Opened 13 months ago

Closed 13 months ago

Last modified 13 months ago

#6704 closed change (fixed)

Ignore $rewrite filters for requests loading code to be executed

Reported by: sebastian Assignee: sebastian
Priority: P1 Milestone: Adblock-Plus-3.2-for-Chrome-Opera-Firefox
Module: Core Keywords:
Cc: mjethani, hfiguiere Blocked By:
Blocking: Platform: Unknown / Cross platform
Ready: yes Confidential: no
Tester: Ross Verified working: yes
Review URL(s):

https://codereview.adblockplus.org/29793555

Description (last modified by sebastian)

Background

With #6592 and #6622 we introduced the $rewrite filter option which allows requests to be redirected to another URL (of the same origin). However, we noticed some security issues, where for example a script hosted on a CDN could be replaced with another script from the same CDN, so that a malicious filter could cause arbitary code to be executed under some circumstances. Therefore we want to limit the request types that $rewrite filters might be applied to.

What to change

Unset the request types SCRIPT, SUBDOCUMENT, OBJECT and OBJECT_SUBREQUEST for filters that have an $rewrite option, so that they are always ignored for requests of these types.

Hints for testers

See #6622. In addition to what is specified there, filters with $rewrite filter option should be ignored if the request type is SCRIPT, SUBDOCUMENT, OBJECT or OBJECT_SUBREQUEST (as indicated in the devtools panel), even if those types are explicitly given in the filter.

Change History (8)

comment:1 Changed 13 months ago by sebastian

  • Review URL(s) modified (diff)
  • Status changed from new to reviewing

comment:2 Changed 13 months ago by sebastian

  • Description modified (diff)

comment:5 Changed 13 months ago by sebastian

  • Milestone set to Adblock-Plus-for-Chrome-Opera-Firefox-next
  • Resolution set to fixed
  • Status changed from reviewing to closed

comment:6 Changed 13 months ago by mjethani

  • Priority changed from Unknown to P1
  • Ready set

comment:7 Changed 13 months ago by hfiguiere

  • Summary changed from Ignore $rewrite filters for requests loading code to be executes to Ignore $rewrite filters for requests loading code to be executed

comment:8 Changed 13 months ago by Ross

  • Tester changed from Unknown to Ross
  • Verified working set

Appears to working as expected. Rewrite filters are not applied to the request types listed above.

ABP 3.1.0.2065
Firefox 51 / 60 / Windows 8
Chrome 49 / 66 / Windows 8
Opera 36 / 52 / Windows 8

Note: See TracTickets for help on using tickets.