techpub
diff --git a/‎chromium/manifest.json‎
Lines changed: 1 addition & 1 deletion b/‎chromium/manifest.json‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎chromium/rules.js‎
Lines changed: 0 additions & 9 deletions b/‎chromium/rules.js‎
Lines changed: 0 additions & 9 deletions
diff --git a/‎https-everywhere-tests/test_profile_skeleton/prefs.js‎
Lines changed: 1 addition & 0 deletions b/‎https-everywhere-tests/test_profile_skeleton/prefs.js‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎makexpi.sh‎
Lines changed: 17 additions & 0 deletions b/‎makexpi.sh‎
Lines changed: 17 additions & 0 deletions
diff --git a/‎src/Changelog‎
Lines changed: 0 additions & 1 deletion b/‎src/Changelog‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎src/chrome.manifest‎
Lines changed: 9 additions & 5 deletions b/‎src/chrome.manifest‎
Lines changed: 9 additions & 5 deletions
diff --git a/‎src/chrome/content/code/AndroidUI.jsm‎
Lines changed: 226 additions & 0 deletions b/‎src/chrome/content/code/AndroidUI.jsm‎
Lines changed: 226 additions & 0 deletions
diff --git a/‎src/chrome/content/code/ChannelReplacement.js‎
Lines changed: 2 additions & 13 deletions b/‎src/chrome/content/code/ChannelReplacement.js‎
Lines changed: 2 additions & 13 deletions
@@ -38,5 +38,5 @@
         "<all_urls>"
     ], 
     "update_url": "https://www.eff.org/files/https-everywhere-chrome-updates.xml", 
-    "version": "2014.4.16"
+    "version": "2014.11.25"
 }
@@ -249,11 +249,6 @@ RuleSets.prototype = {
     // Check to see if the Cookie object c meets any of our cookierule citeria
     // for being marked as secure.  knownHttps is true if the context for this
     // cookie being set is known to be https.
-    //log(DBUG, "Testing cookie:");
-    //log(DBUG, "  name: " + cookie.name);
-    //log(DBUG, "  host: " + cookie.host);
-    //log(DBUG, "  domain: " + cookie.domain);
-    //log(DBUG, "  rawhost: " + cookie.rawHost);
     var hostname = cookie.domain;
     // cookie domain scopes can start with .
     while (hostname.charAt(0) == ".")
@@ -272,10 +267,6 @@ RuleSets.prototype = {
           if (cr.host_c.test(cookie.domain) && cr.name_c.test(cookie.name)) {
             return ruleset;
           }
-          //log(WARN, "no match domain " + cr.host_c.test(cookie.domain) +
-          //          " name " + cr.name_c.test(cookie.name));
-          //log(WARN, "with " + cookie.domain + " " + cookie.name);
-          //log(WARN, "and " + cr.host + " " + cr.name);
         }
       }
     }
 
@@ -5,6 +5,7 @@ user_pref("extensions.https_everywhere._observatory.popup_shown", true);
 user_pref("extensions.https_everywhere.toolbar_hint_shown", true);
 // Show all logs.
 user_pref("extensions.https_everywhere.LogLevel", 0);
+user_pref("extensions.https_everywhere.log_to_stdout", true);
 // Allow running of Mixed Content Blocking tests.
 user_pref("extensions.https_everywhere.show_ruleset_tests", true);
 // Make it quicker to make manual config changes.
 
@@ -17,6 +17,7 @@ APP_NAME=https-everywhere
 
 cd "`dirname $0`"
 RULESETS_SQLITE="$PWD/src/defaults/rulesets.sqlite"
+ANDROID_APP_ID=org.mozilla.firefox
 
 [ -d pkg ] || mkdir pkg
 
@@ -153,6 +154,7 @@ fi
 
 cd src
 
+
 # Build the XPI!
 rm -f "../$XPI_NAME"
 #zip -q -X -9r "../$XPI_NAME" . "-x@../.build_exclusions"
@@ -167,6 +169,21 @@ else
   echo >&2 "Total included rules: `sqlite3 $RULESETS_SQLITE 'select count(*) from rulesets'`"
   echo >&2 "Rules disabled by default: `find chrome/content/rules -name "*.xml" | xargs grep -F default_off | wc -l`"
   echo >&2 "Created $XPI_NAME"
+
+  # Push to Android Firefox if device is connected
+  # XXX on some systems, adb may require sudo...
+  if type adb > /dev/null && adb devices > /dev/null 2>/dev/null ; then
+    ADB_FOUND=`adb devices | tail -2 | head -1 | cut -f 1 | sed 's/ *$//g'`
+    if [ "$ADB_FOUND" != "List of devices attached" ]; then
+      echo Pushing "$XPI_NAME" to /sdcard/"$XPI_NAME"
+      adb push "../$XPI_NAME" /sdcard/"$XPI_NAME"
+      adb shell am start -a android.intent.action.VIEW \
+                         -c android.intent.category.DEFAULT \
+                         -d file:///mnt/sdcard/"$XPI_NAME" \
+                         -n $ANDROID_APP_ID/.App
+    fi
+  fi
+
   if [ -n "$BRANCH" ]; then
     cd ../..
     cp $SUBDIR/$XPI_NAME pkg
 
@@ -16,7 +16,6 @@
   Institute of GB, Wall Street Journal
 
 4.0.1										(2014-09-11)
-
   * Significant new coverage: Reddit, Quora
   * Fixes include:
     Frontier Networks, Hotmail / Live, Microsoft, Mozilla, Ohio State, Rackspace, SJ.se, Timbo.se
 
@@ -42,11 +42,15 @@ contract @eff.org/https-everywhere;1 {32c165b4-fe5e-4964-9250-603c410631b4}
 
 category profile-after-change HTTPSEverywhere @eff.org/https-everywhere;1
 
-overlay chrome://browser/content/browser.xul chrome://https-everywhere/content/toolbar_button.xul
-overlay chrome://navigator/content/navigator.xul chrome://https-everywhere/content/toolbar_button.xul
+# XUL gets included in every non-mobile build
+# Android has some non-XUL UI that is loaded from the
+# sessionstore-windows-restored observer in https-everywhere.js
+overlay chrome://browser/content/browser.xul chrome://https-everywhere/content/toolbar_button.xul application={ec8030f7-c20a-464f-9b0e-13a3a9e97384} application={92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a} application={3550f703-e582-4d05-9a08-453d09bdfdc6} application={a79fe89b-6662-4ff4-8e88-09950ad4dfde}
+overlay chrome://navigator/content/navigator.xul chrome://https-everywhere/content/toolbar_button.xul application={ec8030f7-c20a-464f-9b0e-13a3a9e97384} application={92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a} application={3550f703-e582-4d05-9a08-453d09bdfdc6} application={a79fe89b-6662-4ff4-8e88-09950ad4dfde}
 
 style chrome://global/content/customizeToolbar.xul chrome://https-everywhere/skin/https-everywhere.css
-component {0f9ab521-986d-4ad8-9c1f-6934e195c15c} components/ssl-observatory.js
-contract @eff.org/ssl-observatory;1 {0f9ab521-986d-4ad8-9c1f-6934e195c15c}
 
-category profile-after-change SSLObservatory @eff.org/ssl-observatory;1
+# Observatory does not yet have mobile-friendly UI
+component {0f9ab521-986d-4ad8-9c1f-6934e195c15c} components/ssl-observatory.js application={ec8030f7-c20a-464f-9b0e-13a3a9e97384} application={92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a} application={3550f703-e582-4d05-9a08-453d09bdfdc6} application={a79fe89b-6662-4ff4-8e88-09950ad4dfde}
+contract @eff.org/ssl-observatory;1 {0f9ab521-986d-4ad8-9c1f-6934e195c15c} application={ec8030f7-c20a-464f-9b0e-13a3a9e97384} application={92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a} application={3550f703-e582-4d05-9a08-453d09bdfdc6} application={a79fe89b-6662-4ff4-8e88-09950ad4dfde}
+category profile-after-change SSLObservatory @eff.org/ssl-observatory;1 application={ec8030f7-c20a-464f-9b0e-13a3a9e97384} application={92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a} application={3550f703-e582-4d05-9a08-453d09bdfdc6} application={a79fe89b-6662-4ff4-8e88-09950ad4dfde}
@@ -0,0 +1,226 @@
+const CC = Components.classes;
+const CI = Components.interfaces;
+const CU = Components.utils;
+
+var HTTPSEverywhere = CC["@eff.org/https-everywhere;1"]
+                      .getService(CI.nsISupports).wrappedJSObject;
+
+CU.import("resource://gre/modules/Prompt.jsm");
+
+var menuId;
+var urlbarId;
+var aWindow = getWindow();
+
+
+/*
+ * Setup/Teardown for the UI
+ */
+
+function loadIntoWindow() {
+  if (!aWindow) {
+    return;
+  }
+  var enabled = HTTPSEverywhere.prefs.getBoolPref("globalEnabled");
+  addToggleItemToMenu(enabled);
+  if (enabled) {
+    urlbarId = aWindow.NativeWindow.pageactions.add(urlbarOptions);
+  } else if (urlbarId) {
+    aWindow.NativeWindow.pageactions.remove(urlbarId);
+  }
+}
+
+function unloadFromWindow() {
+  if (!aWindow) {
+    return;
+  }
+  aWindow.NativeWindow.menu.remove(menuId);
+  aWindow.NativeWindow.pageactions.remove(urlbarId);
+}
+
+
+/*
+ * Add a menu item to toggle HTTPS Everywhere
+ */
+
+function addToggleItemToMenu(enabled) {
+  if (menuId) { aWindow.NativeWindow.menu.remove(menuId); }
+  var menuLabel = enabled ? "HTTPS Everywhere on" : "HTTPS Everywhere off";
+  menuId = aWindow.NativeWindow.menu.add(menuLabel, null, function() {
+    popupToggleMenu(aWindow, enabled);
+  });
+}
+
+function popupToggleMenu(aWindow, enabled) {
+  var buttons = [
+    {
+      label: "Yes",
+      callback: function() {
+        toggleEnabledState();
+        var msg = enabled ? "HTTPS Everywhere disabled!" : "HTTPS Everywhere enabled!";
+        aWindow.NativeWindow.toast.show(msg, "short");
+        return true;
+      }
+    }, {
+      label: "No",
+      callback: function() { return false; }
+    }
+  ];
+  var newState = enabled ? "off?" : "on?";
+  aWindow.NativeWindow.doorhanger.show("Would you like to turn HTTPS Everywhere "+newState,
+                                       "doorhanger-toggle", buttons);
+}
+
+
+/*
+ * The HTTPS Everywhere icon in the URL bar shows a popup of rules that the
+ * user can activate/deactivate. On long click, reset all rules to defaults.
+ */
+
+var popupInfo = {
+  rules: [],
+  ruleItems: [],
+  ruleStatus: [],
+  alist: null,
+  getApplicableList: function() {
+    var browser = aWindow.BrowserApp.selectedBrowser;
+    return HTTPSEverywhere.getApplicableListForBrowser(browser);
+  },
+  fill: function() {
+    this.clear();
+    this.alist = this.getApplicableList();
+    HTTPSEverywhere.log(4,"applicable list active: "+JSON.stringify(this.alist.active));
+    HTTPSEverywhere.log(4,"applicable list inactive: "+JSON.stringify(this.alist.inactive));
+    for (var rule in this.alist.all) {
+      if (this.alist.active.hasOwnProperty(rule)) {
+        // active rules are checked and toggleable
+        this.ruleItems.push({ label: rule, selected: true });
+        this.ruleStatus.push(true);
+        this.rules.push(this.alist.active[rule]);
+      } else if (this.alist.moot.hasOwnProperty(rule)) {
+        // moot rules are checked and toggleable too
+        this.ruleItems.push({ label: rule, selected: true });
+        this.ruleStatus.push(true);
+        this.rules.push(this.alist.moot[rule]);
+      } else if (this.alist.inactive.hasOwnProperty(rule)) {
+        // inactive rules are unchecked and toggleable
+        this.ruleItems.push({ label: rule });
+        this.ruleStatus.push(false);
+        this.rules.push(this.alist.inactive[rule]);
+      } else if (this.alist.breaking.hasOwnProperty(rule)) {
+        // breaking rules are get a unicode clockwise arrow next to them
+        var ruleLabel = "\u21B7"+rule;
+        var isSelected = this.alist.breaking[rule].active;
+        this.ruleItems.push({ label: ruleLabel, selected: isSelected });
+        this.ruleStatus.push(isSelected);
+        this.rules.push(this.alist.breaking[rule]);
+      }
+    }
+  },
+  clear: function() {
+    this.rules = [];
+    this.ruleItems = [];
+    this.ruleStatus = [];
+    this.alist = {};
+  }
+};
+
+var urlbarOptions = {
+
+  title: "HTTPS Everywhere",
+
+  icon: "chrome://https-everywhere/skin/https-everywhere-128.png",
+
+  clickCallback: function() {
+    popupInfo.fill();
+    rulesPrompt.setMultiChoiceItems(popupInfo.ruleItems);
+    rulesPrompt.show(function(data) {
+      var db = data.button;
+      if (db === -1) { return null; } // user didn't click the accept button
+      if (popupInfo.rules.length !== db.length) {
+        // Why does db sometimes have an extra entry that doesn't correspond
+        // to any of the ruleItems? No idea, but let's log it.
+        HTTPSEverywhere.log(5,"Got length mismatch between popupInfo.ruleItems and data.button");
+        HTTPSEverywhere.log(4,"Applicable rules: "+JSON.stringify(popupInfo.rules));
+        HTTPSEverywhere.log(4, "data.button: "+JSON.stringify(db));
+      }
+      for (var i=0; i<popupInfo.rules.length; i++) {
+        if (popupInfo.ruleStatus[i] !== db[i]) {
+          HTTPSEverywhere.log(4, "toggling: "+JSON.stringify(popupInfo.rules[i]));
+          popupInfo.rules[i].toggle();
+        }
+      }
+      reloadTab();
+      return null;
+    });
+  },
+
+  longClickCallback: function() { popupResetDefaultsMenu(aWindow); }
+};
+
+var rulesPrompt = new Prompt({
+  window: aWindow,
+  title: "Enable/disable rules",
+  buttons: ["Apply changes"]
+});
+
+function popupResetDefaultsMenu(aWindow) {
+  var buttons = [
+    {
+      label: "Yes",
+      callback: function() {
+        resetToDefaults();
+        var msg = "Default rules reset.";
+        aWindow.NativeWindow.toast.show(msg, "short");
+        return true;
+      }
+    }, {
+      label: "No",
+      callback: function() { return false; }
+    }
+  ];
+  aWindow.NativeWindow.doorhanger.show("Reset all HTTPS Everywhere rules to defaults?",
+                                       "doorhanger-reset", buttons);
+}
+
+
+/*
+ * Some useful utils
+ */
+
+function reloadTab() {
+  // There seems to be no API to do this directly?
+  aWindow.BrowserApp.selectedTab.window.location.reload();
+}
+
+function toggleEnabledState(){
+  HTTPSEverywhere.toggleEnabledState();
+  loadIntoWindow();
+  reloadTab();
+}
+
+function resetToDefaults() {
+  HTTPSEverywhere.https_rules.resetRulesetsToDefaults();
+  reloadTab();
+}
+
+function getWindow() {
+  return CC['@mozilla.org/appshell/window-mediator;1']
+      .getService(CI.nsIWindowMediator)
+      .getMostRecentWindow('navigator:browser');
+}
+
+
+/*
+ *  Here's the external API to this UI module
+ */
+
+var AndroidUI = {
+  init: function() {
+    loadIntoWindow();
+  },
+  shutdown: function() {
+    unloadFromWindow();
+  }
+};
+
+var EXPORTED_SYMBOLS = ["AndroidUI"];
@@ -81,19 +81,8 @@ ChannelReplacement.prototype = {
 
     newChan.loadGroup = chan.loadGroup;
     newChan.notificationCallbacks = chan.notificationCallbacks;
-
-// The following line has been commented out, because it appears to interfere with the Flash plugin.
-// For example, on https://www.youtube.com, if the LOAD_REPLACE flag is included in newChan's
-// loadFlag, the Flash plugin reports an error and video streaming does not take place.
-// By removing this flag, we allow Flash to see the "originalURI" attirubte of newChan,
-// which contains the HTTP (non-HTTPS) URL that Flash requested before HTTPS-Everywhere
-// redirected the channel.
-// XXX: May have unintended side effects. Needs more investigation.
-//
-//    newChan.loadFlags = loadFlags | newChan.LOAD_REPLACE;
-    
-    newChan.loadFlags = loadFlags;
-
+    newChan.loadFlags = loadFlags | newChan.LOAD_REPLACE;
+
     if (!(newChan instanceof Ci.nsIHttpChannel))
       return this;
Original file line number	Diff line number	Diff line change
`@@ -38,5 +38,5 @@`
`38`	`38`	`"<all_urls>"`
`39`	`39`	`],`
`40`	`40`	`"update_url": "https://www.eff.org/files/https-everywhere-chrome-updates.xml",`
`41`		`- "version": "2014.4.16"`
	`41`	`+ "version": "2014.11.25"`
`42`	`42`	`}`
Original file line number	Diff line number	Diff line change
`@@ -249,11 +249,6 @@ RuleSets.prototype = {`
`249`	`249`	`// Check to see if the Cookie object c meets any of our cookierule citeria`
`250`	`250`	`// for being marked as secure. knownHttps is true if the context for this`
`251`	`251`	`// cookie being set is known to be https.`
`252`		`- //log(DBUG, "Testing cookie:");`
`253`		`- //log(DBUG, " name: " + cookie.name);`
`254`		`- //log(DBUG, " host: " + cookie.host);`
`255`		`- //log(DBUG, " domain: " + cookie.domain);`
`256`		`- //log(DBUG, " rawhost: " + cookie.rawHost);`
`257`	`252`	`var hostname = cookie.domain;`
`258`	`253`	`// cookie domain scopes can start with .`
`259`	`254`	`while (hostname.charAt(0) == ".")`
`@@ -272,10 +267,6 @@ RuleSets.prototype = {`
`272`	`267`	`if (cr.host_c.test(cookie.domain) && cr.name_c.test(cookie.name)) {`
`273`	`268`	`return ruleset;`
`274`	`269`	`}`
`275`		`- //log(WARN, "no match domain " + cr.host_c.test(cookie.domain) +`
`276`		`- // " name " + cr.name_c.test(cookie.name));`
`277`		`- //log(WARN, "with " + cookie.domain + " " + cookie.name);`
`278`		`- //log(WARN, "and " + cr.host + " " + cr.name);`
`279`	`270`	`}`
`280`	`271`	`}`
`281`	`272`	`}`