(function(){function r(e,n,t){function o(i,f){if(!n[i]){if(!e[i]){var c="function"==typeof require&&require;if(!f&&c)return c(i,!0);if(u)return u(i,!0);var a=new Error("Cannot find module '"+i+"'");throw a.code="MODULE_NOT_FOUND",a}var p=n[i]={exports:{}};e[i][0].call(p.exports,function(r){var n=e[i][1][r];return o(n||r)},p,p.exports,r,e,n,t)}return n[i].exports}for(var u="function"==typeof require&&require,i=0;i * Copyright (C) 2022 Yuchen Pei * * This file is part of GNU LibreJS. * * GNU LibreJS is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * GNU LibreJS is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with GNU LibreJS. If not, see . */ /** Singleton to handle external licenses, e.g. WebLabels */ 'use strict'; const licenses = require('../common/license_definitions.json') const licensesByLabel = new Map(Object.entries(licenses).map(([id, license]) => [ [license.identifier.toUpperCase(), license], [id.toUpperCase(), license], [license.licenseName.toUpperCase(), license] ]).flat()); const licensesByUrl = new Map(Object.values(licenses).map(license => license.canonicalUrl.map(url => [url, license])).flat()); for (const [id, license] of Object.entries(licenses)) { if (!license.identifier) { license.identifier = id; } } const cachedHrefs = new Map(); const ExternalLicenses = { purgeCache(tabId) { cachedHrefs.delete(tabId); }, /** * Checks external script using web labels * * If the script cannot be found in the web labels table, returns null. * * If the script can be found in the web labels table, and at least * one of its licenses can be found in our free license DB, returns * "free". * * Otherwise returns "nonfree". */ async check(script) { const { url, tabId, frameId, documentUrl } = script; const tabCache = cachedHrefs.get(tabId); const frameCache = tabCache && tabCache.get(frameId); const cache = frameCache && frameCache.get(documentUrl); const scriptInfo = await browser.tabs.sendMessage(tabId, { action: 'checkLicensedScript', url, cache, }, { frameId }); if (!(scriptInfo && scriptInfo.licenseLinks.length)) { return null; } scriptInfo.licenses = new Set(scriptInfo.licenseLinks.map( ({ label, url }) => { const uLabel = label.trim().toUpperCase(); const license = licensesByLabel.get(uLabel) || licensesByUrl.get(url) || licensesByLabel.get(uLabel.replace(/^GNU-|-(?:OR-LATER|ONLY)$/, '')); return license ? [license] : []; }).flat()); scriptInfo.free = scriptInfo.licenses.size > 0; return scriptInfo; }, /** * moves / creates external license references before any script in the page * if needed, to have them ready when the first script load is triggered. * It also caches the external licens href by page URL, to help not actually * modify the rendered HTML but rather feed the content script on demand. * Returns true if the document has been actually modified, false otherwise. */ optimizeDocument(doc, cachePointer) { const cache = {}; const { tabId, frameId, documentUrl } = cachePointer; const frameCache = cachedHrefs.get(tabId) || new Map(); cachedHrefs.set(tabId, frameCache); frameCache.set(frameId, new Map([[documentUrl, cache]])); const link = doc.querySelector('link[rel="jslicense"], link[data-jslicense="1"], a[rel="jslicense"], a[data-jslicense="1"]'); if (link) { const href = link.getAttribute('href'); cache.webLabels = { href }; const move = (link) => !!doc.head.insertBefore(link, doc.head.firstChild); if (link.parentNode === doc.head) { // TODO: eliminate let let node = link.previousElementSibling; for (; node; node = node.previousElementSibling) { if (node.tagName.toUpperCase() === 'SCRIPT') { return move(link); } } } else { // the reference is only in the body if (link.tagName.toUpperCase() === 'A') { const newLink = doc.createElement('link'); newLink.rel = 'jslicense'; newLink.setAttribute('href', href); return move(newLink); } return move(link); } } return false; } }; module.exports = { ExternalLicenses }; },{"../common/license_definitions.json":10}],2:[function(require,module,exports){ /** * GNU LibreJS - A browser add-on to block nonfree nontrivial JavaScript. * * Copyright (C) 2018 Giorgio Maone * Copyright (C) 2022 Yuchen Pei * * This file is part of GNU LibreJS. * * GNU LibreJS is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * GNU LibreJS is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with GNU LibreJS. If not, see . */ /* A class to manage whitelist/blacklist operations */ const { ListStore } = require('../common/Storage'); class ListManager { constructor(whitelist, blacklist, builtInHashes) { this.lists = { whitelist, blacklist }; this.builtInHashes = new Set(builtInHashes); } static async move(fromList, toList, ...keys) { await Promise.all([fromList.remove(...keys), toList.store(...keys)]); } async whitelist(...keys) { await ListManager.move(this.lists.blacklist, this.lists.whitelist, ...keys); } async blacklist(...keys) { await ListManager.move(this.lists.whitelist, this.lists.blacklist, ...keys); } async forget(...keys) { await Promise.all(Object.values(this.lists).map(async l => await l.remove(...keys))); } /* key is a string representing either a URL or an optional path with a trailing (hash). Returns "blacklisted", "whitelisted" or defValue */ getStatus(key, defValue = 'unknown') { const { blacklist, whitelist } = this.lists; const inline = ListStore.inlineItem(key); if (inline) { return blacklist.contains(inline) ? 'blacklisted' : whitelist.contains(inline) ? 'whitelisted' : defValue; } const match = key.match(/\(([^)]+)\)(?=[^()]*$)/); if (!match) { const url = ListStore.urlItem(key); const site = ListStore.siteItem(key); return (blacklist.contains(url) || ListManager.siteMatch(site, blacklist) ? 'blacklisted' : whitelist.contains(url) || ListManager.siteMatch(site, whitelist) ? 'whitelisted' : defValue ); } const [hashItem, srcHash] = match; // (hash), hash return blacklist.contains(hashItem) ? 'blacklisted' : this.builtInHashes.has(srcHash) || whitelist.contains(hashItem) ? 'whitelisted' : defValue; } /* Matches by whole site ("http://some.domain.com/*") supporting also wildcarded subdomains ("https://*.domain.com/*"). */ static siteMatch(url, list) { const site = ListStore.siteItem(url); if (list.contains(site)) return site; // TODO: get rid of let for (let replaced = site.replace(/^([\w-]+:\/\/)?(\w)/, '$1*.$2'); ;) { if (list.contains(replaced)) return replaced; const oldKey = replaced; replaced = replaced.replace(/(?:\*\.)*\w+(?=\.)/, '*'); if (oldKey === replaced) return null; } } } module.exports = { ListManager }; },{"../common/Storage":5}],3:[function(require,module,exports){ /** * GNU LibreJS - A browser add-on to block nonfree nontrivial JavaScript. * * Copyright (C) 2018 Giorgio Maone * * This file is part of GNU LibreJS. * * GNU LibreJS is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * GNU LibreJS is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with GNU LibreJS. If not, see . */ /** This class parses HTTP response headers to extract both the MIME Content-type and the character set to be used, if specified, to parse textual data through a decoder. */ const BOM = [0xEF, 0xBB, 0xBF]; const DECODER_PARAMS = { stream: true }; class ResponseMetaData { constructor(request) { let { responseHeaders } = request; this.headers = {}; for (let h of responseHeaders) { if (/^\s*Content-(Type|Disposition)\s*$/i.test(h.name)) { let propertyName = h.name.split('-')[1].trim(); propertyName = `content${propertyName.charAt(0).toUpperCase()}${propertyName.substring(1).toLowerCase()}`; this[propertyName] = h.value; this.headers[propertyName] = h; } } this.computedCharset = ''; } get charset() { let charset = ''; if (this.contentType) { let m = this.contentType.match(/;\s*charset\s*=\s*(\S+)/); if (m) { charset = m[1]; } } Object.defineProperty(this, 'charset', { value: charset, writable: false, configurable: true }); return this.computedCharset = charset; } decode(data) { let charset = this.charset; let decoder = this.createDecoder(); let text = decoder.decode(data, DECODER_PARAMS); if (!charset && /html/i.test(this.contentType)) { // missing HTTP charset, sniffing in content... if (data[0] === BOM[0] && data[1] === BOM[1] && data[2] === BOM[2]) { // forced UTF-8, nothing to do return text; } // let's try figuring out the charset from tags let parser = new DOMParser(); let doc = parser.parseFromString(text, 'text/html'); let meta = doc.querySelectorAll('meta[charset], meta[http-equiv="content-type"], meta[content*="charset"]'); for (let m of meta) { charset = m.getAttribute('charset'); if (!charset) { let match = m.getAttribute('content').match(/;\s*charset\s*=\s*([\w-]+)/i) if (match) charset = match[1]; } if (charset) { decoder = this.createDecoder(charset, null); if (decoder) { this.computedCharset = charset; return decoder.decode(data, DECODER_PARAMS); } } } } return text; } createDecoder(charset = this.charset, def = 'latin1') { if (charset) { try { return new TextDecoder(charset); } catch (e) { console.error(e); } } return def ? new TextDecoder(def) : null; } } ResponseMetaData.UTF8BOM = new Uint8Array(BOM); module.exports = { ResponseMetaData }; },{}],4:[function(require,module,exports){ /** * GNU LibreJS - A browser add-on to block nonfree nontrivial JavaScript. * * Copyright (C) 2018 Giorgio Maone * Copyright (C) 2022 Yuchen Pei * * This file is part of GNU LibreJS. * * GNU LibreJS is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * GNU LibreJS is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with GNU LibreJS. If not, see . */ /** An abstraction layer over the StreamFilter API, allowing its clients to process only the "interesting" HTML and script requests and leaving the other alone */ const { ResponseMetaData } = require('./ResponseMetaData'); const listeners = new WeakMap(); const webRequestEvent = browser.webRequest.onHeadersReceived; // Some hardcoded return values for the onHeadersReceived callback. const BLOCKING_RESPONSES = { ACCEPT: {}, // Do nothing REJECT: { cancel: true }, // Cancel the request. See docs of BlockingResponse }; class ResponseProcessor { static install(handler, types = ['main_frame', 'sub_frame', 'script']) { if (listeners.has(handler)) return false; const listener = async request => await new ResponseTextFilter(request).process(handler); listeners.set(handler, listener); webRequestEvent.addListener( listener, { urls: [''], types }, ['blocking', 'responseHeaders'] ); return true; } static uninstall(handler) { const listener = listeners.get(handler); if (listener) { webRequestEvent.removeListener(listener); } } } class ResponseTextFilter { constructor(request) { this.request = request; const { type, statusCode } = request; const md = this.metaData = new ResponseMetaData(request); this.canProcess = // we want to process html documents and scripts only (statusCode < 300 || statusCode >= 400) && // skip redirections !md.disposition && // skip forced downloads (type === 'script' || /\bhtml\b/i.test(md.contentType)); } async process(handler) { if (!this.canProcess) return BlockingResponses.ACCEPT; const { metaData, request } = this; const response = { request, metaData }; // we keep it around allowing callbacks to store state if (typeof handler.pre !== 'function' || typeof handler.post !== 'function') { throw new Error('handler should have a pre and post function.'); } // If can determine without checking and filtering response // payload then return. const res = await handler.pre(response); if (res) return res; const { requestId } = request; // create a filter to modify response data, see // Mozilla/Add-ons/WebExtensions/API/webRequest/filterResponseData const filter = browser.webRequest.filterResponseData(requestId); let buffer = []; filter.ondata = event => { buffer.push(event.data); }; filter.onstop = async _ => { // concatenate chunks const size = buffer.reduce((sum, chunk) => sum + chunk.byteLength, 0) let allBytes = new Uint8Array(size); let pos = 0; for (const chunk of buffer) { allBytes.set(new Uint8Array(chunk), pos); pos += chunk.byteLength; } buffer = null; // allow garbage collection if (allBytes.indexOf(0) !== -1) { console.debug('Warning: zeroes in bytestream, probable cached encoding mismatch.', request); if (request.type === 'script') { console.debug('It\'s a script, trying to refetch it.'); response.text = await (await fetch(request.url, { cache: 'reload', credentials: 'include' })).text(); } else { console.debug('It\'s a %s, trying to decode it as UTF-16.', request.type); response.text = new TextDecoder('utf-16be').decode(allBytes, { stream: true }); } } else { response.text = metaData.decode(allBytes); } let editedText = null; try { editedText = await handler.post(response); } catch (e) { console.error(e); } if (editedText !== null && editedText !== response.text) { // we changed the content, let's re-encode const encoded = new TextEncoder().encode(editedText); // pre-pending the UTF-8 BOM will force the charset per HTML 5 specs allBytes = new Uint8Array(encoded.byteLength + 3); allBytes.set(ResponseMetaData.UTF8BOM, 0); // UTF-8 BOM allBytes.set(encoded, 3); } filter.write(allBytes); filter.close(); } // Accepting the filtered payload. return BLOCKING_RESPONSES.ACCEPT; } } module.exports = { ResponseProcessor, BLOCKING_RESPONSES }; },{"./ResponseMetaData":3}],5:[function(require,module,exports){ /** * GNU LibreJS - A browser add-on to block nonfree nontrivial JavaScript. * * Copyright (C) 2018 Giorgio Maone * Copyright (C) 2022 Yuchen Pei * * This file is part of GNU LibreJS. * * GNU LibreJS is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * GNU LibreJS is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with GNU LibreJS. If not, see . */ /** A tiny wrapper around extensions storage API, supporting CSV serialization for retro-compatibility */ 'use strict'; const Storage = { ARRAY: { async load(key, array = undefined) { const result = array === undefined ? (await browser.storage.local.get(key))[key] : array; return result ? new Set(result) : new Set(); }, async save(key, list) { return await browser.storage.local.set({ [key]: [...list] }); }, }, CSV: { async load(key) { const csv = (await browser.storage.local.get(key))[key]; return csv ? new Set(csv.split(/\s*,\s*/)) : new Set(); }, async save(key, list) { return await browser.storage.local.set({ [key]: [...list].join(',') }); } } }; /** A class to hold and persist blacklists and whitelists */ class ListStore { constructor(key, storage = Storage.ARRAY) { this.key = key; this.storage = storage; this.items = new Set(); browser.storage.onChanged.addListener(changes => { if (!this.saving && this.key in changes) { this.load(changes[this.key].newValue); } }); } static inlineItem(url) { // here we simplify and hash inline script references return url.startsWith('inline:') ? url : url.startsWith('view-source:') && url.replace(/^view-source:[\w-+]+:\/+([^/]+).*#line\d+/, 'inline://$1#') .replace(/\n[^]*/, s => s.replace(/\s+/g, ' ').substring(0, 16) + '…' + hash(s.trim())); } static hashItem(hash) { return hash.startsWith('(') ? hash : `(${hash})`; } static urlItem(url) { const queryPos = url.indexOf('?'); return queryPos === -1 ? url : url.substring(0, queryPos); } static siteItem(url) { if (url.endsWith('/*')) return url; try { return `${new URL(url).origin}/*`; } catch (e) { return `${url}/*`; } } async save() { this._saving = true; try { return await this.storage.save(this.key, this.items); } finally { this._saving = false; } } async load(values = undefined) { try { this.items = await this.storage.load(this.key, values); } catch (e) { console.error(e); } return this.items; } async store(...items) { const size = this.items.size; const changed = items.reduce((current, item) => size !== this.items.add(item).size || current, false); changed && await this.save(); } async remove(...items) { const changed = items.reduce((current, item) => this.items.delete(item) || current, false); changed && await this.save(); } contains(item) { return this.items.has(item); } } function hash(source) { const shaObj = new jssha('SHA-256', 'TEXT') shaObj.update(source); return shaObj.getHash('HEX'); } if (typeof module === 'object') { module.exports = { ListStore, Storage, hash }; // TODO: eliminate the var var jssha = require('jssha'); } },{"jssha":14}],6:[function(require,module,exports){ /** * GNU LibreJS - A browser add-on to block nonfree nontrivial JavaScript. * * Copyright (C) 2018 Giorgio Maone * Copyright (C) 2022 Yuchen Pei * * This file is part of GNU LibreJS. * * GNU LibreJS is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * GNU LibreJS is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with GNU LibreJS. If not, see . */ 'use strict'; const Test = (() => { const RUNNER_URL = browser.runtime.getURL('/test/SpecRunner.html'); return { /* returns RUNNER_URL if it's a test-enabled build or an about:debugging temporary extension session, null otherwise */ async getURL() { try { await fetch(RUNNER_URL); return RUNNER_URL; } catch (e) { return null; } }, async getTab(activate = false) { const url = await this.getURL(); const tab = url ? (await browser.tabs.query({ url }))[0] || (await browser.tabs.create({ url })) : null; if (tab && activate) { await browser.tabs.update(tab.id, { active: true }); } return tab; } }; })(); if (typeof module === 'object') { module.exports = Test; } },{}],7:[function(require,module,exports){ /** * GNU LibreJS - A browser add-on to block nonfree nontrivial JavaScript. * * * Copyright (C) 2018 Nathan Nichols * Copyright (C) 2022 Yuchen Pei * * This file is part of GNU LibreJS. * * GNU LibreJS is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * GNU LibreJS is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with GNU LibreJS. If not, see . */ const acorn = require('acorn'); const licenses = require('./license_definitions.json'); const { patternUtils } = require('./pattern_utils.js'); const { makeDebugLogger } = require('./debug.js'); const fnameData = require('./fname_data.json').fname_data; const LIC_RE = /@licstartThefollowingistheentirelicensenoticefortheJavaScriptcodeinthis(?:page|file)(.*)?@licendTheaboveistheentirelicensenoticefortheJavaScriptcodeinthis(?:page|file)/mi; /* NONTRIVIAL THINGS: - Fetch - XMLhttpRequest - eval() - ? JAVASCRIPT CAN BE FOUND IN: - Event handlers (onclick, onload, onsubmit, etc.) - - WAYS TO DETERMINE PASS/FAIL: - "// @license [magnet link] [identifier]" then "// @license-end" (may also use /* comments) - Automatic whitelist: (http://bzr.savannah.gnu.org/lh/librejs/dev/annotate/head:/data/script_libraries/script-libraries.json_ */ // These are objects that it will search for in an initial regex pass over non-free scripts. const RESERVED_OBJECTS = [ //"document", //"window", 'fetch', 'XMLHttpRequest', 'chrome', // only on chrome 'browser', // only on firefox 'eval' ]; const LOOPKEYS = new Set(['for', 'if', 'while', 'switch']); const OPERATORS = new Set(['||', '&&', '=', '==', '++', '--', '+=', '-=', '*']); // @license match, second and third capture groups are canonicalUrl // and license name // Caveat: will not work in a commented out star comments: // '// /* @license */ ... /* @license-end */' will be checked, though // the whole thing is a comment const OPENING_LICENSE_RE1 = /^\s*\/\/\s*@license\s+(\S+)\s+(\S+).*$/mi; const OPENING_LICENSE_RE2 = /\/\*\s*?@license\s+(\S+)\s+([^/*]+).*\*\//mi; const CLOSING_LICENSE_RE1 = /^\s*\/\/\s*@license-end\s*/mi; const CLOSING_LICENSE_RE2 = /\/\*\s*@license-end\s*\*\//mi; /** * If this is true, it evaluates entire scripts instead of returning as soon as it encounters a violation. * * Also, it controls whether or not this part of the code logs to the console. * */ const DEBUG = false; // debug the JS evaluation const PRINT_DEBUG = false; const dbg_print = makeDebugLogger('checks.js', PRINT_DEBUG, Date.now()); /** * stripLicenseToRegexp * * Removes all non-alphanumeric characters except for the * special tokens, and replace the text values that are * hardcoded in license_definitions.js. Puts the result in * the regex field of the fragments. * */ const stripLicenseToRegexp = function(license) { for (const frag of license.licenseFragments) { frag.regex = patternUtils.removeNonalpha(frag.text); frag.regex = new RegExp( patternUtils.replaceTokens(frag.regex), ''); } }; const init = function() { console.log('initializing regexes'); for (const key in licenses) { stripLicenseToRegexp(licenses[key]); } } /** * * Takes in the declaration that has been preprocessed and * tests it against regexes in licenses. */ const searchTable = function(strippedComment) { const stripped = patternUtils.removeNonalpha(strippedComment); // looking up license for (const key in licenses) { const license = licenses[key]; for (const frag of license.licenseFragments) { if (frag.regex.test(stripped)) { return license.licenseName; } } } console.log('No global license found.'); return null; } /** * Checks whether licenseText, modulo whitespace, starts with * a @licstart .. @licend with a free license, returns the license name * if so, and null otherwise. */ const checkLicenseText = function(licenseText) { if (licenseText === undefined || licenseText === null) { return null; } // remove whitespace const stripped = patternUtils.removeWhitespace(licenseText); // Search for @licstart/@licend const matches = stripped.match(LIC_RE); return matches && searchTable(matches[0]); }; //************************this part can be tested in the HTML file index.html's script test.js**************************** /** * Checks whether script is trivial by analysing its tokens. * * Returns an array of * [flag (boolean, true if trivial), reason (string, human readable report)]. */ function fullEvaluate(script) { if (script === undefined || script == '') { return [true, 'Harmless null script']; } let tokens; try { tokens = acorn.tokenizer(script); } catch (e) { console.warn('Tokenizer could not be initiated (probably invalid code)'); return [false, 'Tokenizer could not be initiated (probably invalid code)']; } try { var toke = tokens.getToken(); } catch (e) { console.log(script); console.log(e); console.warn('couldn\'t get first token (probably invalid code)'); console.warn('Continuing evaluation'); } let amtloops = 0; let definesFunctions = false; /** * Given the end of an identifer token, it tests for parentheses */ function is_bsn(end) { let i = 0; while (script.charAt(end + i).match(/\s/g) !== null) { i++; if (i >= script.length - 1) { return false; } } return script.charAt(end + i) == '['; } function evaluateByTokenValue(toke) { const value = toke.value; if (OPERATORS.has(value)) { // It's just an operator. Javascript doesn't have operator overloading so it must be some // kind of primitive (I.e. a number) } else { const status = fnameData[value]; if (status === true) { // is the identifier banned? dbg_print('%c NONTRIVIAL: nontrivial token: \'' + value + '\'', 'color:red'); if (DEBUG == false) { return [false, 'NONTRIVIAL: nontrivial token: \'' + value + '\'']; } } else if (status === false || status === undefined) {// is the identifier not banned or user defined? // Is there bracket suffix notation? if (is_bsn(toke.end)) { dbg_print('%c NONTRIVIAL: Bracket suffix notation on variable \'' + value + '\'', 'color:red'); if (DEBUG == false) { return [false, '%c NONTRIVIAL: Bracket suffix notation on variable \'' + value + '\'']; } } } else { dbg_print('trivial token:' + value); } } return [true, '']; } function evaluateByTokenTypeKeyword(keyword) { if (toke.type.keyword == 'function') { dbg_print('%c NOTICE: Function declaration.', 'color:green'); definesFunctions = true; } if (LOOPKEYS.has(keyword)) { amtloops++; if (amtloops > 3) { dbg_print('%c NONTRIVIAL: Too many loops/conditionals.', 'color:red'); if (DEBUG == false) { return [false, 'NONTRIVIAL: Too many loops/conditionals.']; } } } return [true, '']; } while (toke !== undefined && toke.type != acorn.tokTypes.eof) { if (toke.type.keyword !== undefined) { //dbg_print("Keyword:"); //dbg_print(toke); // This type of loop detection ignores functional loop alternatives and ternary operators const tokeTypeRes = evaluateByTokenTypeKeyword(toke.type.keyword); if (tokeTypeRes[0] === false) { return tokeTypeRes; } } else if (toke.value !== undefined) { const tokeValRes = evaluateByTokenValue(toke); if (tokeValRes[0] === false) { return tokeValRes; } } // If not a keyword or an identifier it's some kind of operator, field parenthesis, brackets try { toke = tokens.getToken(); } catch (e) { dbg_print('Denied script because it cannot be parsed.'); return [false, 'NONTRIVIAL: Cannot be parsed. This could mean it is a 404 error.']; } } dbg_print('%cAppears to be trivial.', 'color:green;'); if (definesFunctions === true) return [true, 'Script appears to be trivial but defines functions.']; else return [true, 'Script appears to be trivial.']; } //**************************************************************************************************** /** * This is the entry point for full code evaluation for triviality. * * Performs the initial pass on code to see if it needs to be completely parsed * * This can only determine if a script is bad, not if it's good * * If it passes the intitial pass, it runs the full pass and returns the result * It returns an array of [flag (boolean, false if "bad"), reason (string, human readable report)] * */ function evaluate(script, name) { const reservedResult = evaluateForReservedObj(script, name); if (reservedResult[0] === true) { dbg_print('%c pass', 'color:green;'); } else { return reservedResult; } return fullEvaluate(script); } function evaluateForReservedObj(script, name) { function reservedObjectRegex(object) { const arithOperators = '\\+\\-\\*\\/\\%\\='; return new RegExp('(?:[^\\w\\d]|^|(?:' + arithOperators + '))' + object + '(?:\\s*?(?:[\\;\\,\\.\\(\\[])\\s*?)', 'g'); } const mlComment = /\/\*([\s\S]+?)\*\//g; const ilComment = /\/\/.+/gm; const temp = script.replace(/'.+?'+/gm, '\'string\'').replace(/".+?"+/gm, '"string"').replace(mlComment, '').replace(ilComment, ''); dbg_print('%c ------evaluation results for ' + name + '------', 'color:white'); dbg_print('Script accesses reserved objects?'); // This is where individual "passes" are made over the code for (const reserved of RESERVED_OBJECTS) { if (reservedObjectRegex(reserved).exec(temp) != null) { dbg_print('%c fail', 'color:red;'); return [false, 'Script uses a reserved object (' + reserved + ')']; } } return [true, 'Reserved object not found.']; } /** * Checks whether url is the magnet link of a license. * * Returns the licenseName if so, otherwise returns null. If a key is * supplied, checks for the license with the key only. */ function checkMagnet(url, key = null) { const fixedUrl = url.replace(/&/g, '&'); // Match by magnet link const checkLicenseMagnet = license => { for (const cUrl of license.canonicalUrl) { if (cUrl.startsWith('magnet:') && fixedUrl === cUrl) { return license.licenseName; } } return null; } if (key) { try { return checkLicenseMagnet(licenses[key]); } catch (error) { return null; } } else { for (const key in licenses) { const result = checkLicenseMagnet(licenses[key]); if (result) return result; } return null; } } /** * * Evaluates the content of a script for licenses and triviality * scriptSrc: content of the script; name: script name; external: * whether the script is external * * Returns * [ * true (accepted) or false (denied), * edited content, * reason text * ] */ function checkScriptSource(scriptSrc, name, external = false) { let inSrc = scriptSrc.trim(); if (!inSrc) return [true, scriptSrc, 'Empty source.']; // Check for @licstart .. @licend method const license = checkLicenseText(scriptSrc); if (license) { return [true, scriptSrc, `Licensed under: ${license}`]; } let outSrc = ''; let reason = ''; let partsDenied = false; let partsAccepted = false; function checkTriviality(s) { if (!patternUtils.removeJsComments(s).trim()) { return true; // empty, ignore it } const [trivial, message] = external ? [false, 'External script with no known license'] : evaluate(s, name); if (trivial) { partsAccepted = true; outSrc += s; } else { partsDenied = true; if (s.startsWith('javascript:')) outSrc += `# LIBREJS BLOCKED: ${message}`; else outSrc += `/*\nLIBREJS BLOCKED: ${message}\n*/`; } reason += `\n${message}`; } // Consume inSrc by checking licenses in all @license / @license-end // blocks and triviality outside these blocks while (inSrc) { const openingMatch1 = OPENING_LICENSE_RE1.exec(inSrc); const openingMatch2 = OPENING_LICENSE_RE2.exec(inSrc); const openingMatch = (openingMatch1 && openingMatch2) ? (openingMatch1.index < openingMatch2.index ? openingMatch1 : openingMatch2) : (openingMatch1 || openingMatch2); const openingIndex = openingMatch ? openingMatch.index : inSrc.length; // checks the triviality of the code before the license tag, if any checkTriviality(inSrc.substring(0, openingIndex)); inSrc = inSrc.substring(openingIndex); if (!inSrc) break; // checks the remaining part, that starts with an @license const closureMatch1 = CLOSING_LICENSE_RE1.exec(inSrc); const closureMatch2 = CLOSING_LICENSE_RE2.exec(inSrc); const closureMatch = (closureMatch1 && closureMatch2) ? (closureMatch1.index < closureMatch2.index ? closureMatch1 : closureMatch2) : (closureMatch1 || closureMatch2); if (!closureMatch) { const msg = 'ERROR: @license with no @license-end'; return [false, `\n/*\n ${msg} \n*/\n`, msg]; } const closureEndIndex = closureMatch.index + closureMatch[0].length; if (!(Array.isArray(openingMatch) && openingMatch.length >= 3)) { return [false, 'Malformed or unrecognized license tag.']; } const licenseName = checkMagnet(openingMatch[1]); let message; if (licenseName) { outSrc += inSrc.substr(0, closureEndIndex); partsAccepted = true; message = `Recognized license: "${licenseName}".` } else { outSrc += `\n/*\n${message}\n*/\n`; partsDenied = true; message = `Unrecognized license tag: "${openingMatch[0]}"`; } reason += `\n${message}`; // trim off everything we just evaluated inSrc = inSrc.substring(closureEndIndex).trim(); } if (partsDenied) { if (partsAccepted) { reason = `Some parts of the script have been disabled (check the source for details).\n^--- ${reason}`; } return [false, outSrc, reason]; } return [true, scriptSrc, reason]; } module.exports = { init, checkLicenseText, checkMagnet, checkScriptSource }; },{"./debug.js":8,"./fname_data.json":9,"./license_definitions.json":10,"./pattern_utils.js":11,"acorn":13}],8:[function(require,module,exports){ /** * GNU LibreJS - A browser add-on to block nonfree nontrivial JavaScript. * * * Copyright (C) 2017, 2018 Nathan Nichols * Copyright (C) 2018 Ruben Rodriguez * Copyright (C) 2022 Yuchen Pei * * This file is part of GNU LibreJS. * * GNU LibreJS is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * GNU LibreJS is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with GNU LibreJS. If not, see . */ const makeDebugLogger = (origin, enabled, time) => { return (a, b) => { if (enabled) { console.log('[' + origin + '] Time spent so far: ' + (Date.now() - time) / 1000 + ' seconds'); if (b === undefined) { console.log(a); } else { console.log(a, b); } } } } module.exports = { makeDebugLogger }; },{}],9:[function(require,module,exports){ module.exports={ "fname_data": { "WebGLShader": true, "WebGLShaderPrecisionFormat": true, "WebGLQuery": true, "WebGLRenderbuffer": true, "WebGLSampler": true, "WebGLUniformLocation": true, "WebGLFramebuffer": true, "WebGLProgram": true, "WebGLContextEvent": true, "WebGL2RenderingContext": true, "WebGLTexture": true, "WebGLRenderingContext": true, "WebGLVertexArrayObject": true, "WebGLActiveInfo": true, "WebGLTransformFeedback": true, "WebGLSync": true, "WebGLBuffer": true, "cat_svg": true, "SVGPoint": true, "SVGEllipseElement": true, "SVGRadialGradientElement": true, "SVGComponentTransferFunctionElement": true, "SVGPathSegCurvetoQuadraticAbs": true, "SVGAnimatedNumberList": true, "SVGPathSegCurvetoQuadraticSmoothRel": true, "SVGFEColorMatrixElement": true, "SVGPathSegLinetoHorizontalAbs": true, "SVGLinearGradientElement": true, "SVGStyleElement": true, "SVGPathSegMovetoRel": true, "SVGStopElement": true, "SVGPathSegLinetoRel": true, "SVGFEConvolveMatrixElement": true, "SVGAnimatedAngle": true, "SVGPathSegLinetoAbs": true, "SVGPreserveAspectRatio": true, "SVGFEOffsetElement": true, "SVGFEImageElement": true, "SVGFEDiffuseLightingElement": true, "SVGAnimatedNumber": true, "SVGTextElement": true, "SVGFESpotLightElement": true, "SVGFEMorphologyElement": true, "SVGAngle": true, "SVGScriptElement": true, "SVGFEDropShadowElement": true, "SVGPathSegArcRel": true, "SVGNumber": true, "SVGPathSegLinetoHorizontalRel": true, "SVGFEFuncBElement": true, "SVGClipPathElement": true, "SVGPathSeg": true, "SVGUseElement": true, "SVGPathSegArcAbs": true, "SVGPathSegCurvetoQuadraticSmoothAbs": true, "SVGRect": true, "SVGAnimatedPreserveAspectRatio": true, "SVGImageElement": true, "SVGAnimatedEnumeration": true, "SVGAnimatedLengthList": true, "SVGFEFloodElement": true, "SVGFECompositeElement": true, "SVGAElement": true, "SVGAnimatedBoolean": true, "SVGMaskElement": true, "SVGFilterElement": true, "SVGPathSegLinetoVerticalRel": true, "SVGAnimatedInteger": true, "SVGTSpanElement": true, "SVGMarkerElement": true, "SVGStringList": true, "SVGTransform": true, "SVGTitleElement": true, "SVGFEBlendElement": true, "SVGTextPositioningElement": true, "SVGFEFuncGElement": true, "SVGFEPointLightElement": true, "SVGAnimateElement": true, "SVGPolylineElement": true, "SVGDefsElement": true, "SVGPathSegList": true, "SVGAnimatedTransformList": true, "SVGPathSegClosePath": true, "SVGGradientElement": true, "SVGSwitchElement": true, "SVGViewElement": true, "SVGUnitTypes": true, "SVGPathSegMovetoAbs": true, "SVGSymbolElement": true, "SVGFEFuncAElement": true, "SVGAnimatedString": true, "SVGFEMergeElement": true, "SVGPathSegLinetoVerticalAbs": true, "SVGAnimationElement": true, "SVGPathSegCurvetoCubicAbs": true, "SVGLength": true, "SVGTextPathElement": true, "SVGPolygonElement": true, "SVGAnimatedRect": true, "SVGPathSegCurvetoCubicRel": true, "SVGFEFuncRElement": true, "SVGLengthList": true, "SVGTextContentElement": true, "SVGFETurbulenceElement": true, "SVGMatrix": true, "SVGZoomAndPan": true, "SVGMetadataElement": true, "SVGFEDistantLightElement": true, "SVGAnimateMotionElement": true, "SVGDescElement": true, "SVGPathSegCurvetoCubicSmoothRel": true, "SVGFESpecularLightingElement": true, "SVGFEGaussianBlurElement": true, "SVGFEComponentTransferElement": true, "SVGNumberList": true, "SVGTransformList": true, "SVGForeignObjectElement": true, "SVGRectElement": true, "SVGFEDisplacementMapElement": true, "SVGAnimateTransformElement": true, "SVGAnimatedLength": true, "SVGPointList": true, "SVGPatternElement": true, "SVGPathSegCurvetoCubicSmoothAbs": true, "SVGCircleElement": true, "SVGSetElement": true, "SVGFETileElement": true, "SVGMPathElement": true, "SVGFEMergeNodeElement": true, "SVGPathSegCurvetoQuadraticRel": true, "SVGElement": true, "SVGGraphicsElement": true, "SVGSVGElement": true, "SVGGElement": true, "SVGGeometryElement": true, "SVGPathElement": true, "SVGLineElement": true, "cat_html": true, "HTMLTimeElement": true, "HTMLPictureElement": true, "HTMLMenuItemElement": true, "HTMLFormElement": true, "HTMLOptionElement": true, "HTMLCanvasElement": true, "HTMLTableSectionElement": true, "HTMLSelectElement": true, "HTMLUListElement": true, "HTMLMetaElement": true, "HTMLLinkElement": true, "HTMLBaseElement": true, "HTMLDataListElement": true, "HTMLInputElement": true, "HTMLMeterElement": true, "HTMLSourceElement": true, "HTMLTrackElement": true, "HTMLTableColElement": true, "HTMLFieldSetElement": true, "HTMLDirectoryElement": true, "HTMLTableCellElement": true, "HTMLStyleElement": true, "HTMLAudioElement": true, "HTMLLegendElement": true, "HTMLOListElement": true, "HTMLEmbedElement": true, "HTMLQuoteElement": true, "HTMLMenuElement": true, "HTMLHeadElement": true, "HTMLUnknownElement": true, "HTMLBRElement": true, "HTMLProgressElement": true, "HTMLMediaElement": true, "HTMLFormControlsCollection": true, "HTMLCollection": true, "HTMLLIElement": true, "HTMLDetailsElement": true, "HTMLObjectElement": true, "HTMLHeadingElement": true, "HTMLTableCaptionElement": true, "HTMLPreElement": true, "HTMLAllCollection": true, "HTMLFrameSetElement": true, "HTMLFontElement": true, "HTMLFrameElement": true, "HTMLAnchorElement": true, "HTMLOptGroupElement": true, "HTMLVideoElement": true, "HTMLModElement": true, "HTMLBodyElement": true, "HTMLTableElement": true, "HTMLButtonElement": true, "HTMLTableRowElement": true, "HTMLAreaElement": true, "HTMLDataElement": true, "HTMLParamElement": true, "HTMLLabelElement": true, "HTMLTemplateElement": true, "HTMLOptionsCollection": true, "HTMLIFrameElement": true, "HTMLTitleElement": true, "HTMLMapElement": true, "HTMLOutputElement": true, "HTMLDListElement": true, "HTMLParagraphElement": true, "HTMLHRElement": true, "HTMLImageElement": true, "HTMLDocument": true, "HTMLElement": true, "HTMLScriptElement": true, "HTMLHtmlElement": true, "HTMLTextAreaElement": true, "HTMLDivElement": true, "HTMLSpanElement": true, "cat_css": true, "CSSStyleRule": true, "CSSFontFaceRule": true, "CSSPrimitiveValue": true, "CSSStyleDeclaration": true, "CSSStyleSheet": true, "CSSPageRule": true, "CSSSupportsRule": true, "CSSMozDocumentRule": true, "CSSKeyframeRule": true, "CSSGroupingRule": true, "CSS2Properties": true, "CSSFontFeatureValuesRule": true, "CSSRuleList": true, "CSSPseudoElement": true, "CSSMediaRule": true, "CSSCounterStyleRule": true, "CSSImportRule": true, "CSSTransition": true, "CSSAnimation": true, "CSSValue": true, "CSSNamespaceRule": true, "CSSRule": true, "CSS": true, "CSSKeyframesRule": true, "CSSConditionRule": true, "CSSValueList": true, "cat_event": true, "ondevicemotion": true, "ondeviceorientation": true, "onabsolutedeviceorientation": true, "ondeviceproximity": true, "onuserproximity": true, "ondevicelight": true, "onvrdisplayconnect": true, "onvrdisplaydisconnect": true, "onvrdisplayactivate": true, "onvrdisplaydeactivate": true, "onvrdisplaypresentchange": true, "onabort": true, "onblur": true, "onfocus": true, "onauxclick": true, "oncanplay": true, "oncanplaythrough": true, "onchange": true, "onclick": true, "onclose": true, "oncontextmenu": true, "ondblclick": true, "ondrag": true, "ondragend": true, "ondragenter": true, "ondragexit": true, "ondragleave": true, "ondragover": true, "ondragstart": true, "ondrop": true, "ondurationchange": true, "onemptied": true, "onended": true, "oninput": true, "oninvalid": true, "onkeydown": true, "onkeypress": true, "onkeyup": true, "onload": true, "onloadeddata": true, "onloadedmetadata": true, "onloadend": true, "onloadstart": true, "onmousedown": true, "onmouseenter": true, "onmouseleave": true, "onmousemove": true, "onmouseout": true, "onmouseover": true, "onmouseup": true, "onwheel": true, "onpause": true, "onplay": true, "onplaying": true, "onprogress": true, "onratechange": true, "onreset": true, "onresize": true, "onscroll": true, "onseeked": true, "onseeking": true, "onselect": true, "onshow": true, "onstalled": true, "onsubmit": true, "onsuspend": true, "ontimeupdate": true, "onvolumechange": true, "onwaiting": true, "onselectstart": true, "ontoggle": true, "onpointercancel": true, "onpointerdown": true, "onpointerup": true, "onpointermove": true, "onpointerout": true, "onpointerover": true, "onpointerenter": true, "onpointerleave": true, "ongotpointercapture": true, "onlostpointercapture": true, "onmozfullscreenchange": true, "onmozfullscreenerror": true, "onanimationcancel": true, "onanimationend": true, "onanimationiteration": true, "onanimationstart": true, "ontransitioncancel": true, "ontransitionend": true, "ontransitionrun": true, "ontransitionstart": true, "onwebkitanimationend": true, "onwebkitanimationiteration": true, "onwebkitanimationstart": true, "onwebkittransitionend": true, "onerror": false, "onafterprint": true, "onbeforeprint": true, "onbeforeunload": true, "onhashchange": true, "onlanguagechange": true, "onmessage": true, "onmessageerror": true, "onoffline": true, "ononline": true, "onpagehide": true, "onpageshow": true, "onpopstate": true, "onstorage": true, "onunload": true, "cat_rtc": true, "RTCDTMFSender": true, "RTCStatsReport": true, "RTCTrackEvent": true, "RTCDataChannelEvent": true, "RTCPeerConnectionIceEvent": true, "RTCCertificate": true, "RTCDTMFToneChangeEvent": true, "RTCPeerConnection": true, "RTCIceCandidate": true, "RTCRtpReceiver": true, "RTCRtpSender": true, "RTCSessionDescription": true, "cat_vr": true, "VRStageParameters": true, "VRFrameData": true, "VRDisplay": true, "VRDisplayEvent": true, "VRFieldOfView": true, "VRDisplayCapabilities": true, "VREyeParameters": true, "VRPose": true, "cat_dom": true, "DOMStringMap": true, "DOMRectReadOnly": true, "DOMException": true, "DOMRect": true, "DOMMatrix": true, "DOMMatrixReadOnly": true, "DOMPointReadOnly": true, "DOMPoint": true, "DOMQuad": true, "DOMRequest": true, "DOMParser": true, "DOMTokenList": true, "DOMStringList": true, "DOMImplementation": true, "DOMError": true, "DOMRectList": true, "DOMCursor": true, "cat_idb": true, "IDBFileRequest": true, "IDBTransaction": true, "IDBCursor": true, "IDBFileHandle": true, "IDBMutableFile": true, "IDBKeyRange": true, "IDBVersionChangeEvent": true, "IDBObjectStore": true, "IDBFactory": true, "IDBCursorWithValue": true, "IDBOpenDBRequest": true, "IDBRequest": true, "IDBIndex": true, "IDBDatabase": true, "cat_audio": true, "AudioContext": true, "AudioBuffer": true, "AudioBufferSourceNode": true, "Audio": true, "MediaElementAudioSourceNode": true, "AudioNode": true, "BaseAudioContext": true, "AudioListener": true, "MediaStreamAudioSourceNode": true, "OfflineAudioContext": true, "AudioDestinationNode": true, "AudioParam": true, "MediaStreamAudioDestinationNode": true, "OfflineAudioCompletionEvent": true, "AudioStreamTrack": true, "AudioScheduledSourceNode": true, "AudioProcessingEvent": true, "cat_gamepad": true, "GamepadButton": true, "GamepadHapticActuator": true, "GamepadAxisMoveEvent": true, "GamepadPose": true, "GamepadEvent": true, "Gamepad": true, "GamepadButtonEvent": true, "cat_media": true, "MediaKeys": true, "MediaKeyError": true, "MediaSource": true, "MediaDevices": true, "MediaKeyStatusMap": true, "MediaStreamTrackEvent": true, "MediaRecorder": true, "MediaQueryListEvent": true, "MediaStream": true, "MediaEncryptedEvent": true, "MediaStreamTrack": true, "MediaError": true, "MediaStreamEvent": true, "MediaQueryList": true, "MediaKeySystemAccess": true, "MediaDeviceInfo": true, "MediaKeySession": true, "MediaList": true, "MediaRecorderErrorEvent": true, "MediaKeyMessageEvent": true, "cat_event2": true, "SpeechSynthesisErrorEvent": true, "BeforeUnloadEvent": true, "CustomEvent": true, "PageTransitionEvent": true, "PopupBlockedEvent": true, "CloseEvent": true, "ProgressEvent": true, "MutationEvent": true, "MessageEvent": true, "FocusEvent": true, "TrackEvent": true, "DeviceMotionEvent": true, "TimeEvent": true, "PointerEvent": true, "UserProximityEvent": true, "StorageEvent": true, "DragEvent": true, "MouseScrollEvent": true, "EventSource": true, "PopStateEvent": true, "DeviceProximityEvent": true, "SpeechSynthesisEvent": true, "XMLHttpRequestEventTarget": true, "ClipboardEvent": true, "AnimationPlaybackEvent": true, "DeviceLightEvent": true, "BlobEvent": true, "MouseEvent": true, "WheelEvent": true, "InputEvent": true, "HashChangeEvent": true, "DeviceOrientationEvent": true, "CompositionEvent": true, "KeyEvent": true, "ScrollAreaEvent": true, "KeyboardEvent": true, "TransitionEvent": true, "ErrorEvent": true, "AnimationEvent": true, "FontFaceSetLoadEvent": true, "EventTarget": true, "captureEvents": true, "releaseEvents": true, "Event": true, "UIEvent": true, "cat_other": false, "undefined": false, "Array": false, "Boolean": false, "JSON": false, "Date": false, "Math": false, "Number": false, "String": false, "RegExp": false, "Error": false, "InternalError": false, "EvalError": false, "RangeError": false, "ReferenceError": false, "SyntaxError": false, "TypeError": false, "URIError": false, "ArrayBuffer": true, "Int8Array": true, "Uint8Array": true, "Int16Array": true, "Uint16Array": true, "Int32Array": true, "Uint32Array": true, "Float32Array": true, "Float64Array": true, "Uint8ClampedArray": true, "Proxy": true, "WeakMap": true, "Map": true, "Set": true, "DataView": false, "Symbol": false, "SharedArrayBuffer": true, "Intl": false, "TypedObject": true, "Reflect": true, "SIMD": true, "WeakSet": true, "Atomics": true, "Promise": true, "WebAssembly": true, "NaN": false, "Infinity": false, "isNaN": false, "isFinite": false, "parseFloat": false, "parseInt": false, "escape": false, "unescape": false, "decodeURI": false, "encodeURI": false, "decodeURIComponent": false, "encodeURIComponent": false, "uneval": false, "BatteryManager": true, "CanvasGradient": true, "TextDecoder": true, "Plugin": true, "PushManager": true, "ChannelMergerNode": true, "PerformanceResourceTiming": true, "ServiceWorker": true, "TextTrackCueList": true, "PerformanceEntry": true, "TextTrackList": true, "StyleSheet": true, "PerformanceMeasure": true, "DesktopNotificationCenter": true, "Comment": true, "DelayNode": true, "XPathResult": true, "CDATASection": true, "MessageChannel": true, "BiquadFilterNode": true, "SpeechSynthesisUtterance": true, "Crypto": true, "Navigator": true, "FileList": true, "URLSearchParams": false, "ServiceWorkerContainer": true, "ValidityState": true, "ProcessingInstruction": true, "AbortSignal": true, "FontFace": true, "FileReader": true, "Worker": true, "External": true, "ImageBitmap": true, "TimeRanges": true, "Option": true, "TextTrack": true, "Image": true, "AnimationTimeline": true, "VideoPlaybackQuality": true, "VTTCue": true, "Storage": true, "XPathExpression": true, "CharacterData": false, "TextMetrics": true, "AnimationEffectReadOnly": true, "PerformanceTiming": false, "PerformanceMark": true, "ImageBitmapRenderingContext": true, "Headers": true, "Range": false, "Rect": true, "AnimationEffectTimingReadOnly": true, "KeyframeEffect": true, "Permissions": true, "TextEncoder": true, "ImageData": true, "SpeechSynthesisVoice": true, "StorageManager": true, "TextTrackCue": true, "WebSocket": true, "DocumentType": true, "XPathEvaluator": true, "PerformanceNavigationTiming": true, "IdleDeadline": true, "FileSystem": true, "FileSystemFileEntry": true, "CacheStorage": true, "MimeType": true, "PannerNode": true, "NodeFilter": true, "StereoPannerNode": true, "console": false, "DynamicsCompressorNode": true, "PaintRequest": true, "RGBColor": true, "FontFaceSet": false, "PaintRequestList": true, "FileSystemEntry": true, "XMLDocument": false, "SourceBuffer": false, "Screen": true, "NamedNodeMap": false, "History": true, "Response": true, "AnimationEffectTiming": true, "ServiceWorkerRegistration": true, "CanvasRenderingContext2D": true, "ScriptProcessorNode": true, "FileSystemDirectoryReader": true, "MimeTypeArray": true, "CanvasCaptureMediaStream": true, "Directory": true, "mozRTCPeerConnection": true, "PerformanceObserverEntryList": true, "PushSubscriptionOptions": true, "Text": false, "IntersectionObserverEntry": true, "SubtleCrypto": true, "Animation": true, "DataTransfer": true, "TreeWalker": true, "XMLHttpRequest": true, "LocalMediaStream": true, "ConvolverNode": true, "WaveShaperNode": true, "DataTransferItemList": false, "Request": true, "SourceBufferList": false, "XSLTProcessor": true, "XMLHttpRequestUpload": true, "SharedWorker": true, "Notification": false, "DataTransferItem": true, "AnalyserNode": true, "mozRTCIceCandidate": true, "PerformanceObserver": true, "OfflineResourceList": true, "FileSystemDirectoryEntry": true, "DesktopNotification": false, "DataChannel": true, "IIRFilterNode": true, "ChannelSplitterNode": true, "File": true, "ConstantSourceNode": true, "CryptoKey": true, "GainNode": true, "AbortController": true, "Attr": true, "SpeechSynthesis": true, "PushSubscription": false, "XMLStylesheetProcessingInstruction": false, "NodeIterator": true, "VideoStreamTrack": true, "XMLSerializer": true, "CaretPosition": true, "FormData": true, "CanvasPattern": true, "mozRTCSessionDescription": true, "Path2D": true, "PerformanceNavigation": true, "URL": false, "PluginArray": true, "MutationRecord": true, "WebKitCSSMatrix": true, "PeriodicWave": true, "DocumentFragment": true, "DocumentTimeline": false, "ScreenOrientation": true, "BroadcastChannel": true, "PermissionStatus": true, "IntersectionObserver": true, "Blob": true, "MessagePort": true, "BarProp": true, "OscillatorNode": true, "Cache": true, "RadioNodeList": true, "KeyframeEffectReadOnly": true, "InstallTrigger": true, "Function": true, "Object": false, "eval": true, "Window": false, "close": false, "stop": false, "focus": false, "blur": false, "open": true, "alert": false, "confirm": false, "prompt": false, "print": false, "postMessage": true, "getSelection": true, "getComputedStyle": true, "matchMedia": true, "moveTo": false, "moveBy": false, "resizeTo": false, "resizeBy": false, "scroll": false, "scrollTo": false, "scrollBy": false, "requestAnimationFrame": true, "cancelAnimationFrame": true, "getDefaultComputedStyle": false, "scrollByLines": false, "scrollByPages": false, "sizeToContent": false, "updateCommands": true, "find": false, "dump": true, "setResizable": false, "requestIdleCallback": false, "cancelIdleCallback": false, "btoa": true, "atob": true, "setTimeout": true, "clearTimeout": true, "setInterval": true, "clearInterval": true, "createImageBitmap": true, "fetch": true, "self": true, "name": false, "history": true, "locationbar": true, "menubar": true, "personalbar": true, "scrollbars": true, "statusbar": true, "toolbar": true, "status": true, "closed": true, "frames": true, "length": false, "opener": true, "parent": true, "frameElement": true, "navigator": true, "external": true, "applicationCache": true, "screen": true, "innerWidth": true, "innerHeight": true, "scrollX": true, "pageXOffset": true, "scrollY": true, "pageYOffset": true, "screenX": true, "screenY": true, "outerWidth": true, "outerHeight": true, "performance": true, "mozInnerScreenX": true, "mozInnerScreenY": true, "devicePixelRatio": true, "scrollMaxX": true, "scrollMaxY": true, "fullScreen": false, "mozPaintCount": true, "sidebar": false, "crypto": true, "speechSynthesis": true, "localStorage": true, "origin": true, "isSecureContext": false, "indexedDB": true, "caches": true, "sessionStorage": true, "window": false, "document": true, "location": false, "top": false, "netscape": true, "Node": true, "Document": true, "Performance": false, "startProfiling": true, "stopProfiling": true, "pauseProfilers": true, "resumeProfilers": true, "dumpProfile": true, "getMaxGCPauseSinceClear": true, "clearMaxGCPauseAccumulator": true, "Location": true, "StyleSheetList": false, "Selection": false, "Element": true, "AnonymousContent": false, "MutationObserver": true, "NodeList": true, "StopIteration": true } } },{}],10:[function(require,module,exports){ module.exports={ "AGPL-3.0": { "licenseName": "GNU AFFERO GENERAL PUBLIC LICENSE version 3", "identifier": "AGPL-3.0", "canonicalUrl": [ "http://www.gnu.org/licenses/agpl-3.0.html", "magnet:?xt=urn:btih:0b31508aeb0634b347b8270c7bee4d411b5d4109&dn=agpl-3.0.txt" ], "licenseFragments": [ { "text": " is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.", "type": "short" } ] }, "Apache-2.0": { "licenseName": "Apache License, Version 2.0", "identifier": "Apache-2.0", "canonicalUrl": [ "http://www.apache.org/licenses/LICENSE-2.0", "magnet:?xt=urn:btih:8e4f440f4c65981c5bf93c76d35135ba5064d8b7&dn=apache-2.0.txt" ], "licenseFragments": [ { "text": "Licensed under the Apache License, Version 2.0 (the \"License\"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0", "type": "short" } ] }, "Artistic-2.0": { "licenseName": "Artistic License 2.0", "identifier": "Artistic-2.0", "canonicalUrl": [ "http://www.perlfoundation.org/artistic_license_2_0", "magnet:?xt=urn:btih:54fd2283f9dbdf29466d2df1a98bf8f65cafe314&dn=artistic-2.0.txt" ], "licenseFragments": [] }, "BSD-2-Clause": { "licenseName": "BSD 2-Clause License", "identifier": "BSD-2-Clause", "canonicalUrl": [ "http://www.freebsd.org/copyright/freebsd-license.html", "magnet:?xt=urn:btih:87f119ba0b429ba17a44b4bffcab33165ebdacc0&dn=freebsd.txt" ], "licenseFragments": [ { "text": "Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.", "type": "short" } ] }, "BSD-3-Clause": { "licenseName": "BSD 3-Clause License", "identifier": "BSD-3-Clause", "canonicalUrl": [ "http://opensource.org/licenses/BSD-3-Clause", "magnet:?xt=urn:btih:c80d50af7d3db9be66a4d0a86db0286e4fd33292&dn=bsd-3-clause.txt" ], "licenseFragments": [ { "text": "Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. Neither the name of nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.", "type": "short" } ] }, "BSL-1.0": { "licenseName": "Boost Software License 1.0", "identifier": "BSL-1.0", "canonicalUrl": [ "http://www.boost.org/LICENSE_1_0.txt", "magnet:?xt=urn:btih:89a97c535628232f2f3888c2b7b8ffd4c078cec0&dn=Boost-1.0.txt" ], "licenseFragments": [ { "text": "Boost Software License Permission is hereby granted, free of charge, to any person or organization obtaining a copy of the software and accompanying documentation covered by this license (the \"Software\") to use, reproduce, display, distribute, execute, and transmit the Software, and to prepare derivative works of the Software, and to permit third-parties to whom the Software is furnished to do so, all subject to the following", "type": "short" } ] }, "CC-BY-1.0": { "licenseName": "Creative Commons Attribution 1.0 Generic", "identifier": "CC-BY-1.0", "canonicalUrl": [ "https://creativecommons.org/licenses/by/1.0/" ], "licenseFragments": [] }, "CC-BY-2.0": { "licenseName": "Creative Commons Attribution 2.0 Generic", "identifier": "CC-BY-2.0", "canonicalUrl": [ "https://creativecommons.org/licenses/by/2.0/" ], "licenseFragments": [] }, "CC-BY-2.5": { "licenseName": "Creative Commons Attribution 2.5 Generic", "identifier": "CC-BY-2.5", "canonicalUrl": [ "https://creativecommons.org/licenses/by/2.5/" ], "licenseFragments": [] }, "CC-BY-3.0": { "licenseName": "Creative Commons Attribution 3.0 Unported", "identifier": "CC-BY-3.0", "canonicalUrl": [ "https://creativecommons.org/licenses/by/3.0/" ], "licenseFragments": [] }, "CC-BY-4.0": { "licenseName": "Creative Commons Attribution 4.0 International", "identifier": "CC-BY-4.0", "canonicalUrl": [ "https://creativecommons.org/licenses/by/4.0/" ], "licenseFragments": [] }, "CC-BY-SA-1.0": { "licenseName": "Creative Commons Attribution-ShareAlike 1.0 Generic", "identifier": "CC-BY-SA-1.0", "canonicalUrl": [ "https://creativecommons.org/licenses/by-sa/1.0/" ], "licenseFragments": [] }, "CC-BY-SA-2.0": { "licenseName": "Creative Commons Attribution-ShareAlike 2.0 Generic", "identifier": "CC-BY-SA-2.0", "canonicalUrl": [ "https://creativecommons.org/licenses/by-sa/2.0/" ], "licenseFragments": [] }, "CC-BY-SA-2.5": { "licenseName": "Creative Commons Attribution-ShareAlike 2.5 Generic", "identifier": "CC-BY-SA-2.5", "canonicalUrl": [ "https://creativecommons.org/licenses/by-sa/2.5/" ], "licenseFragments": [] }, "CC-BY-SA-3.0": { "licenseName": "Creative Commons Attribution-ShareAlike 3.0 Unported", "identifier": "CC-BY-SA-3.0", "canonicalUrl": [ "https://creativecommons.org/licenses/by-sa/3.0/" ], "licenseFragments": [] }, "CC-BY-SA-4.0": { "licenseName": "Creative Commons Attribution-ShareAlike 4.0 International", "identifier": "CC-BY-SA-4.0", "canonicalUrl": [ "https://creativecommons.org/licenses/by-sa/4.0/" ], "licenseFragments": [] }, "CC0-1.0": { "licenseName": "Creative Commons CC0 1.0 Universal", "identifier": "CC0-1.0", "canonicalUrl": [ "http://creativecommons.org/publicdomain/zero/1.0/legalcode", "magnet:?xt=urn:btih:90dc5c0be029de84e523b9b3922520e79e0e6f08&dn=cc0.txt" ], "licenseFragments": [] }, "CECILL-2.0": { "licenseName": "CeCILL Free Software License Agreement v2.0", "identifier": "CECILL-2.0", "canonicalUrl": [ "https://www.cecill.info/licences/Licence_CeCILL_V2-en.txt", "magnet:?xt=urn:btih:dda0473d240d7febeac8fa265da27286ead0b1ce&dn=cecill-2.0.txt" ], "licenseFragments": [] }, "CPAL-1.0": { "licenseName": "Common Public Attribution License Version 1.0 (CPAL)", "identifier": "CPAL-1.0", "canonicalUrl": [ "http://opensource.org/licenses/cpal_1.0", "magnet:?xt=urn:btih:84143bc45939fc8fa42921d619a95462c2031c5c&dn=cpal-1.0.txt" ], "licenseFragments": [ { "text": "The contents of this file are subject to the Common Public Attribution License Version 1.0", "type": "short" }, { "text": "The term \"External Deployment\" means the use, distribution, or communication of the Original Code or Modifications in any way such that the Original Code or Modifications may be used by anyone other than You, whether those works are distributed or communicated to those persons or made available as an application intended for use over a network. As an express condition for the grants of license hereunder, You must treat any External Deployment by You of the Original Code or Modifications as a distribution under section 3.1 and make Source Code available under Section 3.2.", "type": "short" } ] }, "EPL-1.0": { "licenseName": "Eclipse Public License Version 1.0", "identifier": "EPL-1.0", "canonicalUrl": [ "http://www.eclipse.org/legal/epl-v10.html", "magnet:?xt=urn:btih:4c6a2ad0018cd461e9b0fc44e1b340d2c1828b22&dn=epl-1.0.txt" ], "licenseFragments": [ { "text": "THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS ECLIPSE PUBLIC LICENSE (\"AGREEMENT\"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.", "type": "short" } ] }, "Expat": { "licenseName": "Expat License (sometimes called MIT Licensed)", "identifier": "Expat", "canonicalUrl": [ "http://www.jclark.com/xml/copying.txt", "magnet:?xt=urn:btih:d3d9a9a6595521f9666a5e94cc830dab83b65699&dn=expat.txt" ], "licenseFragments": [ { "text": "Copyright Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.", "type": "short" } ] }, "FreeBSD": { "licenseName": "FreeBSD License", "identifier": "FreeBSD", "canonicalUrl": [ "http://www.freebsd.org/copyright/freebsd-license.html", "magnet:?xt=urn:btih:87f119ba0b429ba17a44b4bffcab33165ebdacc0&dn=freebsd.txt" ], "licenseFragments": [ { "text": "Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:\n\nRedistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.\n\nRedistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.", "type": "short" } ] }, "GNU-All-Permissive": { "licenseName": "GNU All-Permissive License", "identifier": "GNU-All-Permissive", "canonicalUrl": [], "licenseFragments": [ { "text": "Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved. This file is offered as-is, without any warranty.", "type": "short" } ] }, "GPL-2.0": { "licenseName": "GNU General Public License (GPL) version 2", "identifier": "GPL-2.0", "canonicalUrl": [ "http://www.gnu.org/licenses/gpl-2.0.html", "magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&dn=gpl-2.0.txt" ], "licenseFragments": [ { "text": " is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.", "type": "short" }, { "text": "Alternatively, the contents of this file may be used under the terms of either the GNU General Public License Version 2 or later (the \"GPL\"), or the GNU Lesser General Public License Version 2.1 or later (the \"LGPL\"), in which case the provisions of the GPL or the LGPL are applicable instead of those above. If you wish to allow use of your version of this file only under the terms of either the GPL or the LGPL, and not to allow others to use your version of this file under the terms of the MPL, indicate your decision by deleting the provisions above and replace them with the notice and other provisions required by the GPL or the LGPL. If you do not delete the provisions above, a recipient may use your version of this file under the terms of any one of the MPL, the GPL or the LGPL.", "type": "short" } ] }, "GPL-3.0": { "licenseName": "GNU General Public License (GPL) version 3", "identifier": "GPL-3.0", "canonicalUrl": [ "http://www.gnu.org/licenses/gpl-3.0.html", "magnet:?xt=urn:btih:1f739d935676111cfff4b4693e3816e664797050&dn=gpl-3.0.txt" ], "licenseFragments": [ { "text": " is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License (GNU GPL) as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. The code is distributed WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU GPL for more details. As additional permission under GNU GPL version 3 section 7, you may distribute non-source (e.g., minimized or compacted) forms of that code without the copy of the GNU GPL normally required by section 4, provided you include this license notice and a URL through which recipients can access the Corresponding Source.", "type": "short" }, { "text": " is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.", "type": "short" } ] }, "ISC": { "licenseName": "The ISC License", "identifier": "ISC", "canonicalUrl": [ "https://www.isc.org/downloads/software-support-policy/isc-license/", "magnet:?xt=urn:btih:b8999bbaf509c08d127678643c515b9ab0836bae&dn=ISC.txt" ], "licenseFragments": [ { "text": "Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\" AND ISC DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.", "type": "short" }, { "text": "Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.THE SOFTWARE IS PROVIDED \"AS IS\" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.", "type": "short" } ] }, "jQueryTools": { "licenseName": "jQuery Tools", "identifier": "jQueryTools", "canonicalUrl": [], "licenseFragments": [ { "text": "NO COPYRIGHTS OR LICENSES. DO WHAT YOU LIKE.", "type": "short" } ] }, "LGPL-2.1": { "licenseName": "GNU Lesser General Public License, version 2.1", "identifier": "LGPL-2.1", "canonicalUrl": [ "http://www.gnu.org/licenses/lgpl-2.1.html", "magnet:?xt=urn:btih:5de60da917303dbfad4f93fb1b985ced5a89eac2&dn=lgpl-2.1.txt" ], "licenseFragments": [ { "text": " is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version.", "type": "short" } ] }, "LGPL-3.0": { "licenseName": "GNU Lesser General Public License, version 3", "identifier": "LGPL-3.0", "canonicalUrl": [ "http://www.gnu.org/licenses/lgpl-3.0.html", "magnet:?xt=urn:btih:0ef1b8170b3b615170ff270def6427c317705f85&dn=lgpl-3.0.txt" ], "licenseFragments": [ { "text": " is free software: you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.", "type": "short" } ] }, "MPL-2.0": { "licenseName": "Mozilla Public License Version 2.0", "identifier": "MPL-2.0", "canonicalUrl": [ "http://www.mozilla.org/MPL/2.0", "magnet:?xt=urn:btih:3877d6d54b3accd4bc32f8a48bf32ebc0901502a&dn=mpl-2.0.txt" ], "licenseFragments": [ { "text": "This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.", "type": "short" } ] }, "PublicDomain": { "licenseName": "Public Domain", "identifier": "PublicDomain", "canonicalUrl": [ "magnet:?xt=urn:btih:e95b018ef3580986a04669f1b5879592219e2a7a&dn=public-domain.txt" ], "licenseFragments": [] }, "Unlicense": { "licenseName": "Unlicense", "identifier": "Unlicense", "canonicalUrl": [ "http://unlicense.org/UNLICENSE", "magnet:?xt=urn:btih:5ac446d35272cc2e4e85e4325b146d0b7ca8f50c&dn=unlicense.txt" ], "licenseFragments": [ { "text": "This is free and unencumbered software released into the public domain.", "type": "short" } ] }, "UPL": { "licenseName": "Universal Permissive License", "identifier": "UPL-1.0", "canonicalUrl": [ "https://oss.oracle.com/licenses/upl/", "magnet:?xt=urn:btih:478974f4d41c3fa84c4befba25f283527fad107d&dn=upl-1.0.txt" ], "licenseFragments": [ { "text": "The Universal Permissive License (UPL), Version 1.0", "type": "short" } ] }, "WTFPL": { "licenseName": "Do What The F*ck You Want To Public License (WTFPL)", "identifier": "WTFPL", "canonicalUrl": [ "http://www.wtfpl.net/txt/copying/", "magnet:?xt=urn:btih:723febf9f6185544f57f0660a41489c7d6b4931b&dn=wtfpl.txt" ], "licenseFragments": [ { "text": "DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE", "type": "short" }, { "text": "0. You just DO WHAT THE FUCK YOU WANT TO.", "type": "short" } ] }, "X11": { "licenseName": "X11 License", "identifier": "X11", "canonicalUrl": [ "magnet:?xt=urn:btih:5305d91886084f776adcf57509a648432709a7c7&dn=x11.txt" ], "licenseFragments": [ { "text": "Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.", "type": "short" } ] }, "XFree86-1.1": { "licenseName": "XFree86 1.1 License", "identifier": "XFree86-1.1", "canonicalUrl": [ "http://www.xfree86.org/3.3.6/COPYRIGHT2.html#3", "http://www.xfree86.org/current/LICENSE4.html", "magnet:?xt=urn:btih:12f2ec9e8de2a3b0002a33d518d6010cc8ab2ae9&dn=xfree86.txt" ], "licenseFragments": [ { "text": "All rights reserved.\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:\n1. Redistributions of source code must retain the above copyright notice, this list of conditions, and the following disclaimer.\n2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution, and in the same place and form as other copyright, license and disclaimer information.\n3. The end-user documentation included with the redistribution, if any, must include the following acknowledgment: \"This product includes software developed by The XFree86 Project, Inc (http://www.xfree86.org/) and its contributors\", in the same place and form as other third-party acknowledgments. Alternately, this acknowledgment may appear in the software itself, in the same form and location as other such third-party acknowledgments.4. Except as contained in this notice, the name of The XFree86 Project, Inc shall not be used in advertising or otherwise to promote the sale, use or other dealings in this Software without prior written authorization from The XFree86 Project, Inc.", "type": "short" } ] }, "Zlib": { "licenseName": "zlib License", "canonicalUrl": [ "https://www.zlib.net/zlib_license.html", "https://spdx.org/licenses/Zlib.txt", "magnet:?xt=urn:btih:922bd98043fa3daf4f9417e3e8fec8406b1961a3&dn=zlib.txt" ], "identifier": "Zlib", "licenseFragments": [] } } },{}],11:[function(require,module,exports){ /** * GNU LibreJS - A browser add-on to block nonfree nontrivial JavaScript. * * * Copyright (C) 2011, 2012, 2013, 2014 Loic J. Duros * Copyright (C) 2014, 2015 Nik Nyby * Copyright (C) 2022 Yuchen Pei * * This file is part of GNU LibreJS. * * GNU LibreJS is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * GNU LibreJS is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with GNU LibreJS. If not, see . */ exports.patternUtils = { /** * removeNonalpha * * Remove all nonalphanumeric values, except for * < and >, since they are what we use for tokens. * */ removeNonalpha: function(str) { return str.replace(/[^a-z0-9<>@]+/gi, ''); }, removeWhitespace: function(str) { return str.replace(/\/\//gmi, '').replace(/\*/gmi, '').replace(/\s+/gmi, ''); }, replaceTokens: function(str) { return str.replace(/<.*?>/gi, '.*?'); }, removeJsComments: function(str) { const ml_comments = /\/\*.*?(\*\/)/g; const il_comments = /\/\/.*/gm; return str.replace(ml_comments, '').replace(il_comments, ''); } }; },{}],12:[function(require,module,exports){ /** * GNU LibreJS - A browser add-on to block nonfree nontrivial JavaScript. * * * Copyright (C) 2017, 2018 Nathan Nichols * Copyright (C) 2018 Ruben Rodriguez * Copyright (C) 2022 Yuchen Pei * * This file is part of GNU LibreJS. * * GNU LibreJS is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * GNU LibreJS is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with GNU LibreJS. If not, see . */ const checkLib = require('./common/checks.js'); const { ResponseProcessor, BLOCKING_RESPONSES } = require('./bg/ResponseProcessor'); const { Storage, ListStore, hash } = require('./common/Storage'); const { ListManager } = require('./bg/ListManager'); const { ExternalLicenses } = require('./bg/ExternalLicenses'); const { makeDebugLogger } = require('./common/debug.js'); const PRINT_DEBUG = false; const dbgPrint = makeDebugLogger('main_background.js', PRINT_DEBUG, Date.now()); /* * * Called when something changes the persistent data of the add-on. * * The only things that should need to change this data are: * a) The "Whitelist this page" button * b) The options screen * * When the actual blocking is implemented, this will need to comminicate * with its code to update accordingly * */ function optionsListener(changes, area) { dbgPrint('Items updated in area' + area + ': '); dbgPrint(Object.keys(changes).join(',')); } const activeMessagePorts = {}; const activityReports = {}; async function createReport(initializer) { if (!(initializer && (initializer.url || initializer.tabId))) { throw new Error('createReport() needs an URL or a tabId at least'); } let template = { 'accepted': [], 'blocked': [], 'blacklisted': [], 'whitelisted': [], 'unknown': [], }; template = Object.assign(template, initializer); let [url] = (template.url || (await browser.tabs.get(initializer.tabId)).url).split('#'); template.url = url; template.site = ListStore.siteItem(url); template.siteStatus = listManager.getStatus(template.site); const list = { 'whitelisted': whitelist, 'blacklisted': blacklist }[template.siteStatus]; if (list) { template.listedSite = ListManager.siteMatch(template.site, list); } return template; } /** * Executes the "Display this report in new tab" function * by opening a new tab with whatever HTML is in the popup * at the moment. */ async function openReportInTab(data) { const popupURL = await browser.browserAction.getPopup({}); const tab = await browser.tabs.create({ url: `${popupURL}#fromTab=${data.tabId}` }); activityReports[tab.id] = await createReport(data); } /** * Clears local storage (the persistent data) */ function debugDeleteLocal() { browser.storage.local.clear(); dbgPrint('Local storage cleared'); } /** * * Prints local storage (the persistent data) as well as the temporary popup object * */ function debugPrintLocal() { function storageGot(items) { console.log('%c Local storage: ', 'color: red;'); for (const i in items) { console.log('%c ' + i + ' = ' + items[i], 'color: blue;'); } } console.log('%c Variable \'activityReports\': ', 'color: red;'); console.log(activityReports); browser.storage.local.get(storageGot); } /** * * * Sends a message to the content script that sets the popup entries for a tab. * * var example_blocked_info = { * "accepted": [["REASON 1","SOURCE 1"],["REASON 2","SOURCE 2"]], * "blocked": [["REASON 1","SOURCE 1"],["REASON 2","SOURCE 2"]], * "url": "example.com" * } * * NOTE: This WILL break if you provide inconsistent URLs to it. * Make sure it will use the right URL when refering to a certain script. * */ async function updateReport(tabId, oldReport, updateUI = false) { const { url } = oldReport; const newReport = await createReport({ url, tabId }); for (const property of Object.keys(oldReport)) { const entries = oldReport[property]; if (!Array.isArray(entries)) continue; const defValue = property === 'accepted' || property === 'blocked' ? property : 'unknown'; for (const script of entries) { const status = listManager.getStatus(script[0], defValue); if (Array.isArray(newReport[status])) newReport[status].push(script); } } activityReports[tabId] = newReport; if (browser.sessions) browser.sessions.setTabValue(tabId, url, newReport); dbgPrint(newReport); if (updateUI && activeMessagePorts[tabId]) { dbgPrint(`[TABID: ${tabId}] Sending script blocking report directly to browser action.`); activeMessagePorts[tabId].postMessage({ show_info: newReport }); } } /** Updates the report for tab with tabId with action. * * This is what you call when a page gets changed to update the info * box. * * Sends a message to the content script that adds a popup entry for * a tab. * * The action argument is an object with two properties: one named of * "accepted","blocked", "whitelisted", "blacklisted", whose value is * the array [scriptName, reason], and another named "url". Example: * action = * { * "accepted": ["jquery.js (someHash)", "Whitelisted by user"], * "url": "https://example.com/js/jquery.js" * } * * Overrides the action type with the white/blacklist status for * scriptName, if any. Then add the entry if scriptName is not * already in the entries associated with the action type. * * Returns one of "whitelisted", "blacklisted", "blocked", "accepted" * or "unknown" * * NOTE: This WILL break if you provide inconsistent URLs to it. * Make sure it will use the right URL when refering to a certain * script. * */ async function addReportEntry(tabId, action) { const actionPair = Object.entries(action).find( ([k, _]) => ['accepted', 'blocked', 'whitelisted', 'blacklisted'].indexOf(k) != -1); if (!actionPair) { console.debug('Wrong action', action); return 'unknown'; } const [actionType, actionValue] = actionPair; const scriptName = actionValue[0]; const report = activityReports[tabId] || (activityReports[tabId] = await createReport({ tabId })); let entryType; // Update the report if the scriptName is new for the entryType. try { entryType = listManager.getStatus(scriptName, actionType); const entries = report[entryType]; if (!entries.find(e => e[0] === scriptName)) { dbgPrint(activityReports); dbgPrint(activityReports[tabId]); dbgPrint(entryType); entries.push(actionValue); } } catch (e) { console.error('action %o, type %s, entryType %s', action, actionType, entryType, e); entryType = 'unknown'; } // Refresh the main panel script list. if (activeMessagePorts[tabId]) { activeMessagePorts[tabId].postMessage({ show_info: report }); } if (browser.sessions) browser.sessions.setTabValue(tabId, report.url, report); updateBadge(tabId, report); return entryType; } function getDomain(url) { let domain = url.replace('http://', '').replace('https://', '').split(/[/?#]/)[0]; if (url.indexOf('http://') == 0) { domain = 'http://' + domain; } else if (url.indexOf('https://') == 0) { domain = 'https://' + domain; } domain = domain + '/'; domain = domain.replace(/ /g, ''); return domain; } /** * * This is the callback where the content scripts of the browser action * will contact the background script. * */ async function connected(p) { if (p.name === 'contact_finder') { // style the contact finder panel await browser.tabs.insertCSS(p.sender.tab.id, { file: '/content/dialog.css', cssOrigin: 'user', matchAboutBlank: true, allFrames: true }); // Send a message back with the relevant settings p.postMessage(await browser.storage.local.get(['pref_subject', 'pref_body'])); return; } p.onMessage.addListener(async function(m) { let update = false; let contactFinder = false; for (const action of ['whitelist', 'blacklist', 'forget']) { if (m[action]) { let [key] = m[action]; if (m.site) { key = ListStore.siteItem(m.site); } else { key = ListStore.inlineItem(key) || key; } await listManager[action](key); update = true; } } if (m.report_tab) { openReportInTab(m.report_tab); } // a debug feature if (m['printlocalstorage'] !== undefined) { console.log('Print local storage'); debugPrintLocal(); } // invoke_contact_finder if (m['invoke_contact_finder'] !== undefined) { contactFinder = true; await injectContactFinder(); } // a debug feature (maybe give the user an option to do this?) if (m['deletelocalstorage'] !== undefined) { console.log('Delete local storage'); debugDeleteLocal(); } const tabs = await browser.tabs.query({ active: true, currentWindow: true }); if (contactFinder) { const tab = tabs.pop(); dbgPrint(`[TABID:${tab.id}] Injecting contact finder`); } if (update || m.update && activityReports[m.tabId]) { const tabId = 'tabId' in m ? m.tabId : tabs.pop().id; dbgPrint(`%c updating tab ${tabId}`, 'color: red;'); activeMessagePorts[tabId] = p; await updateReport(tabId, activityReports[tabId], true); } else { for (const tab of tabs) { if (activityReports[tab.id]) { // If we have some data stored here for this tabID, send it dbgPrint(`[TABID: ${tab.id}] Sending stored data associated with browser action'`); p.postMessage({ 'show_info': activityReports[tab.id] }); } else { // create a new entry const report = activityReports[tab.id] = await createReport({ 'url': tab.url, tabId: tab.id }); p.postMessage({ show_info: report }); dbgPrint(`[TABID: ${tab.id}] No data found, creating a new entry for this window.`); } } } }); } /** * Loads the contact finder on the given tab ID. */ async function injectContactFinder(tabId) { await Promise.all([ browser.tabs.insertCSS(tabId, { file: '/content/overlay.css', cssOrigin: 'user' }), browser.tabs.executeScript(tabId, { file: '/content/contactFinder.js' }), ]); } /** * The callback for tab closings. * * Delete the info we are storing about this tab if there is any. * */ function deleteRemovedTabInfo(tab_id, _) { dbgPrint('[TABID:' + tab_id + ']' + 'Deleting stored info about closed tab'); if (activityReports[tab_id] !== undefined) { delete activityReports[tab_id]; } if (activeMessagePorts[tab_id] !== undefined) { delete activeMessagePorts[tab_id]; } ExternalLicenses.purgeCache(tab_id); } /** * Called when the tab gets updated / activated * * Here we check if new tab's url matches activityReports[tabId].url, and if * it doesn't we use the session cached value (if any). * */ async function onTabUpdated(tabId, _, tab) { const [url] = tab.url.split('#'); const report = activityReports[tabId]; if (!(report && report.url === url)) { const cache = browser.sessions && await browser.sessions.getTabValue(tabId, url) || null; // on session restore tabIds may change if (cache && cache.tabId !== tabId) cache.tabId = tabId; updateBadge(tabId, activityReports[tabId] = cache); } } async function onTabActivated({ tabId }) { await onTabUpdated(tabId, {}, await browser.tabs.get(tabId)); } /* *********************************************************************************************** */ // TODO: Test if this script is being loaded from another domain compared to activityReports[tabid]["url"] /** * Checks script and updates the report entry accordingly. * * Asynchronous function, returns the final edited script as a string, * or unedited script if passAccWlist is true and the script is * accepted or whitelisted. */ async function checkScriptAndUpdateReport(scriptSrc, url, tabId, whitelisted, isExternal = false, passAccWlist = false) { const scriptName = url.split('/').pop(); if (whitelisted) { if (tabId !== -1) { const site = ListManager.siteMatch(url, whitelist); // Accept without reading script, it was explicitly whitelisted const reason = site ? `All ${site} whitelisted by user` : 'Address whitelisted by user'; addReportEntry(tabId, { 'whitelisted': [site || url, reason], url }); } if (scriptSrc.startsWith('javascript:') || passAccWlist) return scriptSrc; else return `/* LibreJS: script whitelisted by user preference. */\n${scriptSrc}`; } const [accepted, editedSource, reason] = listManager.builtInHashes.has(hash(scriptSrc)) ? [true, scriptSrc, 'Common script known to be free software.'] : checkLib.checkScriptSource(scriptSrc, scriptName, isExternal); if (tabId < 0) { return editedSource; } const domain = getDomain(url); const report = activityReports[tabId] || (activityReports[tabId] = await createReport({ tabId })); updateBadge(tabId, report, !accepted); const actionType = await addReportEntry(tabId, { 'url': domain, [accepted ? 'accepted' : 'blocked']: [url, reason] }); switch (actionType) { case 'blacklisted': { const edited = `/* LibreJS: script ${actionType} by user. */`; return scriptSrc.startsWith('javascript:') ? `javascript:void(${encodeURIComponent(edited)})` : edited; } case 'whitelisted': case 'accepted': { return (scriptSrc.startsWith('javascript:') || passAccWlist) ? scriptSrc : `/* LibreJS: script ${actionType} by user. */\n${scriptSrc}`; } // blocked default: { return scriptSrc.startsWith('javascript:') ? `javascript:void(/* ${editedSource} */)` : `/* LibreJS: script ${actionType}. */\n${editedSource}`; } } } // Updates the extension icon in the toolbar. function updateBadge(tabId, report = null, forceRed = false) { const blockedCount = report ? report.blocked.length + report.blacklisted.length : 0; const [text, color] = blockedCount > 0 || forceRed ? [blockedCount && blockedCount.toString() || '!', 'red'] : ['✓', 'green'] const { browserAction } = browser; if ('setBadgeText' in browserAction) { browserAction.setBadgeText({ text, tabId }); browserAction.setBadgeBackgroundColor({ color, tabId }); } else { // Mobile browserAction.setTitle({ title: `LibreJS (${text})`, tabId }); } } // TODO: is this the only way google analytics can show up? function blockGoogleAnalytics(request) { const { url } = request; const res = {}; if (url === 'https://www.google-analytics.com/analytics.js' || /^https:\/\/www\.google\.com\/analytics\/[^#]/.test(url) ) { res.cancel = true; } return res; } async function blockBlacklistedScripts(request) { const { tabId, documentUrl } = request; const url = ListStore.urlItem(request.url); const status = listManager.getStatus(url); if (status !== 'blacklisted') return {}; const blacklistedSite = ListManager.siteMatch(url, blacklist); await addReportEntry(tabId, { url: documentUrl, 'blacklisted': [url, /\*/.test(blacklistedSite) ? `User blacklisted ${blacklistedSite}` : 'Blacklisted by user'] }); return BLOCKING_RESPONSES.REJECT; } /** * An onHeadersReceived handler. See bg/ResponseProcessor.js for how * it is used. * * This listener gets called as soon as we've got all the HTTP * headers, can guess content type and encoding, and therefore * correctly parse HTML documents and external script inclusions in * search of non-free JavaScript */ const ResponseHandler = { /** * Checks black/whitelists and web labels. Returns a * BlockingResponse (if we can determine) or null (if further work * is needed). * * Enforce white/black lists for url/site early (hashes will be * handled later) */ async pre(response) { const { request } = response; const { type, tabId, frameId, documentUrl } = request; const fullUrl = request.url; const url = ListStore.urlItem(fullUrl); const site = ListStore.siteItem(url); const blacklistedSite = ListManager.siteMatch(site, blacklist); const blacklisted = blacklistedSite || blacklist.contains(url); const topUrl = type === 'sub_frame' && request.frameAncestors && request.frameAncestors.pop() || documentUrl; if (blacklisted) { if (type === 'script') { // this shouldn't happen, because we intercept earlier in blockBlacklistedScripts() return BLOCKING_RESPONSES.REJECT; } // we handle the page change here too, since we won't call editHtml() if (type === 'main_frame') { activityReports[tabId] = await createReport({ url: fullUrl, tabId }); // Go on without parsing the page: it was explicitly blacklisted const reason = blacklistedSite ? `All ${blacklistedSite} blacklisted by user` : 'Address blacklisted by user'; await addReportEntry(tabId, { 'blacklisted': [blacklistedSite || url, reason], url: fullUrl }); } // use CSP to restrict JavaScript execution in the page request.responseHeaders.unshift({ name: 'Content-security-policy', value: 'script-src \'none\';' }); // let's skip the inline script parsing, since we block by CSP return { responseHeaders: request.responseHeaders }; } else { const whitelistedSite = ListManager.siteMatch(site, whitelist); const whitelisted = response.whitelisted = whitelistedSite || whitelist.contains(url); if (type === 'script') { if (whitelisted) { // accept the script and stop processing addReportEntry(tabId, { url: topUrl, 'whitelisted': [url, whitelistedSite ? `User whitelisted ${whitelistedSite}` : 'Whitelisted by user'] }); return BLOCKING_RESPONSES.ACCEPT; } else { // Check the web labels const scriptInfo = await ExternalLicenses.check({ url: fullUrl, tabId, frameId, documentUrl }); if (scriptInfo) { const [verdict, ret] = scriptInfo.free ? ['accepted', BLOCKING_RESPONSES.ACCEPT] : ['blocked', BLOCKING_RESPONSES.REJECT]; const licenseIds = [...scriptInfo.licenses].map(l => l.identifier).sort().join(', '); const msg = licenseIds ? `Free license${scriptInfo.licenses.size > 1 ? 's' : ''} (${licenseIds})` : 'Unknown license(s)'; addReportEntry(tabId, { url, [verdict]: [url, msg] }); return ret; } } } } // it's a page (it's too early to report) or an unknown script: // let's keep processing return null; }, /** * Here we do the heavylifting, analyzing unknown scripts */ async post(response) { const { type } = response.request; const handler = type === 'script' ? handleScript : handleHtml; return await handler(response, response.whitelisted); } } /** * Here we handle external script requests */ async function handleScript(response, whitelisted) { const { text, request } = response; const { url, tabId } = request; return await checkScriptAndUpdateReport(text, ListStore.urlItem(url), tabId, whitelisted, isExternal = true, passAccWlist = true); } /** * Serializes HTMLDocument objects including the root element and * the DOCTYPE declaration */ function doc2HTML(doc) { let s = doc.documentElement.outerHTML; if (doc.doctype) { const dt = doc.doctype; let sDoctype = `\n${s}`; } return s; } /** * Shortcut to create a correctly namespaced DOM HTML elements */ function createHTMLElement(doc, name) { return doc.createElementNS('http://www.w3.org/1999/xhtml', name); } /** * Replace any element with a span having the same content (useful to force * NOSCRIPT elements to visible the same way as NoScript and uBlock do) */ function forceElement(doc, element) { const replacement = createHTMLElement(doc, 'span'); replacement.innerHTML = element.innerHTML; element.replaceWith(replacement); return replacement; } /** * Forces displaying any noscript element not having the "data-librejs-nodisplay" attribute on pages. * returns number of elements forced, mutates doc. */ function forceNoscriptElements(doc) { let shown = 0; // inspired by NoScript's onScriptDisabled.js for (const noscript of doc.querySelectorAll('noscript:not([data-librejs-nodisplay])')) { const replacement = forceElement(doc, noscript); // emulate meta-refresh const meta = replacement.querySelector('meta[http-equiv="refresh"]'); if (meta) { doc.head.appendChild(meta); } shown++; } return shown; } /** * Forces displaying any element having the "data-librejs-display" attribute. */ function showConditionalElements(doc) { let shown = 0; for (const element of document.querySelectorAll('[data-librejs-display]')) { forceElement(doc, element); shown++; } return shown; } /** * Tests to see if the intrinsic events on the page are free or not. * returns true if they are, false if they're not */ function readMetadata(metaElement) { if (metaElement === undefined || metaElement === null) { return false; } console.log('metadata found'); let metadata = {}; try { metadata = JSON.parse(metaElement.innerHTML); } catch (error) { console.log('Could not parse metadata on page.') return false; } const licenseStr = metadata['intrinsic-events']; if (licenseStr === undefined) { console.log('No intrinsic events license'); return false; } console.log(licenseStr); const parts = licenseStr.split(' '); if (parts.length != 2) { console.log('invalid (>2 tokens)'); return false; } if (checkLib.checkMagnet(parts[0])) { return true; } else { console.log('invalid (doesn\'t match licenses or key didn\'t exist)'); return false; } } /** * Reads/changes the HTML of a page and the scripts within it. * Returns string or null. */ async function editHtml(html, documentUrl, tabId, frameId, whitelisted) { const htmlDoc = new DOMParser().parseFromString(html, 'text/html'); // moves external licenses reference, if any, before any