如何从declarativeNetRequest规则中排除没有initiator的请求?

huangapple go评论86阅读模式
英文:

How can one exclude requests with no initiator from declarativeNetRequest rules?

问题

I'm creating declarativeNetRequest rules and I'm having trouble excluding requests with no initiator from those rules (using chrome version 112.0.5615.139 (Official Build) (64-bit)). An example use case is if a user manually enters a url directly into the address bar, the rules should not intercept the request.

I've tried excluding the following without success:

excludedInitiatorDomains: ["", "null", "newtab", "localhost", "about:blank", "chrome://"]

I know that chrome.runtime.id works for requests initiated by the extension, but I'm not sure how to exclude requests initiated by the user or browser. Any help with this would be greatly appreciated!

MCVE:

manifest.json:

{
  "name": "Chrome Extension Initiator Domain MCVE",
  "version": "1.0",
  "manifest_version": 3,
  "declarative_net_request": {
    "rule_resources": [
      {
        "id": "ruleset_1",
        "enabled": true,
        "path": "rules.json"
      }
    ]
  },
  "permissions": [
    "declarativeNetRequest",
    "declarativeNetRequestFeedback"
  ],
  "host_permissions": [
    "*://*.google.com/*"
  ],
  "background": {
    "service_worker": "background.js"
  }
}

rules.json

[
  {
    "id": 1,
    "action": { "type": "block" },
    "condition": {
      "urlFilter": "google.com",
      "resourceTypes": ["main_frame"],
      "excludedInitiatorDomains": ["google.com", "", "null", "newtab", "localhost", "about:blank", "chrome://"]
    }
  }
]

background.js

chrome.declarativeNetRequest.onRuleMatchedDebug.addListener(info =>
    console.log(info)
)

Here is what gets logged when opening a new tab and directly navigating to google.com:

{
    "request": {
        "documentLifecycle": "active",
        "frameId": 0,
        "frameType": "outermost_frame",
        "method": "GET",
        "parentFrameId": -1,
        "requestId": "72065",
        "tabId": 852200437,
        "type": "main_frame",
        "url": "https://www.google.com/"
    },
    "rule": {
        "ruleId": 1,
        "rulesetId": "ruleset_1"
    }
}
英文:

I'm creating declarativeNetRequest rules and I'm having trouble excluding requests with no initiator from those rules (using chrome version 112.0.5615.139 (Official Build) (64-bit)). An example use case is if a user manually enters a url directly into the address bar, the rules should not intercept the request.

I've tried excluding the following without success:

excludedInitiatorDomains: ["", "null", "newtab", "localhost", "about:blank", "chrome://"]

I know that chrome.runtime.id works for requests initiated by the extension, but I'm not sure how to exclude requests initiated by the user or browser. Any help with this would be greatly appreciated!

MCVE:

manifest.json:

{
  "name": "Chrome Extension Initiator Domain MCVE",
  "version": "1.0",
  "manifest_version": 3,
  "declarative_net_request": {
    "rule_resources": [
      {
        "id": "ruleset_1",
        "enabled": true,
        "path": "rules.json"
      }
    ]
  },
  "permissions": [
    "declarativeNetRequest",
    "declarativeNetRequestFeedback"
  ],
  "host_permissions": [
    "*://*.google.com/*"
  ],
  "background": {
    "service_worker": "background.js"
  }
}

rules.json

[
  {
    "id": 1,
    "action": { "type": "block" },
    "condition": {
      "urlFilter": "google.com",
      "resourceTypes": ["main_frame"],
      "excludedInitiatorDomains": ["google.com", "", "null", "newtab", "localhost", "about:blank", "chrome://"]
    }
  }
]

background.js

chrome.declarativeNetRequest.onRuleMatchedDebug.addListener(info =>
    console.log(info)
)

Here is what gets logged when opening a new tab and directly navigating to google.com:

{
    "request": {
        "documentLifecycle": "active",
        "frameId": 0,
        "frameType": "outermost_frame",
        "method": "GET",
        "parentFrameId": -1,
        "requestId": "72065",
        "tabId": 852200437,
        "type": "main_frame",
        "url": "https://www.google.com/"
    },
    "rule": {
        "ruleId": 1,
        "rulesetId": "ruleset_1"
    }
}

答案1

得分: 1

你只需要更改 rules.json

  • 使用 "initiatorDomains" 而不是 "excludedInitiatorDomains"
  • 列出所有有效的顶级域名

在以下示例中,我只列出了三个常见的顶级域名。
但我也尝试过使用约1400个顶级域名(仅ASCII字符)的列表以及一些特定国家的搜索引擎作为发起方。
来自Chromium 112.0.5615.165(官方版本)Arch Linux(64位)没有投诉。

IANA > 顶级域名数据库 > 提示和区域文件 > 顶级域名 获取完整的顶级域名列表。
您必须使用 Punycode 对非ASCII域名进行编码,否则Chrome将拒绝加载扩展程序:
chrome.declarativeNetRequest > RuleCondition > initiatorDomains

这可能是实现您想要的唯一方法,除非您愿意使用 "webRequestBlocking"。

英文:

You only need to change rules.json

  • Instead of "excludedInitiatorDomains", use "initiatorDomains"
  • List all valid TLDs

In the following example, I've only listed three common TLDs.
But I've also tried it with a list of ~1400 TLDs (only the ASCII ones) and a few country-specific search engines as the initiators.
There were no complaints from Chromium 112.0.5615.165 (Official Build) Arch Linux (64-Bit)

Get the complete TLD list from IANA > Database of Top Level Domains > Hint and Zone Files > Top-Level Domains

You must encode non-ASCII domains with Punycode, or Chrome will refuse to load the extension:
chrome.declarativeNetRequest > RuleCondition > initiatorDomains

This is probably the only way to accomplish what you want, unless you're willing to use "webRequestBlocking".

rules.json

[
	{
		"id": 1,
		"action": { "type": "block" },
		"condition": {
			"urlFilter": "google.com",
			"resourceTypes": ["main_frame"],
			"initiatorDomains": [
				"com",
				"net",
				"org"
			]
		}
	}
]

答案2

得分: 0

以下是已翻译的内容:

这个问题的一个解决方法是重定向到一个带有 JavaScript 的扩展 HTML 页面,该页面检查 document.referrer 来确定是否允许导航到原始页面。

redirect.html

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>redirect</title>
</head>
<body>
    <script src="/redirect.js"></script>
    ...
</body>
</html>

redirect.js

const redirect = new URLSearchParams(window.location.search).get("redirect")
if (!document.referrer) {
    window.location.href = redirect
}

rules.json

[
  {
    "id": 1,
    "action": {
        "type": "redirect", 
        "redirect": {
            "regexSubstitution": `chrome-extension://${chrome.runtime.id}/redirect.html?redirect=\
[
  {
    "id": 1,
    "action": {
        "type": "redirect", 
        "redirect": {
            "regexSubstitution": `chrome-extension://${chrome.runtime.id}/redirect.html?redirect=\\0`
        }
    },
    "condition": {
      "regexFilter": "google.com",
      "resourceTypes": ["main_frame"],
      "excludedInitiatorDomains": [chrome.runtime.id]
    }
  }
]
`
} }, "condition": { "regexFilter": "google.com", "resourceTypes": ["main_frame"], "excludedInitiatorDomains": [chrome.runtime.id] } } ]

这并不是一个理想的解决方法,它要求将扩展添加到初始域的白名单中,但它可以正常工作。

英文:

A workaround for this is to redirect to an extension html page with javascript that checks the document.referrer to determine whether the original page is allowed and should therefore be navigated to.

redirect.html

&lt;!DOCTYPE html&gt;
&lt;html lang=&quot;en&quot;&gt;
&lt;head&gt;
    &lt;meta charset=&quot;UTF-8&quot;&gt;
    &lt;title&gt;redirect&lt;/title&gt;
&lt;/head&gt;
&lt;body&gt;
    &lt;script src=&quot;/redirect.js&quot;/&gt;
    ...
&lt;/body&gt;
&lt;/html&gt;

redirect.js

const redirect = new URLSearchParams(window.location.search).get(&quot;redirect&quot;)
if (!document.referrer) {
    window.location.href = redirect
}

rules.json

[
  {
    &quot;id&quot;: 1,
    &quot;action&quot;: {
        &quot;type&quot;: &quot;redirect&quot;, 
        &quot;redirect&quot;: {
            &quot;regexSubstitution&quot;: `chrome-extension://${chrome.runtime.id}/redirect.html?redirect=\
[
  {
    &quot;id&quot;: 1,
    &quot;action&quot;: {
        &quot;type&quot;: &quot;redirect&quot;, 
        &quot;redirect&quot;: {
            &quot;regexSubstitution&quot;: `chrome-extension://${chrome.runtime.id}/redirect.html?redirect=\\0`
        }
    },
    &quot;condition&quot;: {
      &quot;regexFilter&quot;: &quot;google.com&quot;,
      &quot;resourceTypes&quot;: [&quot;main_frame&quot;],
      &quot;excludedInitiatorDomains&quot;: [chrome.runtime.id]
    }
  }
]
`
} }, &quot;condition&quot;: { &quot;regexFilter&quot;: &quot;google.com&quot;, &quot;resourceTypes&quot;: [&quot;main_frame&quot;], &quot;excludedInitiatorDomains&quot;: [chrome.runtime.id] } } ]

This is not an amazing way to go about this, and it requires that the extension be whitelisted as an initiator domain, but it works.

huangapple
  • 本文由 发表于 2023年5月7日 08:07:16
  • 转载请务必保留本文链接:https://go.coder-hub.com/76191697.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定