Add HTTP Nowhere mode to Chromium

diracdeltas · semenko · commit b3896f5f175e · 2015-03-26T16:10:06.000-05:00
Adds mode for blocking HTTP requests entirely after HTTPS Everywhere
rewrites. Switches UI button from PageAction to BrowserAction, because
why was it a PageAction in the first place?
diff --git a/chromium/background.js b/chromium/background.js
@@ -29,6 +29,26 @@ var switchPlannerEnabledFor = {};
 // rw / nrw stand for "rewritten" versus "not rewritten"
 var switchPlannerInfo = {};
 
+// Load prefs about whether http nowhere is on. Structure is:
+//  { httpNowhere: true/false }
+var httpNowhereOn = false;
+chrome.storage.sync.get({httpNowhere: false}, function(item) {
+  httpNowhereOn = item.httpNowhere;
+  setIconColor();
+});
+chrome.storage.onChanged.addListener(function(changes, areaName) {
+  if (areaName === 'sync') {
+    for (key in changes) {
+      if (key !== 'httpNowhere') {
+        return;
+      } else {
+        httpNowhereOn = changes[key].newValue;
+        setIconColor();
+      }
+    }
+  }
+});
+
 var getStoredUserRules = function() {
   var oldUserRuleString = localStorage.getItem(USER_RULE_KEY);
   var oldUserRules = [];
@@ -48,6 +68,15 @@ var loadStoredUserRules = function() {
 };
 
 loadStoredUserRules();
+
+// Set the icon color correctly
+var setIconColor = function() {
+  var newIconPath = httpNowhereOn ? './icon38-red.png' : './icon38.png';
+  chrome.browserAction.setIcon({
+    path: newIconPath
+  });
+}
+
 /*
 for (var v in localStorage) {
   log(DBUG, "localStorage["+v+"]: "+localStorage[v]);
@@ -124,6 +153,9 @@ function onBeforeRequest(details) {
   // todo: check that this is enough
   var uri = new URI(details.url);
 
+  // Should the request be canceled?
+  var shouldCancel = (httpNowhereOn && uri.protocol() === 'http');
+
   // Normalise hosts such as "www.example.com."
   var canonical_host = uri.hostname();
   if (canonical_host.charAt(canonical_host.length - 1) == ".") {
@@ -145,7 +177,7 @@ function onBeforeRequest(details) {
         " changed before processing to " + canonical_url);
   }
   if (canonical_url in urlBlacklist) {
-    return null;
+    return {cancel: shouldCancel};
   }
 
   if (details.type == "main_frame") {
@@ -162,7 +194,7 @@ function onBeforeRequest(details) {
     var hostname = uri.hostname();
     domainBlacklist[hostname] = true;
     log(WARN, "Domain blacklisted " + hostname);
-    return null;
+    return {cancel: shouldCancel};
   }
 
   var newuristr = null;
@@ -174,10 +206,11 @@ function onBeforeRequest(details) {
     }
   }
 
+  var finaluri = newuristr ? new URI(newuristr) : null;
+
   if (newuristr && tmpuserinfo !== "") {
     // re-insert userpass info which was stripped temporarily
     // while rules were applied
-    var finaluri = new URI(newuristr);
     finaluri.userinfo(tmpuserinfo);
     newuristr = finaluri.toString();
   }
@@ -192,20 +225,25 @@ function onBeforeRequest(details) {
                          newuristr);
   }
 
+  if (httpNowhereOn) {
+    if (finaluri && finaluri.protocol() === "http") {
+      // Abort early if we're about to redirect to HTTP in HTTP Nowhere mode
+      return {cancel: true};
+    }
+  }
+
   if (newuristr) {
-    log(DBUG, "Redirecting from "+details.url+" to "+newuristr);
     return {redirectUrl: newuristr};
   } else {
-    return null;
+    return {cancel: shouldCancel};
   }
 }
 
 
 // Map of which values for the `type' enum denote active vs passive content.
 // https://developer.chrome.com/extensions/webRequest.html#event-onBeforeRequest
 var activeTypes = { stylesheet: 1, script: 1, object: 1, other: 1};
-// We consider sub_frame to be passive even though it can contain JS or Flash.
-// This is because code running the sub_frame cannot access the main frame's
+
 // content, by same-origin policy. This is true even if the sub_frame is on the
 // same domain but different protocol - i.e. HTTP while the parent is HTTPS -
 // because same-origin policy includes the protocol. This also mimics Chrome's
@@ -402,27 +440,6 @@ wr.onBeforeRequest.addListener(onBeforeRequest, {urls: ["https://*/*", "http://*
 wr.onBeforeRedirect.addListener(onBeforeRedirect, {urls: ["https://*/*"]});
 
 
-// Add the small HTTPS Everywhere icon in the address bar.
-// Note: We can't use any other hook (onCreated, onActivated, etc.) because Chrome resets the
-// pageActions on URL change. We should strongly consider switching from pageAction to browserAction.
-chrome.tabs.onUpdated.addListener(function(tabId, changeInfo, tab) {
-    if (changeInfo.status === "loading") {
-        chrome.pageAction.show(tabId);
-    }
-});
-
-// Pre-rendered tabs / instant experiments sometimes skip onUpdated.
-// See http://crbug.com/109557
-chrome.tabs.onReplaced.addListener(function(addedTabId, removedTabId) {
-    chrome.tabs.get(addedTabId, function(tab) {
-        if(typeof(tab) === "undefined") {
-            log(DBUG, "Not a real tab. Skipping showing pageAction.");
-        } else {
-            chrome.pageAction.show(addedTabId);
-        }
-    });
-});
-
 // Listen for cookies set/updated and secure them if applicable. This function is async/nonblocking.
 chrome.cookies.onChanged.addListener(onCookieChanged);
 
diff --git a/chromium/icon38-red.png b/chromium/icon38-red.png
diff --git a/chromium/icon38.png b/chromium/icon38.png
diff --git a/chromium/manifest.json b/chromium/manifest.json
@@ -25,8 +25,10 @@
     "manifest_version": 2, 
     "minimum_chrome_version": "18", 
     "name": "__MSG_about_ext_name__", 
-    "page_action": {
-        "default_icon": "icon48.png", 
+    "browser_action": {
+        "default_icon": {
+            "38": "icon38.png"
+        },
         "default_popup": "popup.html", 
         "default_title": "__MSG_about_ext_name__"
     }, 
@@ -35,6 +37,7 @@
         "webRequestBlocking", 
         "tabs", 
         "cookies", 
+        "storage",
         "<all_urls>"
     ], 
     "update_url": "https://www.eff.org/files/https-everywhere-chrome-updates.xml", 
diff --git a/chromium/popup.html b/chromium/popup.html
@@ -14,6 +14,10 @@
 <header>
   <h1 i18n="about_ext_name"></h1>
 </header>
+<section id="HttpNowhere" class="options">
+  <input id="http-nowhere-checkbox" type="checkbox" value="httpNowhere"/>
+  <label for="http-nowhere-checkbox">Turn on HTTP Nowhere</label>
+</section>
 <section>
   <a href="#" id="add-rule-link">Add a rule for this site</a>
   <div id="add-new-rule-div" style="display:none">
diff --git a/chromium/popup.js b/chromium/popup.js
@@ -90,6 +90,16 @@ document.addEventListener("DOMContentLoaded", function () {
   unstableRules = document.getElementById("UnstableRules");
   chrome.tabs.getSelected(null, gotTab);
 
+  // Set up toggle checkbox for HTTP nowhere mode
+  getOption_('httpNowhere', false, function(item) {
+    var httpNowhereCheckbox = document.getElementById('http-nowhere-checkbox');
+    httpNowhereCheckbox.addEventListener('click', toggleHttpNowhere, false);
+    var httpNowhereEnabled = item.httpNowhere;
+    if (httpNowhereEnabled) {
+      httpNowhereCheckbox.setAttribute('checked', '');
+    }
+  });
+
   // auto-translate all elements with i18n attributes
   var elem = document.querySelectorAll("[i18n]");
   for (var i=0; i < elem.length; i++) {
@@ -153,3 +163,21 @@ function addManualRule() {
     });
   });
 }
+
+function toggleHttpNowhere() {
+  getOption_('httpNowhere', false, function(item) {
+    setOption_('httpNowhere', !item.httpNowhere);
+  });
+}
+
+function getOption_(opt, defaultOpt, callback) {
+  var details = {};
+  details[opt] = defaultOpt;
+  return chrome.storage.sync.get(details, callback);
+}
+
+function setOption_(opt, value) {
+  var details = {};
+  details[opt] = value;
+  return chrome.storage.sync.set(details);
+}
