[Pkg-mozext-commits] [greasemonkey] 14/21: Prevent content from detecting/interfering with menu commands.

David Prévot taffit at moszumanska.debian.org
Sun Sep 13 21:27:16 UTC 2015 

This is an automated email from the git hooks/post-receive script.

taffit pushed a commit to branch master
in repository greasemonkey.

commit 7683e430a58b67a368ff5c51747e6aa61d31f17c
Author: Anthony Lieuallen <arantius at gmail.com>
Date:   Wed Jul 15 16:32:17 2015 -0400

    Prevent content from detecting/interfering with menu commands.
    
    Prevent event propagation when appropriate.  Add a random suffix to the event names, so content cannot predict the event name, and thus cannot listen for it.
---
 modules/menucommand.js | 57 ++++++++++++++++++++++++++++++++++++--------------
 modules/sandbox.js     |  2 +-
 2 files changed, 42 insertions(+), 17 deletions(-)

diff --git a/modules/menucommand.js b/modules/menucommand.js
index d24f8ec..92a5406 100644
--- a/modules/menucommand.js
+++ b/modules/menucommand.js
@@ -1,4 +1,5 @@
 var EXPORTED_SYMBOLS = [
+    'MenuCommandEventNameSuffix',
     'MenuCommandListRequest', 'MenuCommandRespond',
     'MenuCommandRun', 'MenuCommandSandbox',
     ];
@@ -9,10 +10,25 @@ var Ci = Components.interfaces;
 var Cu = Components.utils;
 
 
+Components.utils.import('chrome://greasemonkey-modules/content/prefmanager.js');
+
+
+var MenuCommandEventNameSuffix = (function() {
+  var suffix = GM_prefRoot.getValue('menuCommanderEventNameSuffix');
+  if (!suffix) {
+    Cu.import("resource://services-crypto/utils.js");
+    suffix = CryptoUtils.sha1Base32(CryptoUtils.generateRandomBytes(128));
+    GM_prefRoot.setValue('menuCommanderEventNameSuffix', suffix);
+  }
+  return suffix;
+})();
+
+
 // Frame scope: Pass "list menu commands" message into sandbox as event.
 function MenuCommandListRequest(aContent, aMessage) {
   var e = new aContent.CustomEvent(
-      'greasemonkey-menu-command-list', {'detail': aMessage.data.cookie});
+      'greasemonkey-menu-command-list-' + MenuCommandEventNameSuffix,
+      {'detail': aMessage.data.cookie});
   aContent.dispatchEvent(e);
 }
 
@@ -32,7 +48,7 @@ function MenuCommandRespond(aCookie, aData) {
 // from the parent, pass it into the sandbox.
 function MenuCommandRun(aContent, aMessage) {
   var e = new aContent.CustomEvent(
-      'greasemonkey-menu-command-run',
+      'greasemonkey-menu-command-run-' + MenuCommandEventNameSuffix,
       {'detail': JSON.stringify(aMessage.data)});
   aContent.dispatchEvent(e);
 }
@@ -41,26 +57,35 @@ function MenuCommandRun(aContent, aMessage) {
 // This function is injected into the sandbox, in a private scope wrapper, BY
 // SOURCE.  Data and sensitive references are wrapped up inside its closure.
 function MenuCommandSandbox(
-    aScriptUuid, aScriptName, aCommandResponder, aInvalidAccesskeyErrorStr) {
+    aScriptUuid, aScriptName, aCommandResponder, aInvalidAccesskeyErrorStr,
+    aMenuCommandEventNameSuffix) {
   // 1) Internally to this function's private scope, maintain a set of
   // registered menu commands.
   var commands = {};
   var commandCookie = 0;
   // 2) Respond to requests to list those registered commands.
-  addEventListener('greasemonkey-menu-command-list', function(e) {
-    aCommandResponder(e.detail, commands);
-  }, true);
+  addEventListener(
+      'greasemonkey-menu-command-list-' + aMenuCommandEventNameSuffix,
+      function(e) {
+        e.stopPropagation();
+        aCommandResponder(e.detail, commands);
+      }, true);
   // 3) Respond to requests to run those registered commands.
-  addEventListener('greasemonkey-menu-command-run', function(e) {
-    var detail = JSON.parse(e.detail);
-    if (aScriptUuid != detail.scriptUuid) return;
-    var command = commands[detail.cookie];
-    if (!command) {
-      throw new Error('Could not run requested menu command!');
-    } else {
-      command.commandFunc.call();
-    }
-  }, true);
+  addEventListener(
+      'greasemonkey-menu-command-run-' + aMenuCommandEventNameSuffix,
+      function(e) {
+        e.stopPropagation();
+        var detail = JSON.parse(e.detail);
+        if (aScriptUuid != detail.scriptUuid) return;
+        // This event is for this script; stop propagating to other scripts.
+        e.stopImmediatePropagation();
+        var command = commands[detail.cookie];
+        if (!command) {
+          throw new Error('Could not run requested menu command!');
+        } else {
+          command.commandFunc.call();
+        }
+      }, true);
   // 4) Export the "register a command" API function to the sandbox scope.
   this.GM_registerMenuCommand = function(
       commandName, commandFunc, accessKey, unused, accessKey2) {
diff --git a/modules/sandbox.js b/modules/sandbox.js
index a6b8ac3..ebcd87f 100644
--- a/modules/sandbox.js
+++ b/modules/sandbox.js
@@ -75,7 +75,7 @@ function createSandbox(aScript, aContentWin, aUrl, aFrameScope) {
         'this._MenuCommandSandbox = ' + MenuCommandSandbox.toSource(), sandbox);
     sandbox._MenuCommandSandbox(
         aScript.uuid, aScript.name, MenuCommandRespond,
-        gInvalidAccesskeyErrorStr);
+        gInvalidAccesskeyErrorStr, MenuCommandEventNameSuffix);
     Components.utils.evalInSandbox(
         'delete this._MenuCommandSandbox;', sandbox);
   }

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-mozext/greasemonkey.git

More information about the Pkg-mozext-commits mailing list