New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Using HTTPSEverywhereUserRules with WebExtensions #14375

Closed
irykoon opened this Issue Jan 22, 2018 · 10 comments

Comments

Projects
None yet
4 participants
@irykoon
Contributor

irykoon commented Jan 22, 2018

Type: ruleset issue

Dear HTTPSEverywhere Developers,

I tried to use HTTPSEverywhereUserRules in the latest Tor Browser according to the instructions by @Hainish :

To add custom rules, you can still add them to your HTTPSEverywhereUserRules path, and subsequently change the extensions.https_everywhere.webextensions-migrated pref to false so that the extension knows to run another migration.

However, it seems there is no such a preference in about:config in TBB by default.

Therefore, I opened the about:config in Firefox 57, finding a preference called extension.https_everywhere.webextension-migrated (which is different from what @Hainish said: extensions.https_everywhere.webextensions-migrated).

To trigger a re-import of my custom rules, I did the following steps:

  • put my custom ruleset to HTTPSEverywhereUserRules direcotry
  • toggled the value extension.https_everywhere.webextension-migrated to false
  • created a new pref called extension.https_everywhere.webextensions-migrated and set the value to false
  • restarted the Firefox

However, it seems the rules I set in HTTPSEverywhereUserRules does not work.

For your information, the ruleset I used is Browser/profile.default/HTTPSEverywhereUserRules/WhonixOnion.xml . The content is as follows:

<ruleset name="Whonix Onion">
  <target host="whonix.org" />
  <target host="www.whonix.org" />
  <target host="phabricator.whonix.org" />
  <target host="forums.whonix.org" />
  <target host="download.whonix.org" />
  <target host="deb.whonix.org" />
  <rule from="^https?://(.*\.?)whonix\.org/" to="http://$1kkkkkkkkkk63ava6.onion/"/>
</ruleset>

I did notice that later, @Hainish said in #11977 that:

Adding new rules to the HTTPSEverywhereUserRules directory will not work after the one-time migration in the Embedded WebExtension (>= 2017.8.15) is performed. If you had old rules, they were migrated to the new extension.
To add new custom rules, you'll have to use the popup by visiting the https version of the site you want to add a rule for, clicking the extension icon, and clicking "Add a rule for this site".

Therefore, would you tell me if HTTPSEverywhereUserRules is still supported by WebExtensions version? If it is supported, would you please educate me on:

  1. How I can use HTTPSEverywhereUserRules in Firefox 57?
  2. How I can use HTTPSEverywhereUserRules in Tor Browser 7.0?

Thank you so much for your great work and time! I really appreciate it!

@jeremyn

This comment has been minimized.

Contributor

jeremyn commented Jan 22, 2018

HTTPSEverywhereUserRules/ is not supported with WebExtensions and won't be supported. My understanding is that security restrictions for WebExtensions block it from reading from the filesystem in the way that the HTTPSEverywhereUserRules/ approach needed.

The current equivalent is a hidden debug/test page that you can access in Firefox through about:addons > HTTPS Everywhere preferences > click under General Settings > press Ctrl-Z, or in Chrome by pressing Ctrl-Z in the equivalent place. It doesn't appear to work in the current version of the Tor Browser. The UI is specifically intended for testing rulesets, as opposed to using personal custom rules indefinitely, but that's what there is.

@numismatika

This comment has been minimized.

Contributor

numismatika commented Jan 22, 2018

Where was this restriction defined? I would like to see the reasons why you can't sandbox file reads to a certain folder specific for one single webextension

@jeremyn

This comment has been minimized.

Contributor

jeremyn commented Jan 22, 2018

@numismatika I don't mean to be rude, but "webextensions read files" on Google returns various results. See https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Working_with_files . What specifically are you looking for?

@jeremyn

This comment has been minimized.

Contributor

jeremyn commented Jan 22, 2018

Also, @Hainish was very definite on wanting to channel "user adds custom rule" functionality through the UI, and discourage alternate ways of creating rulesets, so even if it were possible to read arbitrary files, it probably would not be implemented in the extension anyway.

@irykoon

This comment has been minimized.

Contributor

irykoon commented Jan 22, 2018

HTTPSEverywhereUserRules/ is not supported with WebExtensions and won't be supported. My understanding is that security restrictions for WebExtensions block it from reading from the filesystem in the way that the HTTPSEverywhereUserRules/ approach needed.

The current equivalent is a hidden debug/test page that you can access in Firefox through about:addons > HTTPS Everywhere preferences > click under General Settings > press Ctrl-Z, or in Chrome by pressing Ctrl-Z in the equivalent place. It doesn't appear to work in the current version of the Tor Browser. The UI is specifically intended for testing rulesets, as opposed to using personal custom rules indefinitely, but that's what there is.

Thank you so much for your clear and immediate response, @jeremyn!

And also thank you for sharing the trick to open the hidden debug page!

I really appreciate it.

Since the questions have been perfectly answered. I am going to close the issue. But please feel free to reopen it if there is anything else people would like to discuss on the topic.

@irykoon irykoon closed this Jan 22, 2018

@jeremyn

This comment has been minimized.

Contributor

jeremyn commented Jan 22, 2018

@irykoon Thanks for closing the issue.

@Hainish

This comment has been minimized.

Member

Hainish commented Jan 22, 2018

@irykoon just for additional context, the instructions that I posted in that issue apply to the Embedded WebExtension, which is now deprecated. That's why that method of ruleset creation does not work. And @jeremyn is right, there is no longer any way to do arbitrary file reads from within WebExtensions.

@irykoon

This comment has been minimized.

Contributor

irykoon commented Jan 22, 2018

Thank you so much for your further explanation and confirmation, @Hainish !

It seems to be very helpful if we can update the rulesets documentation on EFF. However, I am not sure how I can help with that.

Do you have any suggestions?

Thank you very much!

@Hainish

This comment has been minimized.

Member

Hainish commented Jan 22, 2018

@irykoon the rulesets documentation page is generated from this markdown file:

https://github.com/EFForg/https-everywhere/blob/master/docs/en_US/rulesets.md

We haven't gotten around to updating this in a while, so I apologize if this lead you down the wrong path. We are planning on doing a comprehensive documentation update in the not-too-distant future, but in the meantime we're happy to take pull requests on this file. Thanks!

irykoon added a commit to irykoon/https-everywhere that referenced this issue Jan 22, 2018

HTTPSEverywhereUserRules is no longer supported
For details, see the issue here: EFForg#14375
@irykoon

This comment has been minimized.

Contributor

irykoon commented Jan 22, 2018

Thank you so much for your instruction, @Hainish !

Done: #14385

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment