Update the JShelter extension to 0.15.2.

1 files changed, 56 insertions, 104 deletions

diff --git a/data/extensions/jsr@javascriptrestrictor/options.html b/data/extensions/jsr@javascriptrestrictor/options.html
index b16c860..3e4cf74 100644
--- a/data/extensions/jsr@javascriptrestrictor/options.html
+++ b/data/extensions/jsr@javascriptrestrictor/options.html
@@ -15,10 +15,14 @@ SPDX-License-Identifier: GPL-3.0-or-later
 	<script src="/nscl/lib/browser-polyfill.js" type="text/javascript"></script>
   <script src="levels_browser.js" type="text/javascript"></script>
   <script src="levels.js" type="text/javascript"></script>
+  <script src="options_init.js" type="text/javascript" defer></script>
   <script src="helpers.js" type="text/javascript" defer></script>
   <script src="tweaks_gui.js" type="text/javascript" defer></script>
   <script src="options.js" type="text/javascript" defer></script>
-	<title>JShelter options</title>
+	<script src="i18n_translate_dom.js" type="text/javascript" defer></script>
+	<script src="options_nbs.js" type="text/javascript" defer></script> <!-- This file appends text to
+	the div translated by i18n_translate_dom.js, keep this script after i18n_translate_dom.js -->
+	<title data-localize="JShelterOptions">JShelter options</title>
 </head>
 <body>
 			<section class="logo">
@@ -26,19 +30,19 @@ SPDX-License-Identifier: GPL-3.0-or-later
 			</section>
 			<nav class="menu">
 				<ul>
-					<li><a href="options.html">Main settings</a></li>
-					<li><a href="options_domains.html">JS Shield details</a></li>
-					<li><a href="options_advanced.html">Advanced options</a></li>
+					<li><a href="options.html" data-localize="MainSettings">Main settings</a></li>
+					<li><a href="options_domains.html" data-localize="JSSShieldDetails">JS Shield details</a></li>
+					<li><a href="options_advanced.html" data-localize="AdvancedOptions">Advanced options</a></li>
 					<li>
-						<p>External links</p>
+						<p data-localize="ExternalLinks">External links</p>
 						<ul>
-							<li><a href="https://JShelter.org/threatmodel/">Threat model</a></li>
-							<li><a href="https://JShelter.org/faq/">FAQ</a></li>
-							<li><a href="https://polcak.github.io/jsrestrictor/test/test.html">Test page</a></li>
-							<li><a href="https://JShelter.org/permissions/">Permissions</a></li>
-							<li><a href="https://pagure.io/JShelter/webextension/">Source code</a></li>
-							<li><a href="https://pagure.io/JShelter/webextension/issues">Issue tracker</a></li>
-							<li><a href="https://JShelter.org/credits/">Credits</a></li>
+							<li><a href="https://JShelter.org/threatmodel/" data-localize="ThreatModel">Threat model</a></li>
+							<li><a href="https://JShelter.org/faq/" data-localize="FAQ">FAQ</a></li>
+							<li><a href="https://polcak.github.io/jsrestrictor/test/test.html" data-localize="TestPage">Test page</a></li>
+							<li><a href="https://JShelter.org/permissions/" data-localize="Permissions">Permissions</a></li>
+							<li><a href="https://pagure.io/JShelter/webextension/" data-localize="SourceCode">Source code</a></li>
+							<li><a href="https://pagure.io/JShelter/webextension/issues" data-localize="IssueTracker">Issue tracker</a></li>
+							<li><a href="https://JShelter.org/credits/" data-localize="Credits">Credits</a></li>
 						</ul>
 					</li>
 				</ul>
@@ -51,95 +55,60 @@ SPDX-License-Identifier: GPL-3.0-or-later
 
 <section id="configuration_area">
 	<div id="levels-config">
-		<h2 id="set-default-level">JavaScript Shield</h2> 
-		<p class="jss_description">
-			JavaScript Shield modifies the behaviour of the JavaScript environment availble for the visited
-			webpage. JShelter provides fake information to confuse fingerprinters or make webpage triggered
-			attacks impossible or harder.
-		</p>
-		<p class="jss_description">
-			JavaScript Shield internally consists of wrappers, small pieces of code that modify the
-			original behaviour of a JavaScript API (a function or a property) defined by standards. The
-			behaviour of the most of the wrappers can be divided into several categories:
-		</p>
-		<ul class="jss_description">
-			<li><p>
-				Precision reduction: The original value is too precise and it is not necessary for most use
-				cases. JavaScript Shield modifies the values so that typical and benign use cases are not
-				affected.
-			</p></li>
-			<li><p>
-				Provide fake information: Some wrappers provide fake information mostly to confuse
-				fingerprinters. For example, canvas wrappers modifify the image so that the same instructions
-				produce different result in each session and for each domain.
-			</p></li>
-			<li><p>
-				Hide information: Some APIs provide information that is not generally needed and can be hidden
-				from most of the pages. Depending on the API, JavaScript Shield might return an error, an empty
-				value, or block the API completely.
-			</p></li>
-		</ul>
-		<p class="jss_description">
-			See our blog post for more information on <a href="https://jshelter.org/fingerprinting/">browser
-			fingerprinting counter-measures</a> and <a href="https://jshelter.org/farbling/">farbling</a>.
-		</p>
-		<ul id="levels-list">
-		</ul>
-		<fieldset>
-			<button id="new_level" class="jsr-button">Add custom level</button>
-		</fieldset>
+		<h2 id="set-default-level" data-localize="JavascriptShield">JavaScript Shield</h2>
+		<div class="jss_description" data-localize="JavascriptShieldDescription" htmltranslation></div>
+
+		<h3 data-localize="JavascriptShieldLevelsMainLevelOptionHeading">Create custom levels and set the default level</h3>
+		<p class="alert" data-localize="newLevelsNotRecommended" htmltranslation>We do not recommend creating own levels and
+			changing configuration if you are concerned about browser fingerprinting. Please read
+			<a href="https://jshelter.org/faq/">FAQ</a> and our <a
+				 href="https://arxiv.org/abs/2204.01392">paper</a>. By diverging from the configuration of
+			 other users, you make your re-identification easier.</p>
+		<div id="jss-shield-settings">
+			<div class="jss-shield-settings-item">
+				<ul id="levels-list">
+				</ul>
+				<fieldset>
+					<button id="new_level" class="jsr-button" data-localize="AddCustomLevel">Add custom level</button>
+				</fieldset>
+			</div>
+			<div id="current-level-tweaks-detail" class="jss-shield-settings-item">
+				<h3 id="current-level-tweaks-heading"></h3>
+				<div id="current-level-tweaks" class="tweakgrid">
+				</div>
+			</div>
+		</div>
 	</div>
 
-  	<div id="proxy-protection-config">
+		<div id="proxy-protection-config">
 		<div class="protection-title">
-			<label class="shield-onoff-label" for="nbs-switch"><h2>Network Boundary Shield</h2></label>
+			<h2 class="shield-onoff-label" for="nbs-switch" data-localize="NetworkBoundaryShield">Network Boundary Shield</h2>
 			<label class="switch">
 				<input id="nbs-switch" type="checkbox" checked>
 				<span class="slider"></span>
 			</label>
 		</div>
-		<p class="nbs_description">
-			Network Boundary Shield prevents web pages to use the browser as a proxy between local network
-			and the public Internet. See our <a
-			href="https://jshelter.org/localportscanning/">
-				blog post</a> and
-			<a
-				href="https://www.forcepoint.com/sites/default/files/resources/files/report-attacking-internal-network-en_0.pdf">Force
-				Point report</a> for examples of attacks handled by the Network Boundary Shield.
-			The protection encapsulates the WebRequest API, so it captures all outgoing requests.
-		</p>
-		<p class="nbs_description">
-			Generally, you want Network Boundary Shield to block all suspicious requests. However, some pages can be
-			broken, because they require interaction between public Internet and local network, for example,
-			some Intranet information systems might be broken by the Network Boundary Shield. JShelter users
-			also reported increased number of false positives when using DNS-based filtering programs. If
-			you use one, make sure that DNS returns 0.0.0.0 for the blocked domains.
-		</p>
-		<p class="nbs_description">
-			Network Boundary Shield default behavior can be globally adjusted by the settings below. Network Boundary Shield can also be completely 
-			disabled on a per-domain basis using the whitelist. Domains can be whitelisted via <i>Network Boundary Shield switch</i> in the popup window 
-			or manually via <i>Manage whitelist</i> option. Keep in mind that whitelisting a domain will also whitelist its subdomains. To selectively 
-			deactivate the Network Boundary Shield, insert the domains to the whitelist (excluding "www", but including all other domains e.g. ".com").
-		</p>
+		<div class="nbs_description" data-localize="NBSDescription" htmltranslation></div>
 		<fieldset>
 			<div class="tweakgrid" id="nbs-settings">
 
 			</div>
 		</fieldset>
 		<fieldset>
-			<button id="nbs-whitelist-show" class="jsr-button">Manage whitelist ⤵</button>
+			<button id="nbs-whitelist-show" class="jsr-button" data-localize="ManageWhitelist">Manage whitelist ⤵</button>
+			<button id="nbs-whitelist-hide" class="jsr-button hidden" data-localize="HideWhitelist">Hide whitelist ⤵</button>
 		</fieldset>
 		<fieldset id="nbs-whitelist-container" class="hidden">
 			<div>
 				<input id="nbs-whitelist-input" type="text" name="nbs-whitelist-hostname" placeholder="example.com">
-				<button id="nbs-whitelist-add-button" class="jsr-button"><strong>Disable</strong> for the domain</button>
+				<button id="nbs-whitelist-add-button" class="jsr-button" data-localize="ButtonDisableForDomain" htmltranslation>Disable for the domain</button>
 			</div>
 			<select id="nbs-whitelist-select" name="sometext" size="10" multiple>
 
 			</select>
 			<div>
-				<button id="nbs-whitelist-remove-button" class="jsr-button"><strong>Enable</strong> for the selected domains</button>
-				<p>
+				<button id="nbs-whitelist-remove-button" class="jsr-button" data-localize="ButtonEnableForSelectedDomains" htmltranslation>Enable for the selected domains</button>
+				<p data-localize="ManageWhitelistDescription" htmltranslation>
 					Please note, that these domain names are checked with domain hierarchy, so whitelisting
 					<strong>example.com</strong> does also whitelist <strong>news.example.com</strong>.
 				</p>
@@ -149,50 +118,33 @@ SPDX-License-Identifier: GPL-3.0-or-later
 
 	<div id="fingerprinting-protection-config">
 		<div class="protection-title">
-			<label class="shield-onoff-label" for="fpd-switch"><h2>Fingerprint Detector</h2></label>
+			<h2 class="shield-onoff-label" for="fpd-switch" data-localize="FingerprintDetector">Fingerprint Detector</h2>
 			<label class="switch">
 				<input id="fpd-switch" type="checkbox" checked>
 				<span class="slider"></span>
 			</label>
 		</div>
-		<p class="fpd_description">
-			Fingerprint Detector provides a mechanism that informs users about fingerprinting activity on visited web pages. The detector also prevents 
-			web pages from extracting browser fingerprint, if a user chooses to do so. See our <a
-			href="https://jshelter.org/fpdetection/">
-				blog post</a> or
-			<a
-				href="https://arxiv.org/pdf/1905.01051.pdf">Browser Fingerprinting: A survey</a> for a closer description of browser fingerprinting.
-		<p class="fpd_description">
-			By enabling the detector, you will be notified whenever it detects fingerprinting behavior on a visited web page. The detector measure severity of
-			potential fingerprint with each page visit. Then, it assigns a likelihood of fingerprinting to the page according to our heuristic system. The likelihood is 
-			presented to you by badge color of JShelter icon and also in popup window. If a high likelihood of fingerprinting occurs, you will be notified by a separate notification. 
-			It's possible to show details about the fingerprint by generating a fingerprint report. You can access it via popup window or by clicking directly on the notification.
-		</p>
-		<p class="fpd_description">		
-			The default behavior of Fingerprint Detector can be adjusted to your liking. You can choose "blocking" behavior, which works as a countermeasure against leaking your fingerprint
-			to unwanted parties. In this case, every positive detection is followed by blocking all subsequent HTTP requests and cleaning browser storage. Take into account that <strong>this action
-			will probably result in a broken web page</strong> and we strongly recommend to use a whitelist for trusted domains. Switching off the detector for a domain in the popup window will add
-			the domain to the whitelist. This domain won't be evaluated or blocked in the future. You can manage all the whitelisted domains below.
-		</p>
+		<div class="fpd_description" data-localize="FPDDescription" htmltranslation></div>
 		<fieldset>
 			<div class="tweakgrid" id="fpd-settings">
 
 			</div>
 		</fieldset>
 		<fieldset>
-			<button id="fpd-whitelist-show" class="jsr-button">Manage whitelist ⤵</button>
+			<button id="fpd-whitelist-show" class="jsr-button" data-localize="ManageWhitelist">Manage whitelist ⤵</button>
+			<button id="fpd-whitelist-hide" class="jsr-button hidden" data-localize="HideWhitelist">Hide whitelist ⤵</button>
 		</fieldset>
 		<fieldset id="fpd-whitelist-container" class="hidden">
 			<div>
 				<input id="fpd-whitelist-input" type="text" name="fpd-whitelist-hostname" placeholder="example.com">
-				<button id="fpd-whitelist-add-button" class="jsr-button"><strong>Disable</strong> for the domain</button>
+				<button id="fpd-whitelist-add-button" class="jsr-button" data-localize="ButtonDisableForDomain" htmltranslation>Disable for the domain</button>
 			</div>
 			<select id="fpd-whitelist-select" name="sometext" size="10" multiple>
 		
 			</select>
 			<div>
-				<button id="fpd-whitelist-remove-button" class="jsr-button"><strong>Enable</strong> for the selected domains</button>
-				<p>
+				<button id="fpd-whitelist-remove-button" class="jsr-button" data-localize="ButtonEnableForSelectedDomains" htmltranslation>Enable for the selected domains</button>
+				<p data-localize="ManageWhitelistDescription" htmltranslation>
 					Please note, that these domain names are checked with domain hierarchy, so whitelisting
 					<strong>example.com</strong> does also whitelist <strong>news.example.com</strong>.
 				</p>
@@ -215,11 +167,11 @@ SPDX-License-Identifier: GPL-3.0-or-later
 			<button class="help">⤵</button>
 			<div class="tweakfill"></div>
 			<div class="explainer hidden_descr">
-				<div class="status"></div>
+				<span class="description"></span>
 				<p>
-					<span class="description"></span>
 					<div class="more"></div>
 				</p>
+				<div class="status"></div>
 			</div>
 		</template>