@browserless.io/browserless 2.24.0 → 2.24.2

package/extensions/ublock/js/static-net-filtering.js

@@ -28,6 +28,7 @@ import BidiTrieContainer from './biditrie.js';
 import { CompiledListReader } from './static-filtering-io.js';
 import { FilteringContext } from './filtering-context.js';
 import HNTrieContainer from './hntrie.js';
+import { urlSkip } from './urlskip.js';
 
 /******************************************************************************/
 
@@ -418,7 +419,7 @@ class LogData {
     }
 
     static requote(s) {
-        if ( /^(["'`]).+\1$|,/.test(s) === false ) { return s; }
+        if ( /^\$|^(["'`]).*\1$|,/.test(s) === false ) { return s; }
         if ( s.includes("'") === false ) { return `'${s}'`; }
         if ( s.includes('"') === false ) { return `"${s}"`; }
         if ( s.includes('`') === false ) { return `\`${s}\``; }
@@ -4452,22 +4453,23 @@ StaticNetFilteringEngine.prototype.dnrFromCompiled = function(op, context, ...ar
     }
 
     // Priority:
-    //   Block: 1 (default priority)
-    //   Redirect: 2-9
-    //   Excepted redirect: 12-19
-    //   Allow: 20
-    //   Block important: 30
-    //   Redirect important: 32-39
+    //   Removeparam: 1-4
+    //   Block: 10 (default priority)
+    //   Redirect: 11-19
+    //   Excepted redirect: 21-29
+    //   Allow: 30
+    //   Block important: 40
+    //   Redirect important: 41-49
 
     const realms = new Map([
-        [ BLOCK_REALM, { type: 'block', priority: 0 } ],
-        [ ALLOW_REALM, { type: 'allow', priority: 20 } ],
-        [ REDIRECT_REALM, { type: 'redirect', priority: 2 } ],
+        [ BLOCK_REALM, { type: 'block', priority: 10 } ],
+        [ ALLOW_REALM, { type: 'allow', priority: 30 } ],
+        [ REDIRECT_REALM, { type: 'redirect', priority: 11 } ],
         [ REMOVEPARAM_REALM, { type: 'removeparam', priority: 0 } ],
         [ CSP_REALM, { type: 'csp', priority: 0 } ],
         [ PERMISSIONS_REALM, { type: 'permissions', priority: 0 } ],
         [ URLTRANSFORM_REALM, { type: 'uritransform', priority: 0 } ],
-        [ HEADERS_REALM, { type: 'block', priority: 0 } ],
+        [ HEADERS_REALM, { type: 'block', priority: 10 } ],
         [ URLSKIP_REALM, { type: 'urlskip', priority: 0 } ],
     ]);
     const partyness = new Map([
@@ -4605,7 +4607,7 @@ StaticNetFilteringEngine.prototype.dnrFromCompiled = function(op, context, ...ar
             if ( token !== '' ) {
                 const match = /:(\d+)$/.exec(token);
                 if ( match !== null ) {
-                    rule.priority = Math.min(rule.priority + parseInt(match[1], 10), 9);
+                    rule.priority += Math.min(rule.priority + parseInt(match[1], 10), 9);
                     token = token.slice(0, match.index);
                 }
             }
@@ -4623,7 +4625,7 @@ StaticNetFilteringEngine.prototype.dnrFromCompiled = function(op, context, ...ar
             }
             break;
         }
-        case 'removeparam':
+        case 'removeparam': {
             rule.action.type = 'redirect';
             if ( rule.__modifierValue === '|' ) {
                 rule.__modifierValue = '';
@@ -4651,20 +4653,52 @@ StaticNetFilteringEngine.prototype.dnrFromCompiled = function(op, context, ...ar
                 };
             }
             if ( rule.condition.resourceTypes === undefined ) {
-                rule.condition.resourceTypes = [
-                    'main_frame',
-                    'sub_frame',
-                    'xmlhttprequest',
-                ];
+                if ( rule.condition.excludedResourceTypes === undefined ) {
+                    rule.condition.resourceTypes = [
+                        'main_frame',
+                        'sub_frame',
+                        'xmlhttprequest',
+                    ];
+                }
+            }
+            // https://github.com/uBlockOrigin/uBOL-home/issues/140
+            //   Mitigate until DNR API flaw is addressed by browser vendors
+            let priority = rule.priority || 1;
+            if ( rule.condition.urlFilter !== undefined ) { priority += 1; }
+            if ( rule.condition.regexFilter !== undefined ) { priority += 1; }
+            if ( rule.condition.initiatorDomains !== undefined ) { priority += 1; }
+            if ( rule.condition.requestDomains !== undefined ) { priority += 1; }
+            if ( priority !== 1 ) {
+                rule.priority = priority;
             }
             if ( rule.__modifierAction === ALLOW_REALM ) {
                 dnrAddRuleError(rule, `Unsupported removeparam exception: ${rule.__modifierValue}`);
             }
             break;
+        }
         case 'uritransform': {
             dnrAddRuleError(rule, `Incompatible with DNR: uritransform=${rule.__modifierValue}`);
             break;
         }
+        case 'urlskip': {
+            let urlFilter = rule.condition?.urlFilter;
+            if ( urlFilter === undefined ) { break; }
+            let anchor = 0b000;
+            if ( urlFilter.startsWith('||') ) {
+                anchor |= 0b100;
+                urlFilter = urlFilter.slice(2);
+            } else if ( urlFilter.startsWith('|') ) {
+                anchor |= 0b10;
+                urlFilter = urlFilter.slice(1);
+            }
+            if ( urlFilter.endsWith('|') ) {
+                anchor |= 0b001;
+                urlFilter = urlFilter.slice(0, -1);
+            }
+            rule.condition.urlFilter = undefined;
+            rule.condition.regexFilter = restrFromGenericPattern(urlFilter, anchor);
+            break;
+        }
         default:
             dnrAddRuleError(rule, `Unsupported modifier ${rule.__modifierType}`);
             break;
@@ -5377,55 +5411,6 @@ StaticNetFilteringEngine.prototype.transformRequest = function(fctxt, out = [])
     return out;
 };
 
-/**
- * @trustedOption urlskip
- * 
- * @description
- * Extract a URL from another URL according to one or more transformation steps,
- * thereby skipping over intermediate network request(s) to remote servers.
- * Requires a trusted source.
- * 
- * @param steps
- * A serie of space-separated directives representing the transformation steps
- * to perform to extract the final URL to which a network request should be
- * redirected.
- * 
- * Supported directives:
- * 
- * `?name`: extract the value of parameter `name` as the current string.
- * 
- * `&i`: extract the name of the parameter at position `i` as the current
- *   string. The position is 1-based.
- * 
- * `/.../`: extract the first capture group of a regex as the current string.
- * 
- * `+https`: prepend the current string with `https://`.
- * 
- * `-base64`: decode the current string as a base64-encoded string.
- * 
- * `-uricomponent`: decode the current string as a URI encoded string.
- * 
- * `-blocked`: allow the redirection of blocked requests. By default, blocked
- *  requests can't by urlskip'ed.
- * 
- * At any given step, the currently extracted string may not necessarily be
- * a valid URL, and more transformation steps may be needed to obtain a valid
- * URL once all the steps are applied.
- * 
- * An unsupported step or a failed step will abort the transformation and no
- * redirection will be performed.
- * 
- * The final step is expected to yield a valid URL. If the result is not a
- * valid URL, no redirection will be performed.
- * 
- * @example
- * ||example.com/path/to/tracker$urlskip=?url
- * ||example.com/path/to/tracker$urlskip=?url ?to
- * ||pixiv.net/jump.php?$urlskip=&1
- * ||podtrac.com/pts/redirect.mp3/$urlskip=/\/redirect\.mp3\/(.*?\.mp3\b)/ +https
- * 
- * */
-
 StaticNetFilteringEngine.prototype.urlSkip = function(
     fctxt,
     blocked,
@@ -5442,7 +5427,7 @@ StaticNetFilteringEngine.prototype.urlSkip = function(
         const urlin = fctxt.url;
         const value = directive.value;
         const steps = value.includes(' ') && value.split(/ +/) || [ value ];
-        const urlout = urlSkip(directive, urlin, blocked, steps);
+        const urlout = urlSkip(urlin, blocked, steps, directive);
         if ( urlout === undefined ) { continue; }
         if ( urlout === urlin ) { continue; }
         fctxt.redirectURL = urlout;
@@ -5453,79 +5438,6 @@ StaticNetFilteringEngine.prototype.urlSkip = function(
     return out;
 };
 
-function urlSkip(directive, url, blocked, steps) {
-    try {
-        let redirectBlocked = false;
-        let urlout = url;
-        for ( const step of steps ) {
-            const urlin = urlout;
-            const c0 = step.charCodeAt(0);
-            // Extract from URL parameter name at position i
-            if ( c0 === 0x26 ) { // &
-                const i = (parseInt(step.slice(1)) || 0) - 1;
-                if ( i < 0 ) { return; }
-                const url = new URL(urlin);
-                if ( i >= url.searchParams.size ) { return; }
-                const params = Array.from(url.searchParams.keys());
-                urlout = decodeURIComponent(params[i]);
-                continue;
-            }
-            // Enforce https
-            if ( c0 === 0x2B && step === '+https' ) {
-                const s = urlin.replace(/^https?:\/\//, '');
-                if ( /^[\w-]:\/\//.test(s) ) { return; }
-                urlout = `https://${s}`;
-                continue;
-            }
-            // Decode
-            if ( c0 === 0x2D ) {
-                // Base64
-                if ( step === '-base64' ) {
-                    urlout = self.atob(urlin);
-                    continue;
-                }
-                // URI component
-                if ( step === '-uricomponent' ) {
-                    urlout = self.decodeURIComponent(urlin);
-                    continue;
-                }
-                // Enable skip of blocked requests
-                if ( step === '-blocked' ) {
-                    redirectBlocked = true;
-                    continue;
-                }
-            }
-            // Regex extraction from first capture group
-            if ( c0 === 0x2F ) { // /
-                if ( directive.cache === null ) {
-                    directive.cache = new RegExp(step.slice(1, -1));
-                }
-                const match = directive.cache.exec(urlin);
-                if ( match === null ) { return; }
-                if ( match.length <= 1 ) { return; }
-                urlout = match[1];
-                continue;
-            }
-            // Extract from URL parameter
-            if ( c0 === 0x3F ) { // ?
-                urlout = (new URL(urlin)).searchParams.get(step.slice(1));
-                if ( urlout === null ) { return; }
-                if ( urlout.includes(' ') ) {
-                    urlout = urlout.replace(/ /g, '%20');
-                }
-                continue;
-            }
-            // Unknown directive
-            return;
-        }
-        const urlfinal = new URL(urlout);
-        if ( urlfinal.protocol !== 'https:' ) { return; }
-        if ( blocked && redirectBlocked !== true ) { return; }
-        return urlout;
-    } catch(x) {
-    }
-}
-
 /******************************************************************************/
 
 // https://github.com/uBlockOrigin/uBlock-issues/issues/1626

package/extensions/ublock/js/traffic.js

@@ -969,7 +969,7 @@ const injectCSP = function(fctxt, pageStore, responseHeaders) {
     const builtinDirectives = [];
 
     if ( pageStore.filterScripting(fctxt, true) === 1 ) {
-        builtinDirectives.push(µb.cspNoScripting);
+        builtinDirectives.push(µb.hiddenSettings.noScriptingCSP);
         if ( logger.enabled ) {
             fctxt.setRealm('network').setType('scripting').toLogger();
         }

package/extensions/ublock/js/urlskip.js

@@ -0,0 +1,166 @@
+/*******************************************************************************
+
+    uBlock Origin - a comprehensive, efficient content blocker
+    Copyright (C) 2022-present Raymond Hill
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see {http://www.gnu.org/licenses/}.
+
+    Home: https://github.com/gorhill/uBlock
+*/
+
+/**
+ * @trustedOption urlskip
+ * 
+ * @description
+ * Extract a URL from another URL according to one or more transformation steps,
+ * thereby skipping over intermediate network request(s) to remote servers.
+ * Requires a trusted source.
+ * 
+ * @param steps
+ * A serie of space-separated directives representing the transformation steps
+ * to perform to extract the final URL to which a network request should be
+ * redirected.
+ * 
+ * Supported directives:
+ * 
+ * `?name`: extract the value of parameter `name` as the current string.
+ * 
+ * `&i`: extract the name of the parameter at position `i` as the current
+ *   string. The position is 1-based.
+ * 
+ * `#`: extract the hash as the current string.
+ * 
+ * `/.../`: extract the first capture group of a regex as the current string.
+ * 
+ * `+https`: prepend the current string with `https://`.
+ * 
+ * `-base64`: decode the current string as a base64-encoded string.
+ * 
+ * `-safebase64`: decode the current string as a safe base64-encoded string.
+ * 
+ * `-uricomponent`: decode the current string as a URI encoded string.
+ * 
+ * `-blocked`: allow the redirection of blocked requests. By default, blocked
+ *  requests can't by urlskip'ed.
+ * 
+ * At any given step, the currently extracted string may not necessarily be
+ * a valid URL, and more transformation steps may be needed to obtain a valid
+ * URL once all the steps are applied.
+ * 
+ * An unsupported step or a failed step will abort the transformation and no
+ * redirection will be performed.
+ * 
+ * The final step is expected to yield a valid URL. If the result is not a
+ * valid URL, no redirection will be performed.
+ * 
+ * @example
+ * ||example.com/path/to/tracker$urlskip=?url
+ * ||example.com/path/to/tracker$urlskip=?url ?to
+ * ||pixiv.net/jump.php?$urlskip=&1
+ * ||podtrac.com/pts/redirect.mp3/$urlskip=/\/redirect\.mp3\/(.*?\.mp3\b)/ +https
+ * 
+ * */
+
+export function urlSkip(url, blocked, steps, directive = {}) {
+    try {
+        let redirectBlocked = false;
+        let urlout = url;
+        for ( const step of steps ) {
+            const urlin = urlout;
+            const c0 = step.charCodeAt(0);
+            // Extract from hash
+            if ( c0 === 0x23 && step === '#' ) { // #
+                const pos = urlin.indexOf('#');
+                urlout = pos !== -1 ? urlin.slice(pos+1) : '';
+                continue;
+            }
+            // Extract from URL parameter name at position i
+            if ( c0 === 0x26 ) { // &
+                const i = (parseInt(step.slice(1)) || 0) - 1;
+                if ( i < 0 ) { return; }
+                const url = new URL(urlin);
+                if ( i >= url.searchParams.size ) { return; }
+                const params = Array.from(url.searchParams.keys());
+                urlout = decodeURIComponent(params[i]);
+                continue;
+            }
+            // Enforce https
+            if ( c0 === 0x2B && step === '+https' ) { // +
+                const s = urlin.replace(/^https?:\/\//, '');
+                if ( /^[\w-]:\/\//.test(s) ) { return; }
+                urlout = `https://${s}`;
+                continue;
+            }
+            // Decode
+            if ( c0 === 0x2D ) { // -
+                // Base64
+                if ( step === '-base64' ) {
+                    urlout = self.atob(urlin);
+                    continue;
+                }
+                // Safe Base64
+                if ( step === '-safebase64' ) {
+                    if ( urlSkip.safeBase64Replacer === undefined ) {
+                        urlSkip.safeBase64Map = { '-': '+', '_': '/' };
+                        urlSkip.safeBase64Replacer = s => urlSkip.safeBase64Map[s];
+                    }
+                    urlout = urlin.replace(/[-_]/g, urlSkip.safeBase64Replacer);
+                    urlout = self.atob(urlout);
+                    continue;
+                }
+                // URI component
+                if ( step === '-uricomponent' ) {
+                    urlout = self.decodeURIComponent(urlin);
+                    continue;
+                }
+                // Enable skip of blocked requests
+                if ( step === '-blocked' ) {
+                    redirectBlocked = true;
+                    continue;
+                }
+            }
+            // Regex extraction from first capture group
+            if ( c0 === 0x2F ) { // /
+                const re = directive.cache ?? new RegExp(step.slice(1, -1));
+                if ( directive.cache === null ) {
+                    directive.cache = re;
+                }
+                const match = re.exec(urlin);
+                if ( match === null ) { return; }
+                if ( match.length <= 1 ) { return; }
+                urlout = match[1];
+                continue;
+            }
+            // Extract from URL parameter
+            if ( c0 === 0x3F ) { // ?
+                urlout = (new URL(urlin)).searchParams.get(step.slice(1));
+                if ( urlout === null ) { return; }
+                if ( urlout.includes(' ') ) {
+                    urlout = urlout.replace(/ /g, '%20');
+                }
+                continue;
+            }
+            // Unknown directive
+            return;
+        }
+        const urlfinal = new URL(urlout);
+        if ( urlfinal.protocol !== 'https:' ) {
+            if ( urlfinal.protocol !== 'http:' ) { return; }
+            urlout = urlout.replace('http', 'https');
+        }
+        if ( blocked && redirectBlocked !== true ) { return; }
+        return urlout;
+    } catch(x) {
+    }
+}

package/extensions/ublock/js/vapi-background-ext.js

@@ -208,19 +208,43 @@ vAPI.prefetching = (( ) => {
 
 /******************************************************************************/
 
-vAPI.scriptletsInjector = ((doc, details) => {
-    let script;
-    try {
-        script = doc.createElement('script');
-        script.appendChild(doc.createTextNode(details.scriptlets));
-        (doc.head || doc.documentElement).appendChild(script);
-        self.uBO_scriptletsInjected = details.filters;
-    } catch (ex) {
-    }
-    if ( script ) {
-        script.remove();
-        script.textContent = '';
-    }
-}).toString();
+vAPI.scriptletsInjector = (( ) => {
+    const parts = [
+        '(',
+        function(details) {
+            if ( typeof self.uBO_scriptletsInjected === 'string' ) { return; }
+            const doc = document;
+            const { location } = doc;
+            if ( location === null ) { return; }
+            const { hostname } = location;
+            if ( hostname !== '' && details.hostname !== hostname ) { return; }
+            let script;
+            try {
+                script = doc.createElement('script');
+                script.appendChild(doc.createTextNode(details.scriptlets));
+                (doc.head || doc.documentElement).appendChild(script);
+                self.uBO_scriptletsInjected = details.filters;
+            } catch (ex) {
+            }
+            if ( script ) {
+                script.remove();
+                script.textContent = '';
+            }
+            return 0;
+        }.toString(),
+        ')(',
+            'json-slot',
+        ');',
+    ];
+    const jsonSlot = parts.indexOf('json-slot');
+    return (hostname, details) => {
+        parts[jsonSlot] = JSON.stringify({
+            hostname,
+            scriptlets: details.mainWorld,
+            filters: details.filters,
+        });
+        return parts.join('');
+    };
+})();
 
 /******************************************************************************/

package/extensions/ublock/manifest.json

@@ -111,7 +111,7 @@
   "storage": {
     "managed_schema": "managed_storage.json"
   },
-  "version": "1.61.2",
+  "version": "1.62.0",
   "web_accessible_resources": [
     "/web_accessible_resources/*"
   ]

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@browserless.io/browserless",
-  "version": "2.24.0",
+  "version": "2.24.2",
   "license": "SSPL",
   "description": "The browserless platform",
   "author": "browserless.io",
@@ -55,18 +55,18 @@
     "get-port": "^7.1.0",
     "gradient-string": "^3.0.0",
     "http-proxy": "^1.18.1",
-    "lighthouse": "^12.2.2",
+    "lighthouse": "^12.3.0",
     "micromatch": "^4.0.8",
     "playwright-1.45": "npm:playwright-core@1.45.3",
     "playwright-1.46": "npm:playwright-core@1.46.1",
     "playwright-1.47": "npm:playwright-core@1.47.2",
     "playwright-1.48": "npm:playwright-core@1.48.2",
-    "playwright-core": "^1.49.0",
-    "puppeteer-core": "^23.10.1",
+    "playwright-core": "^1.49.1",
+    "puppeteer-core": "^23.11.1",
     "puppeteer-extra": "^3.3.6",
     "puppeteer-extra-plugin-stealth": "^2.11.2",
     "queue": "^7.0.0",
-    "systeminformation": "^5.23.6",
+    "systeminformation": "^5.25.5",
     "tar-fs": "^3.0.6"
   },
   "optionalDependencies": {
@@ -76,20 +76,20 @@
     "@types/http-proxy": "^1.17.15",
     "@types/micromatch": "^4.0.9",
     "@types/mocha": "^10.0.10",
-    "@types/node": "^22.10.1",
+    "@types/node": "^22.10.5",
     "@types/sinon": "^17.0.3",
-    "@typescript-eslint/eslint-plugin": "^8.17.0",
-    "@typescript-eslint/parser": "^8.17.0",
+    "@typescript-eslint/eslint-plugin": "^8.19.1",
+    "@typescript-eslint/parser": "^8.19.1",
     "assert": "^2.0.0",
     "chai": "^5.1.2",
     "cross-env": "^7.0.3",
     "env-cmd": "^10.1.0",
-    "esbuild": "^0.24.0",
+    "esbuild": "^0.24.2",
     "esbuild-plugin-polyfill-node": "^0.3.0",
-    "eslint": "^9.16.0",
+    "eslint": "^9.17.0",
     "extract-zip": "^2.0.1",
     "gunzip-maybe": "^1.4.2",
-    "marked": "^15.0.3",
+    "marked": "^15.0.6",
     "mocha": "^11.0.1",
     "move-file": "^3.1.0",
     "prettier": "^3.4.2",

package/src/browsers/index.ts

@@ -538,7 +538,7 @@ export class BrowserManager {
     if (
       launchOptions.args &&
       proxyServerArg &&
-      req.parsed.pathname.startsWith('/playwright')
+      req.parsed.pathname.includes('/playwright')
     ) {
       (launchOptions as BrowserServerOptions).proxy = {
         server: proxyServerArg.split('=')[1],

package/src/routes/management/http/meta.get.ts

@@ -14,8 +14,11 @@ import {
 } from '@browserless.io/browserless';
 import { ServerResponse } from 'http';
 import { createRequire } from 'module';
+import { fileURLToPath } from 'url';
 import path from 'path';
 
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+
 export interface ResponseSchema {
   /**
    * The semantic version of the Browserless API
@@ -50,7 +53,9 @@ export interface ResponseSchema {
 
 const semverReg = /(\*|\^|>|=|<|~)/gi;
 const require = createRequire(import.meta.url);
-const blessPackageJSON = require(path.join(process.cwd(), 'package.json'));
+const blessPackageJSON = require(
+  path.join(__dirname, '..', '..', '..', '..', 'package.json'),
+);
 const { browsers } = require(
   path.join(process.cwd(), 'node_modules', 'playwright-core', 'browsers.json'),
 ) as {

package/src/shared/utils/performance/main.ts

@@ -2,6 +2,7 @@ import { Message, mainOptions } from './types.js';
 import { fork } from 'child_process';
 import path from 'path';
 
+const __dirname = import.meta.dirname;
 const DEFAULT_AUDIT_CONFIG = {
   extends: 'lighthouse:default',
 };
@@ -13,14 +14,7 @@ export default async ({
   timeout,
 }: mainOptions): Promise<unknown> => {
   return new Promise((resolve, reject) => {
-    const childPath = path.join(
-      './',
-      'build',
-      'shared',
-      'utils',
-      'performance',
-      'child.js',
-    );
+    const childPath = path.join(__dirname, 'child.js');
 
     logger.trace(`Starting up child at ${childPath}`);