From 1bfb422241db04f0ded37a47ee61d6c2f3b44f4b Mon Sep 17 00:00:00 2001 From: Brian Clifton Date: Fri, 18 May 2018 15:37:01 -0700 Subject: [PATCH 1/2] Add a session migration for uphold fingerprinting Fixes https://github.com/brave/browser-laptop/issues/14152 Lays down foundation for https://github.com/brave/browser-laptop/issues/10488 Auditors: @diracdeltas, @darkdh --- app/migrations/20180518_uphold.js | 30 ++++++++++++++++++++++++++++++ app/migrations/pre.js | 14 ++++++++++++++ app/sessionStore.js | 5 +++++ 3 files changed, 49 insertions(+) create mode 100644 app/migrations/20180518_uphold.js create mode 100644 app/migrations/pre.js diff --git a/app/migrations/20180518_uphold.js b/app/migrations/20180518_uphold.js new file mode 100644 index 00000000000..19266014499 --- /dev/null +++ b/app/migrations/20180518_uphold.js @@ -0,0 +1,30 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +const compareVersions = require('compare-versions') + +// per https://github.com/brave/browser-laptop/issues/14152 +// add fingerprint exception for existing users for uphold.com +module.exports = (data) => { + if (!data.lastAppVersion) { + return + } + + let migrationNeeded = false + + try { + migrationNeeded = compareVersions(data.lastAppVersion, '0.22.714') !== 1 + } catch (e) {} + + if (migrationNeeded) { + const pattern = 'https://uphold.com' + if (!data.siteSettings[pattern]) { + data.siteSettings[pattern] = {} + } + let targetSetting = data.siteSettings[pattern] + if (targetSetting.fingerprintingProtection == null) { + targetSetting.fingerprintingProtection = 'allowAllFingerprinting' + } + } +} diff --git a/app/migrations/pre.js b/app/migrations/pre.js new file mode 100644 index 00000000000..d9486a8148c --- /dev/null +++ b/app/migrations/pre.js @@ -0,0 +1,14 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +module.exports = (data) => { + let migrations = [ + require('./20180518_uphold') + // TODO: put additional migrations here + ] + + migrations.forEach((migration) => { + migration(data) + }) +} diff --git a/app/sessionStore.js b/app/sessionStore.js index d92d4eb7711..d04af74c088 100644 --- a/app/sessionStore.js +++ b/app/sessionStore.js @@ -929,6 +929,11 @@ module.exports.runPreMigrations = (data) => { } } + // TODO: consider moving all of the above logic into here + // see https://github.com/brave/browser-laptop/issues/10488 + const runMigrations = require('./migrations/pre') + runMigrations(data) + return data } From 2eb1138b3a7611a1791b5316c0832b2fd13ef729 Mon Sep 17 00:00:00 2001 From: Brian Clifton Date: Mon, 21 May 2018 22:25:32 -0700 Subject: [PATCH 2/2] Fix hostPattern and don't apply migration if user has global block in place Fixes https://github.com/brave/browser-laptop/issues/14204 Auditors: @diracdeltas --- app/migrations/20180518_uphold.js | 15 +++- js/data/siteSettingsList.js | 2 +- .../app/migrations/20180518_upholdTest.js | 69 +++++++++++++++++++ test/unit/app/sessionStoreTest.js | 2 +- 4 files changed, 83 insertions(+), 5 deletions(-) create mode 100644 test/unit/app/migrations/20180518_upholdTest.js diff --git a/app/migrations/20180518_uphold.js b/app/migrations/20180518_uphold.js index 19266014499..044caa2b8ad 100644 --- a/app/migrations/20180518_uphold.js +++ b/app/migrations/20180518_uphold.js @@ -7,8 +7,12 @@ const compareVersions = require('compare-versions') // per https://github.com/brave/browser-laptop/issues/14152 // add fingerprint exception for existing users for uphold.com module.exports = (data) => { - if (!data.lastAppVersion) { - return + // don't apply if: + // - user chooses to block all fingerprinting (global setting) + // - user is not upgrading from 0.22.714 or earlier + if ((data.fingerprintingProtectionAll && data.fingerprintingProtectionAll.enabled) || + !data.lastAppVersion) { + return false } let migrationNeeded = false @@ -18,7 +22,10 @@ module.exports = (data) => { } catch (e) {} if (migrationNeeded) { - const pattern = 'https://uphold.com' + const pattern = 'https?://uphold.com' + if (!data.siteSettings) { + data.siteSettings = {} + } if (!data.siteSettings[pattern]) { data.siteSettings[pattern] = {} } @@ -27,4 +34,6 @@ module.exports = (data) => { targetSetting.fingerprintingProtection = 'allowAllFingerprinting' } } + + return migrationNeeded } diff --git a/js/data/siteSettingsList.js b/js/data/siteSettingsList.js index a149ae78d74..8b587e71c64 100644 --- a/js/data/siteSettingsList.js +++ b/js/data/siteSettingsList.js @@ -14,7 +14,7 @@ module.exports.defaultSiteSettingsList = [ }, { "name" : "fingerprintingProtection", - "pattern" : "https://uphold.com", + "pattern" : "https?://uphold.com", "value" : "allowAllFingerprinting" } ] diff --git a/test/unit/app/migrations/20180518_upholdTest.js b/test/unit/app/migrations/20180518_upholdTest.js new file mode 100644 index 00000000000..547ece2f0d2 --- /dev/null +++ b/test/unit/app/migrations/20180518_upholdTest.js @@ -0,0 +1,69 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +/* global describe, it */ +const assert = require('assert') + +const migration = require('../../../../app/migrations/20180518_uphold') + +require('../../braveUnit') + +describe('20180518_uphold migration', function () { + it('does not run if global fingerprint protection is enabled', function () { + let data = { + fingerprintingProtectionAll: { + enabled: true + }, + lastAppVersion: '0.22.714' + } + assert.equal(migration(data), false) + }) + + it('does not run if last app version is missing (new installs)', function () { + let data = {} + assert.equal(migration(data), false) + }) + + it('does not run if last app version is greater than 0.22.714', function () { + let data = { + lastAppVersion: '0.22.715' + } + assert.equal(migration(data), false) + }) + + it('runs if last app version is 0.22.714', function () { + let data = { + lastAppVersion: '0.22.714' + } + assert.equal(migration(data), true) + }) + + it('runs if last app version is older than 0.22.714', function () { + let data = { + lastAppVersion: '0.22.13' + } + assert.equal(migration(data), true) + }) + + it('sets fingerprintingProtection for the site (if not already set)', function () { + let data = { + lastAppVersion: '0.22.13' + } + migration(data) + assert.equal(data.siteSettings['https?://uphold.com'].fingerprintingProtection, 'allowAllFingerprinting') + }) + + it('does not overwrite an existing fingerprintingProtection setting for the site', function () { + let data = { + lastAppVersion: '0.22.13', + siteSettings: { + 'https?://uphold.com': { + fingerprintingProtection: 'blockAllFingerprinting' + } + } + } + migration(data) + assert.equal(data.siteSettings['https?://uphold.com'].fingerprintingProtection, 'blockAllFingerprinting') + }) +}) diff --git a/test/unit/app/sessionStoreTest.js b/test/unit/app/sessionStoreTest.js index 21e6dea9495..ac1f60d53c4 100644 --- a/test/unit/app/sessionStoreTest.js +++ b/test/unit/app/sessionStoreTest.js @@ -979,7 +979,7 @@ describe('sessionStore unit tests', function () { 'https://www.youtube.com': { autoplay: true }, - 'https://uphold.com': { + 'https?://uphold.com': { fingerprintingProtection: 'allowAllFingerprinting' } }