|
constructor(
|
||||||
|
private readonly domainSettingsService: DomainSettingsService,
|
||||||
private readonly platformUtilsService: PlatformUtilsService,
|
private readonly platformUtilsService: PlatformUtilsService,
|
||||||
private readonly logService: LogService,
|
private readonly logService: LogService,
|
||||||
) {
|
) {
|
||||||
super();
|
super();
|
||||||
|
|
||||||
|
this.domainSettingsService.disabledInteractionsUris$
|
||||||
|
.pipe(takeUntil(this.destroy$))
|
||||||
|
.subscribe(
|
||||||
|
(neverDomains: NeverDomains) => (this.disabledDomains = new Set(Object.keys(neverDomains))),
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -32,6 +47,15 @@ export class BrowserScriptInjectorService extends ScriptInjectorService {
|
|||||||
throw new Error("No file specified for script injection");
|
throw new Error("No file specified for script injection");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Check if the tab URI is on the disabled URIs list
|
||||||
|
const tab = await BrowserApi.getTab(tabId);
|
||||||
|
const tabURL = tab.url ? new URL(tab.url) : null;
|
||||||
|
const injectionAllowedInTab = !(tabURL && this.disabledDomains?.has(tabURL.hostname));
|
||||||
|
|
||||||
|
if (!injectionAllowedInTab) {
|
||||||
|
throw new Error("This URI of this tab is on the disabled domains list.");
|
||||||
|
}
|
||||||
|
|
||||||
const injectionDetails = this.buildInjectionDetails(injectDetails, file);
|
const injectionDetails = this.buildInjectionDetails(injectDetails, file);
|
||||||
|
|
||||||
if (BrowserApi.isManifestVersion(3)) {
|
if (BrowserApi.isManifestVersion(3)) {
|
||||||
|
|||||||
@@ -365,7 +365,7 @@ const safeProviders: SafeProvider[] = [
|
|||||||
safeProvider({
|
safeProvider({
|
||||||
provide: ScriptInjectorService,
|
provide: ScriptInjectorService,
|
||||||
useClass: BrowserScriptInjectorService,
|
useClass: BrowserScriptInjectorService,
|
||||||
deps: [PlatformUtilsService, LogService],
|
deps: [DomainSettingsService, PlatformUtilsService, LogService],
|
||||||
}),
|
}),
|
||||||
safeProvider({
|
safeProvider({
|
||||||
provide: VaultTimeoutService,
|
provide: VaultTimeoutService,
|
||||||
|
|||||||
@@ -4,6 +4,7 @@ import { firstValueFrom } from "rxjs";
|
|||||||
import { PolicyService } from "@bitwarden/common/admin-console/services/policy/policy.service";
|
import { PolicyService } from "@bitwarden/common/admin-console/services/policy/policy.service";
|
||||||
import { AuthenticationStatus } from "@bitwarden/common/auth/enums/authentication-status";
|
import { AuthenticationStatus } from "@bitwarden/common/auth/enums/authentication-status";
|
||||||
import { AuthService } from "@bitwarden/common/auth/services/auth.service";
|
import { AuthService } from "@bitwarden/common/auth/services/auth.service";
|
||||||
|
import { DomainSettingsService } from "@bitwarden/common/autofill/services/domain-settings.service";
|
||||||
import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service";
|
import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service";
|
||||||
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
|
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
|
||||||
import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
|
import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
|
||||||
@@ -35,6 +36,7 @@ jest.mock("rxjs", () => {
|
|||||||
describe("FilelessImporterBackground ", () => {
|
describe("FilelessImporterBackground ", () => {
|
||||||
let filelessImporterBackground: FilelessImporterBackground;
|
let filelessImporterBackground: FilelessImporterBackground;
|
||||||
const configService = mock<ConfigService>();
|
const configService = mock<ConfigService>();
|
||||||
|
const domainSettingsService = mock<DomainSettingsService>();
|
||||||
const authService = mock<AuthService>();
|
const authService = mock<AuthService>();
|
||||||
const policyService = mock<PolicyService>();
|
const policyService = mock<PolicyService>();
|
||||||
const notificationBackground = mock<NotificationBackground>();
|
const notificationBackground = mock<NotificationBackground>();
|
||||||
@@ -45,7 +47,11 @@ describe("FilelessImporterBackground ", () => {
|
|||||||
let scriptInjectorService: BrowserScriptInjectorService;
|
let scriptInjectorService: BrowserScriptInjectorService;
|
||||||
|
|
||||||
beforeEach(() => {
|
beforeEach(() => {
|
||||||
scriptInjectorService = new BrowserScriptInjectorService(platformUtilsService, logService);
|
scriptInjectorService = new BrowserScriptInjectorService(
|
||||||
|
domainSettingsService,
|
||||||
|
platformUtilsService,
|
||||||
|
logService,
|
||||||
|
);
|
||||||
filelessImporterBackground = new FilelessImporterBackground(
|
filelessImporterBackground = new FilelessImporterBackground(
|
||||||
configService,
|
configService,
|
||||||
authService,
|
authService,
|
||||||
|
|||||||
Reference in New Issue
Block a user