Issue #386 [Enhancement][WIP] Add configurators for hook-callback.js …

…and disable-devtools.js
t2ym · Aug 30, 2020 · e30ce98 · e30ce98
1 parent 925571c
commit e30ce98
Show file tree

Hide file tree

Showing 26 changed files with 12,474 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -1157,6 +1157,7 @@ To achieve this, the static entry HTML has to be __Encoded__ at build time by `h
   - Force redirection to `about:blank` when the user tries to inspect a source code of the pages
 - Configurations
   - `const devtoolsDisabled = true`: Use `false` and rebuild with `gulp demo` to enable Dev Tools
+    - Configurable at `targetConfig.mode.devtoolsDisabled` in `demo-config/config.js`
 
 ### `<script context-generator src="context-generator.js?no-hook=true"></script>`
 
@@ -1280,9 +1281,10 @@ To achieve this, the static entry HTML has to be __Encoded__ at build time by `h
     - `__hook__`: hook callback function
       - `Object.defineProperty(_global, '__hook__', { configurable: false, enumerable: false, writable: false, value: hookCallbacks.__hook__ });`
         - `hookCallbacks.__hook__`: full features (acl + contextStack + object access graph)
-        - `hookCallbacks.__hook__acl`: acl only (acl + contextStack)
+        - `hookCallbacks.__hook__acl`: acl only (acl + contextStack) - default
         - `hookCallbacks.__hook__min`: minimal (no acl)
-    - `const acl`: ACL
+    - `contextNormalizer` and `acl`
+      - Configurable at `demo-config/policy/policy.js` and included policy modules
   - For MutationObserver
     - `hook.parameters.mutationObserver = new MutationObserver(observerCallback);` - `MutationObserver` object set in `demo/hook-callback.js`
     - `hook.parameters.mutationObserverConfig = { childList: true, subtree: true, attributes: true, attributeOldValue: true, characterData: true, characterDataOldValue: true, };` - Configuration options for `hook.parameters.mutationObserver.observe(options)` set in `demo/hook-callback.js`
@@ -1291,7 +1293,9 @@ To achieve this, the static entry HTML has to be __Encoded__ at build time by `h
     - `const messagesOnUnauthorizedMutation = { en: 'Blocked on Browser Extensions' };` - Alert messages on DOM intrusion detection, indexed for `navigator.language`
   - For global object access
     - `const enableDebugging = false`: Use `true` to enable debugging by disabling forced redirection to `about:blank` on prohibited global object access
+      - Configurable at `targetConfig.mode.enableDebugging` in `demo-config/config.js`
     - `const wildcardWhitelist`: `Array` of `RegExp` for Chrome browser's `new Error().stack` format
+      - Configurable at `demo-config/policy/wildcardWhitelist.js`
       - Example configurations for demo
         - `new RegExp('^at (.* [(])?' + origin + '/components/'), // trust the site contents including other components`
         - `new RegExp('^at ([^(]* [(])?' + 'https://cdnjs.cloudflare.com/ajax/libs/vis/4[.]18[.]1/vis[.]min[.]js'),`
@@ -1591,6 +1595,8 @@ gulp.task('demo',
     'webpack-es6-module',                   // build demo/webpack-es6-module.js
     'webpack-commonjs',                     // build demo/webpack-commonjs.js
     'rollup-es-modules',                    // build demo/rollup-module1.js and demo/rollup-es6-module.js
+    'policy',                               // configure demo/hook-callback.js
+    'disable-devtools',                     // configure demo/disable-devtools.js
     'update-integrity-js',                  // update demo/integrity.js for the generated public keys in base64
     'update-no-hook-authorization',         // update demo/no-hook-authorization.js
     'update-no-hook-authorization-in-html', // update hook.min.js?no-hook-authorization=* in HTMLs

diff --git a/demo-config/config.js b/demo-config/config.js
@@ -0,0 +1,19 @@
+/*
+@license https://github.com/t2ym/thin-hook/blob/master/LICENSE.md
+Copyright (c) 2020 Tetsuya Mori <t2y3141592@gmail.com>. All rights reserved.
+*/
+
+const targetConfig = {
+  path: {
+    root: 'demo',
+    config: 'demo-config',
+    backend: 'demo-backend',
+    frontend: 'demo-frontend',
+  },
+  mode: {
+    enableDebugging: false,
+    devtoolsDisabled: true,
+  },
+};
+
+module.exports = targetConfig;
diff --git a/demo-config/policy/basePolicyModule.js b/demo-config/policy/basePolicyModule.js
diff --git a/demo-config/policy/policy.js b/demo-config/policy/policy.js
@@ -0,0 +1,11 @@
+/* @exclude */
+/*
+@license https://github.com/t2ym/thin-hook/blob/master/LICENSE.md
+Copyright (c) 2017, 2018, 2019, 2020 Tetsuya Mori <t2y3141592@gmail.com>. All rights reserved.
+*/
+/* @endexclude */
+const basePolicyModule /* @echo EQUAL *//* @echo SPACE *//* @extend basePolicyModule.js *//* @endextend */;
+Policy.mergePolicyModules(
+  { contextNormalizer, acl },
+  basePolicyModule,
+);
diff --git a/demo-config/policy/wildcardWhitelist.js b/demo-config/policy/wildcardWhitelist.js
@@ -0,0 +1,12 @@
+/* @exclude */
+/*
+@license https://github.com/t2ym/thin-hook/blob/master/LICENSE.md
+Copyright (c) 2017, 2018, 2019, 2020 Tetsuya Mori <t2y3141592@gmail.com>. All rights reserved.
+*/
+/* @endexclude */
+const wildcardWhitelist = [
+  new RegExp('^at (.* [(])?' + origin + '/components/'), // trust the site contents including other components
+  new RegExp('^at ([^(]* [(])?' + 'https://cdnjs.cloudflare.com/ajax/libs/vis/4[.]18[.]1/vis[.]min[.]js'),
+  new RegExp('^at ([^(]* [(])?' + 'https://www.gstatic.com/charts/loader[.]js'),
+  new RegExp('^at ([^(]* [(])?' + 'https://apis.google.com/js/api[.]js'),
+];
diff --git a/gulpfile.js b/gulpfile.js
@@ -39,6 +39,8 @@ if (!gulp.series) {
   gulp.series = (...tasks) => (done) => runSequence(...tasks, done);
 }
 
+const targetConfig = require('./demo-config/config.js');
+
 const hook = require('./hook.js');
 
 const moduleExampleDependencies = {};
@@ -396,6 +398,28 @@ gulp.task('integrity-json', () => {
     .pipe(gulp.dest('.'));
 });
 
+gulp.task('policy',
+  require('./plugins/policy/configurator.js')
+  .configurator(
+    path.resolve(__dirname, targetConfig.path.config, 'policy'), // configPath
+    path.resolve(__dirname, targetConfig.path.root), // destPath
+    {
+      enableDebugging: targetConfig.mode.enableDebugging ? true : false,
+    },
+  )
+);
+
+gulp.task('disable-devtools',
+  require('./plugins/disable-devtools/configurator.js')
+  .configurator(
+    null, // configPath
+    path.resolve(__dirname, targetConfig.path.root), // destPath
+    {
+      devtoolsDisabled: targetConfig.mode.devtoolsDisabled ? true : false,
+    },
+  )
+);
+
 // server secret for cache-automation.js
 const serverSecret = crypto.randomFillSync(Buffer.alloc(32)).toString('hex');
 const cacheBundlePath = path.join('demo', 'cache-bundle.json');
@@ -1557,6 +1581,8 @@ gulp.task('demo',
     'webpack-es6-module',
     'webpack-commonjs',
     'rollup-es-modules',
+    'policy',
+    'disable-devtools',
     'update-integrity-js',
     'update-no-hook-authorization',
     'update-no-hook-authorization-in-html',

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -95,6 +95,7 @@
     "node-forge": "^0.7.5",
     "npm-run-all": "^4.1.5",
     "nyc": "11.3.0",
+    "preprocess": "^3.2.0",
     "puppeteer": "^1.3.0",
     "rollup": "^2.22.2",
     "rollup-plugin-async": "^1.2.0",

diff --git a/plugins/disable-devtools/configurator.js b/plugins/disable-devtools/configurator.js
@@ -0,0 +1,57 @@
+/*
+@license https://github.com/t2ym/thin-hook/blob/master/LICENSE.md
+Copyright (c) 2020, Tetsuya Mori <t2y3141592@gmail.com>. All rights reserved.
+*/
+const path = require('path');
+const { preprocess } = require('preprocess');
+const through = require('through2');
+const gulp = require('gulp');
+
+const configurator = (configPath, destPath, {
+    sourceFile = 'disable-devtools.js',
+    devtoolsDisabled = 'true',
+  } = {}) =>
+  () => gulp.src([ path.resolve(__dirname, sourceFile) ])
+    // 1st pass
+    .pipe(through.obj((file, enc, callback) => {
+      let script = String(file.contents);
+      script = preprocess(script,
+        {
+          SPACE: ' ',
+          EQUAL: '=',
+          SEMICOLON: ';',
+          devtoolsDisabled: typeof devtoolsDisabled === 'undefined' ? 'true' : devtoolsDisabled,
+        },
+        {
+          type: 'js',
+          srcDir: __dirname, // in plugin/disable-devtools/
+        }
+      );
+      script = script.replace(/\/\* #include /g, '/* @include ');
+      file.contents = Buffer.from(script);
+      callback(null, file);
+    }))
+    /*
+    // 2nd pass
+    .pipe(through.obj((file, enc, callback) => {
+      let script = String(file.contents);
+      script = preprocess(script,
+        {
+          SPACE: ' ',
+          EQUAL: '=',
+          SEMICOLON: ';',
+        },
+        {
+          type: 'js',
+          srcDir: configPath, // in demo-config/disable-devtools/ ; Note: unused
+        }
+      );
+      file.contents = Buffer.from(script);
+      callback(null, file);
+    }))
+    */
+    .pipe(gulp.dest(destPath));
+
+module.exports = {
+  configurator,
+};