Skip to content

Commit

Permalink
Add fingerprinting exception for Uphold
Browse files Browse the repository at this point in the history
  • Loading branch information
diracdeltas authored and bsclifton committed Jun 25, 2019
1 parent b7a8137 commit 9a0c3e1
Show file tree
Hide file tree
Showing 4 changed files with 53 additions and 0 deletions.
21 changes: 21 additions & 0 deletions common/shield_exceptions.cc
Original file line number Diff line number Diff line change
Expand Up @@ -72,4 +72,25 @@ bool IsWhitelistedCookieException(const GURL& firstPartyOrigin,
});
}

bool IsWhitelistedFingerprintingException(const GURL& firstPartyOrigin,
const GURL& subresourceUrl) {
static std::map<GURL, std::vector<URLPattern> > whitelist_patterns = {
{
GURL("https://uphold.com/"),
std::vector<URLPattern>({URLPattern(URLPattern::SCHEME_ALL,
"https://uphold.netverify.com/*")})
}
};
std::map<GURL, std::vector<URLPattern> >::iterator i =
whitelist_patterns.find(firstPartyOrigin);
if (i == whitelist_patterns.end()) {
return false;
}
std::vector<URLPattern> &exceptions = i->second;
return std::any_of(exceptions.begin(), exceptions.end(),
[&subresourceUrl](const URLPattern& pattern) {
return pattern.MatchesURL(subresourceUrl);
});
}

} // namespace brave
2 changes: 2 additions & 0 deletions common/shield_exceptions.h
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,8 @@ bool IsBlockedResource(const GURL& gurl);
bool IsWhitelistedCookieException(const GURL& firstPartyOrigin,
const GURL& subresourceUrl,
bool allow_google_auth);
bool IsWhitelistedFingerprintingException(const GURL& firstPartyOrigin,
const GURL& subresourceUrl);

} // namespace brave

Expand Down
25 changes: 25 additions & 0 deletions common/shield_exceptions_unittest.cc
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ namespace {

typedef testing::Test BraveShieldsExceptionsTest;
using brave::IsWhitelistedCookieException;
using brave::IsWhitelistedFingerprintingException;

TEST_F(BraveShieldsExceptionsTest, IsWhitelistedCookieException) {
// Cookie exceptions for Google auth domains
Expand All @@ -23,4 +24,28 @@ TEST_F(BraveShieldsExceptionsTest, IsWhitelistedCookieException) {
GURL("https://accounts.google.com/o/oauth2/iframe"), false));
}

TEST_F(BraveShieldsExceptionsTest, IsWhitelistedFingerprintingException) {
EXPECT_TRUE(IsWhitelistedFingerprintingException(
GURL("https://uphold.com"),
GURL("https://uphold.netverify.com/iframe")));
EXPECT_TRUE(IsWhitelistedFingerprintingException(
GURL("https://uphold.com/"),
GURL("https://uphold.netverify.com")));
EXPECT_FALSE(IsWhitelistedFingerprintingException(
GURL("http://uphold.com/"),
GURL("https://uphold.netverify.com/")));
EXPECT_FALSE(IsWhitelistedFingerprintingException(
GURL("https://uphold.com/"),
GURL("http://uphold.netverify.com/")));
EXPECT_FALSE(IsWhitelistedFingerprintingException(
GURL("https://uphold.netverify.com/iframe"),
GURL("https://uphold.com/")));
EXPECT_FALSE(IsWhitelistedFingerprintingException(
GURL("https://uphold.com/"),
GURL("https://netverify.com/iframe")));
EXPECT_FALSE(IsWhitelistedFingerprintingException(
GURL("https://www.uphold.com/"),
GURL("https://uphold.netverify.com/iframe")));
}

} // namespace
5 changes: 5 additions & 0 deletions renderer/brave_content_settings_observer.cc
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
#include "base/bind_helpers.h"
#include "base/strings/utf_string_conversions.h"
#include "brave/common/render_messages.h"
#include "brave/common/shield_exceptions.h"
#include "brave/content/common/frame_messages.h"
#include "components/content_settings/core/common/content_settings_pattern.h"
#include "components/content_settings/core/common/content_settings_utils.h"
Expand Down Expand Up @@ -204,6 +205,10 @@ bool BraveContentSettingsObserver::AllowFingerprinting(
if (IsBraveShieldsDown(frame, secondary_url)) {
return true;
}
const GURL& primary_url = GetOriginOrURL(frame);
if (brave::IsWhitelistedFingerprintingException(primary_url, secondary_url)) {
return true;
}
ContentSettingsForOneType rules;
if (content_setting_rules_) {
rules = content_setting_rules_->fingerprinting_rules;
Expand Down

0 comments on commit 9a0c3e1

Please sign in to comment.