Add option to disable https by default for a domain

Rob--W · Nov 6, 2017 · af04aba · af04aba
1 parent 6d4e88f
commit af04aba
Show file tree

Hide file tree

Showing 5 changed files with 121 additions and 1 deletion.
diff --git a/Makefile b/Makefile
@@ -1,6 +1,8 @@
 FFFILES  = manifest.json
 FFFILES += icon.png
 FFFILES += background.js
+FFFILES += options.html
+FFFILES += options.js
 
 firefox/https-by-default.xpi: $(addprefix firefox/,$(FFFILES))
 	cd firefox && zip https-by-default.xpi $(FFFILES)

diff --git a/firefox/background.js b/firefox/background.js
@@ -3,6 +3,25 @@
  */
 'use strict';
 
+const DOMAIN_WILDCARD_LEAF_SYMBOL = Symbol('Domain wildcard prefix');
+
+var prefsParsed = {
+    domains_nohttps: new Map(),
+};
+var prefsReady = false;
+var prefsReadyPromise = browser.storage.local.get({
+    domains_nohttps: '',
+})
+.then(({domains_nohttps}) => doParsePrefs(domains_nohttps), (() => {}))
+.then(() => { prefsReady = true; });
+
+
+browser.storage.onChanged.addListener((changes) => {
+    if (changes.domains_nohttps) {
+        doParsePrefs(changes.domains_nohttps.newValue);
+    }
+});
+
 browser.webRequest.onBeforeRequest.addListener(async (details) => {
     if (details.originUrl) {
         // Likely a web-triggered navigation, or a reload of such a page.
@@ -18,6 +37,10 @@ browser.webRequest.onBeforeRequest.addListener(async (details) => {
 
     let {tabId, url: requestedUrl} = details;
 
+    if (!prefsReady) {
+        await prefsReadyPromise;
+    }
+
     if (!shouldRedirectToHttps(requestedUrl)) {
         return;
     }
@@ -91,6 +114,37 @@ function shouldRedirectToHttps(requestedUrl) {
         return false;
     }
 
+    let map = prefsParsed.domains_nohttps;
+    for (let part of hostname.split('.').reverse()) {
+        map = map.get(part);
+        if (!map) {
+            break;
+        }
+        if (map.has(DOMAIN_WILDCARD_LEAF_SYMBOL)) {
+            return false;
+        }
+    }
+
     // By default, redirect to https:.
     return true;
 }
+
+function doParsePrefs(domains_nohttps) {
+    prefsParsed.domains_nohttps = new Map();
+    if (domains_nohttps) {
+        console.assert(typeof domains_nohttps === 'string');
+        for (let domain of domains_nohttps.split(/\s+/)) {
+            if (!domain) {
+                continue;
+            }
+            let map = prefsParsed.domains_nohttps;
+            for (let part of domain.split('.').reverse()) {
+                if (!map.has(part)) {
+                    map.set(part, new Map());
+                }
+                map = map.get(part);
+            }
+            map.set(DOMAIN_WILDCARD_LEAF_SYMBOL);
+        }
+    }
+}
diff --git a/firefox/manifest.json b/firefox/manifest.json
@@ -1,18 +1,22 @@
 {
     "name": "HTTPS by default",
-    "description": "Request websites over secure https by default from the location bar instead of insecure http.",
+    "description": "Request websites over secure https by default from the location bar instead of insecure http. Exceptions can be added at the add-on's preferences page (to not use HTTPS by default for some sites).",
     "version": "0.4",
     "manifest_version": 2,
     "background": {
         "scripts": ["background.js"]
     },
     "permissions": [
+        "storage",
         "tabs",
         "webNavigation",
         "webRequest",
         "webRequestBlocking",
         "*://*/*"
     ],
+    "options_ui": {
+        "page": "options.html"
+    },
     "applications": {
         "gecko": {
             "strict_min_version": "57.0a1",

diff --git a/firefox/options.html b/firefox/options.html
@@ -0,0 +1,25 @@
+<!DOCTYPE html>
+<head>
+<meta charset="utf-8">
+<meta name="viewport" content="width=device-width">
+<style>
+html, body {
+    margin: 0;
+    padding: 0;
+}
+#domains_without_https {
+    display: block;
+    width: 100%;
+    height: 100%;
+    min-height: 9em;
+}
+</style>
+</head>
+<body>
+HTTPS is enabled by default for all navigations from the location bar and bookmarks.
+If a site does not support https, you can opt in to using http by default for that site by adding the domain to the following list.
+When https by default is turned off for a domain, its subdomains will also not use https by default.
+<textarea id="domains_nohttps_input"></textarea>
+<input id="save_button" type="button" value="Save">
+<script src="options.js"></script>
+</body>
diff --git a/firefox/options.js b/firefox/options.js
@@ -0,0 +1,35 @@
+'use strict';
+
+var domains_nohttps_input = document.getElementById('domains_nohttps_input');
+var save_button = document.getElementById('save_button');
+
+browser.storage.local.get({
+    domains_nohttps: '',
+}).then(({domains_nohttps}) => {
+    if (domains_nohttps) {
+        domains_nohttps_input.value = domains_nohttps;
+    }
+});
+
+
+let throttle;
+
+function commitChange() {
+    clearTimeout(throttle);
+
+    let domains_nohttps = domains_nohttps_input.value;
+    // TODO: Validate?
+    browser.storage.local.set({domains_nohttps}).then(() => {
+        if (domains_nohttps_input.value === domains_nohttps) {
+            save_button.value = 'Saved!';
+        }
+    });
+}
+
+save_button.onclick = commitChange;
+domains_nohttps_input.onchange = commitChange;
+domains_nohttps_input.oninput = () => {
+    save_button.value = 'Save';
+    clearTimeout(throttle);
+    throttle = setTimeout(commitChange, 1000);
+};