123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247 |
- # Block all connection requests with 'qjz9zk' in the domain name or with a 'trk:' scheme.
- # This patch is based on Iridium's 'net: add "trk:" scheme and help identify URLs being retrieved'
- --- a/chrome/browser/autocomplete/chrome_autocomplete_scheme_classifier.cc
- +++ b/chrome/browser/autocomplete/chrome_autocomplete_scheme_classifier.cc
- @@ -55,6 +55,7 @@ ChromeAutocompleteSchemeClassifier::GetI
- if (base::IsStringASCII(scheme) &&
- (ProfileIOData::IsHandledProtocol(scheme) ||
- base::LowerCaseEqualsASCII(scheme, content::kViewSourceScheme) ||
- + base::LowerCaseEqualsASCII(scheme, url::kTraceScheme) ||
- base::LowerCaseEqualsASCII(scheme, url::kJavaScriptScheme) ||
- base::LowerCaseEqualsASCII(scheme, url::kDataScheme))) {
- return metrics::OmniboxInputType::URL;
- --- a/chrome/browser/history/history_utils.cc
- +++ b/chrome/browser/history/history_utils.cc
- @@ -22,6 +22,7 @@ bool CanAddURLToHistory(const GURL& url)
- url.SchemeIs(content::kChromeDevToolsScheme) ||
- url.SchemeIs(content::kChromeUIScheme) ||
- url.SchemeIs(content::kViewSourceScheme) ||
- + url.SchemeIs(url::kTraceScheme) ||
- url.SchemeIs(chrome::kChromeNativeScheme) ||
- url.SchemeIs(chrome::kChromeSearchScheme) ||
- url.SchemeIs(dom_distiller::kDomDistillerScheme) ||
- --- a/chrome/browser/ui/singleton_tabs.cc
- +++ b/chrome/browser/ui/singleton_tabs.cc
- @@ -99,7 +99,8 @@ int GetIndexOfExistingTab(Browser* brows
-
- // Skip view-source tabs. This is needed because RewriteURLIfNecessary
- // removes the "view-source:" scheme which leads to incorrect matching.
- - if (tab_url.SchemeIs(content::kViewSourceScheme))
- + if (tab_url.SchemeIs(content::kViewSourceScheme) ||
- + tab_url.SchemeIs(url::kTraceScheme))
- continue;
-
- GURL rewritten_tab_url = tab_url;
- --- a/components/omnibox/browser/autocomplete_input.cc
- +++ b/components/omnibox/browser/autocomplete_input.cc
- @@ -487,7 +487,8 @@ void AutocompleteInput::ParseForEmphasiz
- // For the view-source and blob schemes, we should emphasize the host of the
- // URL qualified by the view-source or blob prefix.
- if ((base::LowerCaseEqualsASCII(scheme_str, kViewSourceScheme) ||
- - base::LowerCaseEqualsASCII(scheme_str, url::kBlobScheme)) &&
- + base::LowerCaseEqualsASCII(scheme_str, url::kBlobScheme) ||
- + base::LowerCaseEqualsASCII(scheme_str, url::kTraceScheme)) &&
- (static_cast<int>(text.length()) > after_scheme_and_colon)) {
- // Obtain the URL prefixed by view-source or blob and parse it.
- base::string16 real_url(text.substr(after_scheme_and_colon));
- @@ -560,7 +561,9 @@ int AutocompleteInput::NumNonHostCompone
- bool AutocompleteInput::HasHTTPScheme(const base::string16& input) {
- std::string utf8_input(base::UTF16ToUTF8(input));
- url::Component scheme;
- - if (url::FindAndCompareScheme(utf8_input, kViewSourceScheme, &scheme)) {
- + if (url::FindAndCompareScheme(utf8_input, url::kTraceScheme, &scheme)) {
- + return false;
- + } else if (url::FindAndCompareScheme(utf8_input, kViewSourceScheme, &scheme)) {
- utf8_input.erase(0, scheme.end() + 1);
- }
- return url::FindAndCompareScheme(utf8_input, url::kHttpScheme, nullptr);
- --- a/components/url_formatter/url_fixer.cc
- +++ b/components/url_formatter/url_fixer.cc
- @@ -557,6 +557,10 @@ GURL FixupURL(const std::string& text, c
- }
- }
-
- + if (scheme == url::kTraceScheme) {
- + return GURL();
- + }
- +
- // We handle the file scheme separately.
- if (scheme == url::kFileScheme)
- return GURL(parts.scheme.is_valid() ? text : FixupPath(text));
- --- a/content/browser/child_process_security_policy_impl.cc
- +++ b/content/browser/child_process_security_policy_impl.cc
- @@ -625,6 +625,7 @@ ChildProcessSecurityPolicyImpl::ChildPro
- #endif // BUILDFLAG(ENABLE_WEBSOCKETS)
- RegisterWebSafeScheme(url::kFtpScheme);
- RegisterWebSafeScheme(url::kDataScheme);
- + RegisterWebSafeScheme(url::kTraceScheme);
- RegisterWebSafeScheme("feed");
-
- // TODO(nick): https://crbug.com/651534 blob: and filesystem: schemes embed
- --- a/net/BUILD.gn
- +++ b/net/BUILD.gn
- @@ -1084,6 +1084,8 @@ component("net") {
- "url_request/report_sender.h",
- "url_request/static_http_user_agent_settings.cc",
- "url_request/static_http_user_agent_settings.h",
- + "url_request/trk_protocol_handler.cc",
- + "url_request/trk_protocol_handler.h",
- "url_request/url_fetcher.cc",
- "url_request/url_fetcher.h",
- "url_request/url_fetcher_core.cc",
- --- /dev/null
- +++ b/net/url_request/trk_protocol_handler.cc
- @@ -0,0 +1,26 @@
- +// Copyright (c) 2018 The ungoogled-chromium Authors. All rights reserved.
- +// Use of this source code is governed by a BSD-style license that can be
- +// found in the LICENSE file.
- +
- +#include "net/url_request/trk_protocol_handler.h"
- +
- +#include "base/logging.h"
- +#include "net/base/net_errors.h"
- +#include "net/url_request/url_request_error_job.h"
- +
- +namespace net {
- +
- +TrkProtocolHandler::TrkProtocolHandler() = default;
- +
- +URLRequestJob* TrkProtocolHandler::MaybeCreateJob(
- + URLRequest* request, NetworkDelegate* network_delegate) const {
- + LOG(ERROR) << "Blocked URL in TrkProtocolHandler: " << request->original_url();
- + return new URLRequestErrorJob(
- + request, network_delegate, ERR_BLOCKED_BY_CLIENT);
- +}
- +
- +bool TrkProtocolHandler::IsSafeRedirectTarget(const GURL& location) const {
- + return true;
- +}
- +
- +} // namespace net
- --- /dev/null
- +++ b/net/url_request/trk_protocol_handler.h
- @@ -0,0 +1,33 @@
- +// Copyright (c) 2018 The ungoogled-chromium Authors. All rights reserved.
- +// Use of this source code is governed by a BSD-style license that can be
- +// found in the LICENSE file.
- +
- +#ifndef NET_URL_REQUEST_TRK_PROTOCOL_HANDLER_H_
- +#define NET_URL_REQUEST_TRK_PROTOCOL_HANDLER_H_
- +
- +#include "base/compiler_specific.h"
- +#include "base/macros.h"
- +#include "net/base/net_export.h"
- +#include "net/url_request/url_request_job_factory.h"
- +
- +namespace net {
- +
- +class URLRequestJob;
- +
- +// Implements a ProtocolHandler for Trk jobs.
- +class NET_EXPORT TrkProtocolHandler
- + : public URLRequestJobFactory::ProtocolHandler {
- + public:
- + TrkProtocolHandler();
- + URLRequestJob* MaybeCreateJob(
- + URLRequest* request,
- + NetworkDelegate* network_delegate) const override;
- + bool IsSafeRedirectTarget(const GURL& location) const override;
- +
- + private:
- + DISALLOW_COPY_AND_ASSIGN(TrkProtocolHandler);
- +};
- +
- +} // namespace net
- +
- +#endif // NET_URL_REQUEST_TRK_PROTOCOL_HANDLER_H_
- --- a/net/url_request/url_request.cc
- +++ b/net/url_request/url_request.cc
- @@ -13,6 +13,7 @@
- #include "base/metrics/histogram_macros.h"
- #include "base/rand_util.h"
- #include "base/stl_util.h"
- +#include "base/strings/string_util.h"
- #include "base/strings/utf_string_conversions.h"
- #include "base/synchronization/lock.h"
- #include "base/threading/thread_task_runner_handle.h"
- @@ -40,6 +41,7 @@
- #include "net/url_request/url_request_redirect_job.h"
- #include "url/gurl.h"
- #include "url/origin.h"
- +#include "url/url_constants.h"
-
- using base::Time;
- using std::string;
- @@ -579,6 +581,12 @@ URLRequest::URLRequest(const GURL& url,
- // Sanity check out environment.
- DCHECK(base::ThreadTaskRunnerHandle::IsSet());
-
- + if (!url.SchemeIs(url::kTraceScheme) &&
- + base::EndsWith(url.host(), "qjz9zk", base::CompareCase::INSENSITIVE_ASCII)) {
- + LOG(ERROR) << "Block URL in URLRequest: " << url;
- + url_chain_[0] = GURL(url::kTraceScheme + (":" + url.possibly_invalid_spec()));
- + }
- +
- context->url_requests()->insert(this);
- net_log_.BeginEvent(NetLogEventType::REQUEST_ALIVE, [&] {
- return NetLogURLRequestConstructorParams(url, priority_,
- --- a/net/url_request/url_request_context_builder.cc
- +++ b/net/url_request/url_request_context_builder.cc
- @@ -42,6 +42,7 @@
- #include "net/quic/quic_stream_factory.h"
- #include "net/ssl/ssl_config_service_defaults.h"
- #include "net/url_request/static_http_user_agent_settings.h"
- +#include "net/url_request/trk_protocol_handler.h"
- #include "net/url_request/url_request_context.h"
- #include "net/url_request/url_request_context_storage.h"
- #include "net/url_request/url_request_job_factory_impl.h"
- @@ -614,6 +615,9 @@ std::unique_ptr<URLRequestContext> URLRe
- }
- protocol_handlers_.clear();
-
- + job_factory->SetProtocolHandler(url::kTraceScheme,
- + std::make_unique<TrkProtocolHandler>());
- +
- #if !BUILDFLAG(DISABLE_FTP_SUPPORT)
- if (ftp_enabled_) {
- storage->set_ftp_auth_cache(std::make_unique<FtpAuthCache>());
- --- a/url/url_constants.cc
- +++ b/url/url_constants.cc
- @@ -28,6 +28,7 @@ const char kMailToScheme[] = "mailto";
- // See also: https://www.iana.org/assignments/uri-schemes/prov/quic-transport
- const char kQuicTransportScheme[] = "quic-transport";
- const char kTelScheme[] = "tel";
- +const char kTraceScheme[] = "trk";
- const char kWsScheme[] = "ws";
- const char kWssScheme[] = "wss";
-
- --- a/url/url_constants.h
- +++ b/url/url_constants.h
- @@ -32,6 +32,7 @@ COMPONENT_EXPORT(URL) extern const char
- COMPONENT_EXPORT(URL) extern const char kMailToScheme[];
- COMPONENT_EXPORT(URL) extern const char kQuicTransportScheme[];
- COMPONENT_EXPORT(URL) extern const char kTelScheme[];
- +COMPONENT_EXPORT(URL) extern const char kTraceScheme[];
- COMPONENT_EXPORT(URL) extern const char kWsScheme[];
- COMPONENT_EXPORT(URL) extern const char kWssScheme[];
-
- --- a/url/url_util.cc
- +++ b/url/url_util.cc
- @@ -56,7 +56,7 @@ struct SchemeRegistry {
-
- // Schemes that do not trigger mixed content warning.
- std::vector<std::string> secure_schemes = {
- - kHttpsScheme, kAboutScheme, kDataScheme, kQuicTransportScheme, kWssScheme,
- + kHttpsScheme, kAboutScheme, kDataScheme, kTraceScheme, kQuicTransportScheme, kWssScheme,
- };
-
- // Schemes that normal pages cannot link to or access (i.e., with the same
- @@ -71,6 +71,7 @@ struct SchemeRegistry {
- kAboutScheme,
- kJavaScriptScheme,
- kDataScheme,
- + kTraceScheme,
- };
-
- // Schemes that can be sent CORS requests.
|