Domain-based whitelisting does not work for content filtering in subframes

[mjethani]

Environment

ABP 3.3.2 on Chrome

How to reproduce

Host the following document on foo.com:

<!-- foo.com/test.html -->
<img src="https://imgs.xkcd.com/comics/word_puzzles.png">
<iframe src="http://bar.com/test.html"></iframe>

Host the following document on bar.com:

<!-- bar.com/test.html -->
<img src="https://imgs.xkcd.com/comics/word_puzzles.png">

Add the filters ##img and @@$document,domain=bar.com.

Now load foo.com/test.html in the browser.

Observed behaviour

All images are hidden.

Expected behaviour

The image in the subframe bar.com/test.html should be visible because of the second filter.

Additional notes

This code in lib/whitelisting.js:

    while (frame)
    {
      let parentFrame = frame.parent;
      let filter = match(page, frame.url, typeMask,
                         extractHostFromFrame(parentFrame, originUrl),
                         getKey(page, frame, originUrl));
      
      ...

It goes straight to the parent frame. This works for blocking filters because we look at the hostname in the initiator property as a fallback (so it only works incidentally and not necessarily because the logic is correct), but we don't do this for content filters.

[sebastian]

Good catch! This is quite bad. I'd still like to have it fixed with 3.4.

[sebastian]

Wait! I first thought that this might have been a regression of #6543. But it seems the behavior was the same before, and on second thought the behavior seems to be correct. The $domain option refers to the parent document. So @@$document,domain=bar.com means: Whitelist any document (and all of it's sub-resources) that is loaded in a frame on another document with the domain bar.com.

[mjethani]

Alright, that makes sense. It's not a bug then.