Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Integration of Formlock's functionality #94

Open
wants to merge 30 commits into
base: master
Choose a base branch
from

Conversation

Psychic-Duck
Copy link

Adds the capabilities of Formlock (https://github.com/ostarov/Formlock). I shall provide fixes like compatibility with Firefox and update of levels in the follow-up commits.

Copy link
Owner

@polcak polcak left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is a588f8b the exact copy of the original? If so, please, mention that in the commit message.

It seams to me that 00e65a4 and 782ff96 can be squashed together (see git interactive rebase and squash).

if a588f8b is not the exact copy of the original project then, all three commits should be squashed together.

AFAIU this code is not ready to be merged and this pull request seeks comments?

@@ -0,0 +1,177 @@
/*
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • Most of the functionality seems to be generic, is it really Chrome-specific?
  • The file needs a license, have you been able to learn more than:

sure, Formlock is open source - https://github.com/ostarov/Formlock>

Please cite our work properly of course

  • We need to distinguish between yours code and the original

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've made it like this for the time being, because I had some problems while running it on FIrefox
Yes, the author wrote that I could use it as long as I marked his code and mentioned his name and link to original repo in the comments

chrome/manifest.json Outdated Show resolved Hide resolved
@@ -0,0 +1,63 @@
/*
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • Most of the functionality seems to be generic, is it really Chrome-specific?
  • The file needs a license, have you been able to learn more than:

sure, Formlock is open source - https://github.com/ostarov/Formlock>

Please cite our work properly of course

  • We need to distinguish between yours code and the original

chrome/mouse_track.js Outdated Show resolved Hide resolved
common/utils.js Outdated Show resolved Hide resolved
chrome/formlock.js Outdated Show resolved Hide resolved
chrome/formlock.js Outdated Show resolved Hide resolved
chrome/formlock.js Outdated Show resolved Hide resolved
@polcak polcak force-pushed the master branch 3 times, most recently from 70c6f80 to dfdd92d Compare March 5, 2021 12:56
@Psychic-Duck
Copy link
Author

I shall look into the squashing tomorrow.

I have probably misunderstood the point about frequent merging and such. In the future I will create PRs when I have more things done.

@@ -6,6 +6,9 @@
* **webRequest, webRequestBlocking, and all_urls --** *needed for modyfing JavaScript objects and APIs on all pages and also used for capturing and blocking malicious HTTP requests*
* **dns --** *used for resoluting DNS queries in Firefox version of HTTP request shield*
* **notifications--** *used for notifying user on blocked HTTP requests/hosts*
* **contextMenus --** *used for creation of a context menu allowing the user to lock/unlock a certain form*
* **browsingData --** *used for removal of data stored during the lock of a form*
* **webNavigation --** *used for adding a listener so that form locking code can be injected in a certain manner*
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"in a certain manner" -> allows form locking code to inject code ...

@Psychic-Duck
Copy link
Author

While working on the Firefox update I found out that Firefox doesn't support removing localStorage data with the since option different than 0. If I understood the documentation correctly then that means all localStorage since "forever" would be removed. That sounds like quite a drastic move to make, but it's also crucial to get rid of the stored data. Should I keep it like this and add some text into a notification informing the user that all local data will be deleted upon unlock?

@polcak
Copy link
Owner

polcak commented Mar 15, 2021

I think that there are several options:

  1. As you said, delete everything,
  2. keep what is stored before locking (original state), delete everything, and restore the original state,
  3. somehow show the user what is stored/changed/... and let the user decide (this does not look practical).

You can iterate through the storage with the code:

for (s of [localStorage, sessionStorage]) {
	for (i = 0; i < s.length; i++) {
  	console.log(s.getItem(s.key(i)));
	}
}

Of course, similar needs to be addressed with Indexed DB.

By the way what happens in Chromium browsers if say key X is set originally to Y but changed to Z during locking. Does the original FormLock reload Y or removes X entirely?

@Psychic-Duck
Copy link
Author

I see, keeping the original state would probably be best for the user.

Thank you for bringing the second issue to my attention. I found out that the original key is removed entirely, therefore I shall look into restoration of the original values (same with cookies).

@Psychic-Duck
Copy link
Author

I've added restoration of the indexed database, storages and cookies. Sadly, I didn't find any way to get database names in Firefox, so there the backup is currently impossible.

@Psychic-Duck
Copy link
Author

I've squashed a bugfix and saving of store indexes into the data restoration commit. I will also look into improving the reactions to level changes because it currently doesn't account for inserted pages inside the main page. I'll also do some small tweaks like changing the form highlighting to nofitication and changing the way forms are detected as potentially unsafe because otherwise the notification would pop up on almost every page with search bars.

@Psychic-Duck
Copy link
Author

Psychic-Duck commented Apr 11, 2021

I've been thinking about form detection because with the current detection even forms that have only buttons etc. are detected. Should I code a check that would recursively go through input types of forms and mark as safe forms with input of no informative value (buttons, radio, checkbox) or is that too overkill and would be counterproductive?

Integration of code from the Formlock extension (https://github.com/ostarov/Formlock).
Added comments, copyrights and minor changes like using browser instead of chrome
Differences from the Chrome version include:
	-Functions returning promises are handled with .then()
	-Alerts were replaced with notifications (Should probably be added into Chrome version as well)
	-clear_new_data() has changed properties in accordance with Mozilla documentation
Chrome version includes restoration of indexed databases, but Firefox doesn't due to Firefox's
absence of .databases() method.
Context menu is not available on level 0 and no code is injected.
If someone changes level to 0 during lock and then refreshes the page then the lock is released
and url blocking doesn't continue
Also fixed accidental chrome extension check in Firefox version
The storage change listener in mouse_track.js was removed because the feature
wasn't really useful and produced too many informations for the user to care
about.
This commit fixes a bug when forms would be highlighted even on pages with
JSR level 0. This was due to the fact that each url was checked instead
of only checking the tabs main url.
Notification about suspicious forms is created when the user first opens
the page and when they switch to it from other tab
This fixes a small bug when going to other page with unsafe forms
wouldn't trigger a notification because it happened on the same tab
Both files formlock.js now check for existence of formlock attribute in the level retrieved by getCurrentLevelJSON.
Also a check was addded in options.js to enable formlock in custom levels
Added a recursive function which throws an exception if an element
or it's children are inputs with unsafe types. Safe types are:
	- button, reset, submit because they don't contain any real value
	- color because it's value would hardly be useful during a leak
	- hidden because the type itself is not dangerous, only
	  when combined with other unsafe types
Now only tabs that originated from the locked tab during lock are closed.
On Chromium this includes tabs that were opened by user who had focus
on the locked tab
User is now notified about form safety only only when they trigger the
focusin event.
Formlock now no longer contains a context menu. Unsafe forms are locked
on focusIn event and are unlocked either on refresh of the tab or when
the tab navigates to the form's landing page
Also improvements were added to form locking, mainly changing the
way URLs were built which means mainly getting rid of using
get_root_domain etc. and using functions already defined in JSR
If a form was locked and then another suspicious one was focused then
Formlock changes the locked domains but keeps the first data backup.
Also added small bugfixes to form unlock.
Added a variable to prevent multiple unlocks of forms and moved database
restoration before page refresh to prevent blocking problems
Added unlock without refresh to deal with pages that autofocus on
GET search form. Small fixes to domain checking in lock_form. Re-added
context menu so that users could lock even safe forms to combat ad
scripts on the same page
Removed the options limiting data removal only to locked websites
because external scripts can create storages and cookies
with different origin therefore everything should be cleared.
@boehs
Copy link

boehs commented Oct 7, 2021

Is this done? (After conflict resolution)

@polcak
Copy link
Owner

polcak commented Oct 8, 2021

This is a proof of concept code. The downside is that more permissions are needed which may be scary to users. Additionally, the functionality is not perfect in any browser. So currently, there are not plans to merge the code but this decision may be revisited in the future. Also if the community is interested in the functionality even if it is not perfect, I'm willing to listen.

@polcak
Copy link
Owner

polcak commented May 13, 2022

I added an issue regarding the future of this code https://pagure.io/JShelter/webextension/issue/74 and some motivation behind adding such features.

polcak added a commit that referenced this pull request Sep 4, 2023
They are not justified in popup. Mainly paragraphs holding list of long
API names like Locally generated audio look ugly.

Also mentioned in Pagure issue #94
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants