Remove the static blocklist

The configuration option for defining a static blocklist of sites on which Hypothesis should not load has never been used and we're not anticipating doing so.
hypothesis · Jan 21, 2016 · 2e1366f · 2e1366f
1 parent 8036ac7
commit 2e1366f
Show file tree

Hide file tree

Showing 12 changed files with 4 additions and 370 deletions.
diff --git a/CHANGES.txt b/CHANGES.txt
@@ -8,6 +8,9 @@ Miscellanea
   a long way behind Chrome, with the intention of replacing it with
   one based on WebExtensions in the near future.
 
+- Removed the option to configure a static blocklist of URLs on which
+  the Hypothesis client would refuse to load.
+
 - Strip WebTrends "WT.*" query parameters as part of URI normalization (#2862).
 
 

diff --git a/h/browser/chrome/lib/sidebar-injector.js b/h/browser/chrome/lib/sidebar-injector.js
@@ -1,6 +1,5 @@
 'use strict';
 
-var blocklist = require('../../../static/scripts/blocklist');
 var detectContentType = require('./detect-content-type');
 var errors = require('./errors');
 var settings = require('./settings');
@@ -49,11 +48,6 @@ function SidebarInjector(chromeTabs, dependencies) {
    * otherwise it will be rejected with an error.
    */
   this.injectIntoTab = function(tab) {
-    if (blocklist.isBlocked(tab.url, settings.blocklist)) {
-      return Promise.reject(new errors.BlockedSiteError(
-        "Hypothesis doesn't work on this site yet."));
-    }
-
     if (isFileURL(tab.url)) {
       return injectIntoLocalDocument(tab);
     } else {

diff --git a/h/browser/chrome/test/settings.json b/h/browser/chrome/test/settings.json
@@ -1,4 +1,3 @@
 {
-  "apiUrl": "http://127.0.0.1:5000/api",
-  "blocklist": {"twitter.com": {}, "finance.yahoo.com": {}, "*.google.com": {}}
+  "apiUrl": "http://127.0.0.1:5000/api"
 }
diff --git a/h/browser/chrome/test/sidebar-injector-test.js b/h/browser/chrome/test/sidebar-injector-test.js
@@ -149,103 +149,6 @@ describe('SidebarInjector', function () {
       });
     });
   });
-
-  describe("when there's a non-empty blocklist", function() {
-    it("still injects the scripts on unblocked sites", function() {
-      var promise = injector.injectIntoTab(
-        {id: 1, url: "http://notblocked.com"});
-      return promise.then(
-        function onFulfill() {
-          assert.called(fakeChromeTabs.executeScript);
-        },
-        function onRejected(reason) {
-          assert(false, "The promise should not be rejected");
-      });
-    });
-
-    it("still injects scripts on subdomains of blocked domains", function() {
-      var promise = injector.injectIntoTab(
-        {id: 1, url: "http://subdomain.twitter.com"});
-      return promise.then(
-        function onFulfill() {
-          assert.called(fakeChromeTabs.executeScript);
-        },
-        function onRejected(reason) {
-          assert(false, "The promise should not be rejected");
-      });
-    });
-
-    it("doesn't inject any scripts on blocked sites", function() {
-      var promise = injector.injectIntoTab({id: 1, url: "http://twitter.com"});
-      return promise.then(
-        function onFulfill() {
-          assert(false, "The promise should not be fulfilled");
-        },
-        function onRejected(reason) {
-          assert.notCalled(fakeChromeTabs.executeScript);
-      });
-    });
-
-    it("doesn't inject scripts on sub pages of blocked sites", function() {
-      var promise = injector.injectIntoTab(
-        {id: 1, url: "http://twitter.com/sub/page.html"});
-      return promise.then(
-        function onFulfill() {
-          assert(false, "The promise should not be fulfilled");
-        },
-        function onRejected(reason) {
-          assert.notCalled(fakeChromeTabs.executeScript);
-      });
-    });
-
-    it("doesn't inject scripts on blocked sites with queries", function() {
-      var promise = injector.injectIntoTab(
-        {id: 1, url: "http://twitter.com?tag=foo&user=bar"});
-      return promise.then(
-        function onFulfill() {
-          assert(false, "The promise should not be fulfilled");
-        },
-        function onRejected(reason) {
-          assert.notCalled(fakeChromeTabs.executeScript);
-      });
-    });
-
-    it("doesn't inject scripts on blocked sites with anchors", function() {
-      var promise = injector.injectIntoTab(
-        {id: 1, url: "http://twitter.com#foo"});
-      return promise.then(
-        function onFulfill() {
-          assert(false, "The promise should not be fulfilled");
-        },
-        function onRejected(reason) {
-          assert.notCalled(fakeChromeTabs.executeScript);
-      });
-    });
-
-    it("doesn't inject scripts on blocked sites with ports", function() {
-      var promise = injector.injectIntoTab(
-        {id: 1, url: "http://twitter.com:1234"});
-      return promise.then(
-        function onFulfill() {
-          assert(false, "The promise should not be fulfilled");
-        },
-        function onRejected(reason) {
-          assert.notCalled(fakeChromeTabs.executeScript);
-      });
-    });
-
-    it("doesn't inject on wildcard-blocked subdomains", function() {
-      var promise = injector.injectIntoTab(
-        {id: 1, url: "http://drive.google.com"});
-      return promise.then(
-        function onFulfill() {
-          assert(false, "The promise should not be fulfilled");
-        },
-        function onRejected(reason) {
-          assert.notCalled(fakeChromeTabs.executeScript);
-      });
-    });
-  });
 });
 
   describe('.removeFromTab', function () {

diff --git a/h/buildext.py b/h/buildext.py
@@ -145,7 +145,6 @@ def settings_dict(env):
         })
 
     config.update({
-        'blocklist': env['registry'].settings['h.blocklist'],
         'buildType': build_type_from_api_url(api_url),
     })
     return config

diff --git a/h/config.py b/h/config.py
@@ -25,7 +25,6 @@ def settings_from_environment():
     _setup_statsd(settings)
     _setup_webassets(settings)
     _setup_websocket(settings)
-    _setup_blocklist(settings)
 
     return settings
 
@@ -183,8 +182,3 @@ def _setup_webassets(settings):
 def _setup_websocket(settings):
     if 'ALLOWED_ORIGINS' in os.environ:
         settings['origins'] = os.environ['ALLOWED_ORIGINS']
-
-
-def _setup_blocklist(settings):
-    if 'BLOCKLIST' in os.environ:
-        settings['h.blocklist'] = os.environ['BLOCKLIST']
diff --git a/h/static/scripts/blocklist.js b/h/static/scripts/blocklist.js
diff --git a/h/static/scripts/test/blocklist-test.js b/h/static/scripts/test/blocklist-test.js
diff --git a/h/templates/embed.js.jinja2 b/h/templates/embed.js.jinja2
@@ -6,10 +6,6 @@ if (typeof(window.annotator) === 'undefined') {
     return;
 }
 
-{% if blocklist -%}
-{% include 'h:static/scripts/blocklist.js' %}
-{%- endif %}
-
 // Injects the hypothesis dependencies. These can be either js or css, the
 // file extension is used to determine the loading method. This file is
 // pre-processed in order to insert the wgxpath, url and inject scripts.
@@ -53,18 +49,6 @@ window.hypothesisInstall = function (inject) {
     document.head.appendChild(script);
   };
 
-  {% if blocklist %}
-    // For certain blocklisted hostnames we bail out and don't inject
-    // Hypothesis.
-    var url = window.location.toString();
-    if (blocklist.isBlocked(url, {{ blocklist|safe }})) {
-      window.alert(
-        "We're sorry, but Hypothesis doesn't work on " +
-        window.location.hostname + " yet.");
-      return;
-    }
-  {% endif %}
-
   if (!window.document.evaluate) {
     {%- assets "wgxpath" %}
     resources.push('{{ ASSET_URL | safe }}');

diff --git a/h/test/config_test.py b/h/test/config_test.py
@@ -207,15 +207,6 @@ def test_session_secret_environment():  # bw compat
     assert actual_config == expected_config
 
 
-def test_blocklist():
-    blocklist = '{"seanh.cc": {}, "twitter.com": {}, "finance.yahoo.com": {}'
-    os.environ['BLOCKLIST'] = blocklist
-
-    actual_config = settings_from_environment()
-
-    assert actual_config == {'h.blocklist': blocklist}
-
-
 @pytest.fixture(autouse=True)
 def environ(request):
     """Clear the environment and later restore it to its original state."""