buzzert/Attractor
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Started working on modern policies (from Epiphany)

Browse Source 
UI finished, just need to hook it up to the backend.
This commit is contained in:
James Magahern
2021-09-29 18:55:23 -07:00
parent 2e25a303b0
commit 31787f57ae
7 changed files with 377 additions and 100 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
App/Backend/ResourcePolicyManager.swift
View File

@@ -10,7 +10,7 @@ import Foundation
class ResourcePolicyManager: NSObject, SBRResourceOriginPolicyDataSource
{
static let AllowedOriginsDefaultsKey = "allowedOrigins"
static let EnabledOriginsDefaultsKey = "enabledOrigins"
static let OriginPoliciesDefaultsKey = "originPolicies"
private static func stringSetForKey(_ key: String) -> Set<String> {
if let set = UserDefaults.standard.array(forKey: key) as? [String] {
@@ -30,6 +30,19 @@ class ResourcePolicyManager: NSObject, SBRResourceOriginPolicyDataSource
func allowedOriginsForScriptResources() -> Set<String> { allowedOriginSet }
private lazy var scriptPolicies: Dictionary<String, ScriptPolicy.PolicyType> = {
if let existingDict = UserDefaults.standard.dictionary(forKey: Self.OriginPoliciesDefaultsKey) as? Dictionary<String, Int> {
return existingDict.mapValues { ScriptPolicy.PolicyType(rawValue: $0)! }
}
return Dictionary<String, ScriptPolicy.PolicyType>()
}() {
didSet {
let encodableDictionary = scriptPolicies.mapValues { $0.rawValue }
UserDefaults.standard.set(encodableDictionary, forKey: Self.OriginPoliciesDefaultsKey)
}
}
func allowOriginToLoadScriptResources(_ origin: String) {
allowedOriginSet.formUnion([ origin ])
}
@@ -37,4 +50,16 @@ class ResourcePolicyManager: NSObject, SBRResourceOriginPolicyDataSource
func disallowOriginToLoadScriptResources(_ origin: String) {
allowedOriginSet.remove(origin)
}
func scriptPolicy(forOrigin origin: String) -> ScriptPolicy {
if let policyType = scriptPolicies[origin] {
return ScriptPolicy(policyType: policyType, securityOrigin: origin)
}
return ScriptPolicy(policyType: .alpha, securityOrigin: origin)
}
func setScriptPolicyType(_ policyType: ScriptPolicy.PolicyType, forOrigin origin: String) {
scriptPolicies[origin] = policyType
}
}

84
App/Backend/ScriptPolicy.swift Normal file
View File

@@ -0,0 +1,84 @@
//
// ScriptPolicy.swift
// App
//
// Created by James Magahern on 9/29/21.
//
import UIKit
struct ScriptPolicy: Hashable {
enum PolicyType: Int, CaseIterable {
case alpha
case bravo
case charlie
case delta
case echo
}
public let policyType: PolicyType
public let securityOrigin: String
public static func title(forPolicyType type: PolicyType) -> String {
switch type {
case .alpha: return "Alpha"
case .bravo: return "Bravo"
case .charlie: return "Charlie"
case .delta: return "Delta"
case .echo: return "Echo"
}
}
public static func localizedDescription(forPolicyType type: PolicyType) -> String {
switch type {
case .alpha:
return "All scripts blocked."
case .bravo:
return "Scripts on page are allowed."
case .charlie:
return "Allow scripts from the same security origin."
case .delta:
return "Allow scripts from common and host CDNs."
case .echo:
return "All scripts are allowed."
}
}
public static func iconRepresentation(forPolicyType type: PolicyType, size: CGSize) -> UIImage? {
let font = UIFont.boldSystemFont(ofSize: size.height - 2)
let attrs: [NSAttributedString.Key : Any] = [
.font : font,
.foregroundColor: UIColor.white,
]
let rect = CGRect(origin: .zero, size: size)
UIGraphicsBeginImageContextWithOptions(size, false, UIScreen.main.scale)
if let _ = UIGraphicsGetCurrentContext() {
let backgroundPath = UIBezierPath.init(roundedRect: rect, cornerRadius: 4.0)
// backgroundPath.usesEvenOddFillRule = true
backgroundPath.fill()
let character = NSString(string: { () -> String in
switch type {
case .alpha: return "𝝰"
case .bravo: return "𝝱"
case .charlie: return "𝝲"
case .delta: return "𝝳"
case .echo: return "𝝴"
}
}())
let charSize = character.size(withAttributes: attrs)
let charRect = CGRect(origin: .init(x: (size.width - charSize.width) / 2 ,
y: -(charSize.height - size.height) / 2),
size: charSize)
character.draw(in: charRect, withAttributes: attrs)
}
let image = UIGraphicsGetImageFromCurrentImageContext()
UIGraphicsEndImageContext()
return image
}
}

2
App/Browser View/BrowserViewController.swift
View File

@@ -523,7 +523,7 @@ class BrowserViewController: UIViewController
iconView.someScriptsAllowed = scriptsAllowedForHost
iconView.setBlockedScriptsNumber(numBlockedScripts)
iconView.isEnabled = (webView.url != nil)
// iconView.isEnabled = (webView.url != nil)
}
public func createNewTab(withURL url: URL?) {

182
App/Script Policy UI/ScriptOriginPolicyViewController.swift Normal file
View File

@@ -0,0 +1,182 @@
//
// ScriptPolicyViewController.swift
// SBrowser
//
// Created by James Magahern on 7/24/20.
//
import UIKit
class ScriptOriginPolicyViewController: UIViewController, UICollectionViewDelegate
{
var collectionView: UICollectionView?
var allowScriptsForTab = false
weak var delegate: ScriptPolicyViewControllerDelegate? = nil
private var dataSource: UICollectionViewDiffableDataSource<Section, String>?
private var didChangeScriptPolicy = false
private enum Section: Int {
case tabOptions
case origins
}
private static let enableScriptsForTabItem: String = "enableScriptsForTab"
convenience init(policyManager: ResourcePolicyManager, hostOrigin: String, loadedScripts: Set<String>, scriptsAllowedForTab: Bool) {
self.init(nibName: nil, bundle: nil)
allowScriptsForTab = scriptsAllowedForTab
let listConfig = UICollectionLayoutListConfiguration(appearance: .insetGrouped)
let listLayout = UICollectionViewCompositionalLayout.list(using: listConfig)
let collectionView = UICollectionView(frame: .zero, collectionViewLayout: listLayout)
// Make sure host origin goes first in the list.
let otherOriginScripts = loadedScripts.subtracting([ hostOrigin ])
let allowedScripts = otherOriginScripts.filter { policyManager.allowedOriginsForScriptResources().contains($0) }
let originItems = [ hostOrigin ] + allowedScripts + otherOriginScripts.subtracting(allowedScripts)
let switchCellRegistry = UICollectionView.CellRegistration<UICollectionViewListCell, String> { [unowned self] (listCell, indexPath, item) in
var config = listCell.defaultContentConfiguration()
if item == Self.enableScriptsForTabItem {
if allowScriptsForTab {
config.text = "Shields Up"
config.image = UIImage(systemName: "shield.fill")
} else {
config.text = "Allow for Tab"
config.image = UIImage(systemName: "shield.slash")
}
config.textProperties.color = UIColor.systemBlue
}
listCell.contentConfiguration = config
}
let scriptPolicyRegistry = UICollectionView.CellRegistration<UICollectionViewListCell, String> { [unowned self] (listCell, indexPath, item) in
var config = listCell.defaultContentConfiguration()
config.text = item
listCell.contentConfiguration = config
let segmentedControl = UISegmentedControl(items: [
UIImage(systemName: "xmark.seal")!, // Disabled
UIImage(systemName: "checkmark.seal.fill")! // Enabled
])
segmentedControl.setTitleTextAttributes([ .foregroundColor: UIColor.init(dynamicProvider: { traits in
if traits.userInterfaceStyle == .dark {
return UIColor.systemTeal
} else {
return UIColor.systemBlue
}
}) ], for: .selected)
segmentedControl.addAction(UIAction(handler: { [unowned segmentedControl] _ in
let allowed: Bool = (segmentedControl.selectedSegmentIndex == 1)
if allowed {
policyManager.allowOriginToLoadScriptResources(item)
} else {
policyManager.disallowOriginToLoadScriptResources(item)
}
if item == hostOrigin {
if var snapshot = self.dataSource?.snapshot() {
snapshot.reloadItems(Array(otherOriginScripts))
self.dataSource?.apply(snapshot, animatingDifferences: true)
}
}
self.didChangeScriptPolicy = true
}), for: .valueChanged)
if policyManager.allowedOriginsForScriptResources().contains(item) {
segmentedControl.selectedSegmentIndex = 1
} else {
segmentedControl.selectedSegmentIndex = 0
}
let customViewConfiguration = UICellAccessory.CustomViewConfiguration(
customView: segmentedControl,
placement: .trailing(displayed: .always, at: { _ in return 0 }),
isHidden: false,
reservedLayoutWidth: .actual,
tintColor: nil,
maintainsFixedSize: true
)
listCell.accessories = [
.customView(configuration: customViewConfiguration)
]
}
let dataSource = UICollectionViewDiffableDataSource<Section, String>(collectionView: collectionView) { (collectionView, indexPath, item) -> UICollectionViewCell? in
if item == Self.enableScriptsForTabItem {
return collectionView.dequeueConfiguredReusableCell(using: switchCellRegistry, for: indexPath, item: item)
}
return collectionView.dequeueConfiguredReusableCell(using: scriptPolicyRegistry, for: indexPath, item: item)
}
collectionView.dataSource = dataSource
collectionView.delegate = self
var snapshot = dataSource.snapshot()
snapshot.appendSections([ .tabOptions ])
snapshot.appendItems([ Self.enableScriptsForTabItem ], toSection: .tabOptions)
if !allowScriptsForTab {
snapshot.appendSections([ .origins ])
snapshot.appendItems(originItems, toSection: .origins)
}
dataSource.apply(snapshot)
self.dataSource = dataSource
self.collectionView = collectionView
title = "Script Origin Policy"
navigationItem.rightBarButtonItem = UIBarButtonItem(systemItem: .done, primaryAction: UIAction(handler: { [unowned self] action in
if self.didChangeScriptPolicy {
self.delegate?.didChangeScriptPolicy()
self.delegate?.setScriptsEnabledForTab(self.allowScriptsForTab)
}
self.dismiss(animated: true, completion: nil)
}), menu: nil)
}
override func loadView() {
self.view = collectionView
self.view.backgroundColor = .systemGroupedBackground
}
// MARK: UICollectionViewDelegate
func collectionView(_ collectionView: UICollectionView, shouldHighlightItemAt indexPath: IndexPath) -> Bool {
indexPath.section != Section.origins.rawValue
}
func collectionView(_ collectionView: UICollectionView, shouldSelectItemAt indexPath: IndexPath) -> Bool {
indexPath.section != Section.origins.rawValue
}
func collectionView(_ collectionView: UICollectionView, didSelectItemAt indexPath: IndexPath) {
guard let dataSource = dataSource else { return }
if indexPath.section == Section.tabOptions.rawValue {
let identifier = dataSource.itemIdentifier(for: indexPath)
if identifier == Self.enableScriptsForTabItem {
self.allowScriptsForTab = !self.allowScriptsForTab
// Immediately notify and dismiss
self.delegate?.didChangeScriptPolicy()
self.delegate?.setScriptsEnabledForTab(self.allowScriptsForTab)
self.dismiss(animated: true, completion: nil)
}
}
}
}

149
App/Script Policy UI/ScriptPolicyViewController.swift
View File

@@ -7,44 +7,57 @@
import UIKit
protocol ScriptPolicyViewControllerDelegate: AnyObject {
func didChangeScriptPolicy()
func setScriptsEnabledForTab(_ enabled: Bool)
}
class ScriptPolicyViewController: UIViewController, UICollectionViewDelegate
{
var collectionView: UICollectionView?
var allowScriptsForTab = false
weak var delegate: ScriptPolicyViewControllerDelegate? = nil
private var dataSource: UICollectionViewDiffableDataSource<Section, String>?
private var didChangeScriptPolicy = false
private enum Section: Int {
case tabOptions
case origins
case policies
}
private enum Item: Hashable {
case allowScriptsForTab
case policy(ScriptPolicy.PolicyType)
}
private static let enableScriptsForTabItem: String = "enableScriptsForTab"
private var dataSource: UICollectionViewDiffableDataSource<Section, Item>?
private var didChangeScriptPolicy = false
private var policyManager: ResourcePolicyManager!
private var hostOrigin: String!
convenience init(policyManager: ResourcePolicyManager, hostOrigin: String, loadedScripts: Set<String>, scriptsAllowedForTab: Bool) {
self.init(nibName: nil, bundle: nil)
allowScriptsForTab = scriptsAllowedForTab
self.allowScriptsForTab = scriptsAllowedForTab
self.policyManager = policyManager
self.hostOrigin = hostOrigin
let listConfig = UICollectionLayoutListConfiguration(appearance: .insetGrouped)
let listLayout = UICollectionViewCompositionalLayout.list(using: listConfig)
let collectionView = UICollectionView(frame: .zero, collectionViewLayout: listLayout)
// Make sure host origin goes first in the list.
let otherOriginScripts = loadedScripts.subtracting([ hostOrigin ])
let allowedScripts = otherOriginScripts.filter { policyManager.allowedOriginsForScriptResources().contains($0) }
let originItems = [ hostOrigin ] + allowedScripts + otherOriginScripts.subtracting(allowedScripts)
let switchCellRegistry = UICollectionView.CellRegistration<UICollectionViewListCell, String> { [unowned self] (listCell, indexPath, item) in
let scriptPolicyRegistry = UICollectionView.CellRegistration<UICollectionViewListCell, Item> { (listCell, indexPath, item) in
guard case let Item.policy(policyType) = item else { return }
var config = listCell.defaultContentConfiguration()
if item == Self.enableScriptsForTabItem {
config.text = ScriptPolicy.title(forPolicyType: policyType)
config.secondaryText = ScriptPolicy.localizedDescription(forPolicyType: policyType)
config.image = ScriptPolicy.iconRepresentation(forPolicyType: policyType, size: CGSize(width: 24.0, height: 24.0))
config.textProperties.font = UIFont.boldSystemFont(ofSize: 14.0)
if policyManager.scriptPolicy(forOrigin: hostOrigin).policyType == policyType {
listCell.accessories = [ .checkmark() ]
}
listCell.contentConfiguration = config
}
let enableButtonRegistry = UICollectionView.CellRegistration<UICollectionViewListCell, Item> { [unowned self] (listCell, indexPath, item) in
var config = listCell.defaultContentConfiguration()
if indexPath.section == Section.tabOptions.rawValue {
if allowScriptsForTab {
config.text = "Shields Up"
config.image = UIImage(systemName: "shield.fill")
@@ -59,68 +72,9 @@ class ScriptPolicyViewController: UIViewController, UICollectionViewDelegate
listCell.contentConfiguration = config
}
let scriptPolicyRegistry = UICollectionView.CellRegistration<UICollectionViewListCell, String> { [unowned self] (listCell, indexPath, item) in
var config = listCell.defaultContentConfiguration()
config.text = item
listCell.contentConfiguration = config
let segmentedControl = UISegmentedControl(items: [
UIImage(systemName: "xmark.seal")!, // Disabled
UIImage(systemName: "checkmark.seal.fill")! // Enabled
])
segmentedControl.setTitleTextAttributes([ .foregroundColor: UIColor.init(dynamicProvider: { traits in
if traits.userInterfaceStyle == .dark {
return UIColor.systemTeal
} else {
return UIColor.systemBlue
}
}) ], for: .selected)
segmentedControl.addAction(UIAction(handler: { [unowned segmentedControl] _ in
let allowed: Bool = (segmentedControl.selectedSegmentIndex == 1)
if allowed {
policyManager.allowOriginToLoadScriptResources(item)
} else {
policyManager.disallowOriginToLoadScriptResources(item)
}
if item == hostOrigin {
if var snapshot = self.dataSource?.snapshot() {
snapshot.reloadItems(Array(otherOriginScripts))
self.dataSource?.apply(snapshot, animatingDifferences: true)
}
}
self.didChangeScriptPolicy = true
}), for: .valueChanged)
if policyManager.allowedOriginsForScriptResources().contains(item) {
segmentedControl.selectedSegmentIndex = 1
} else {
segmentedControl.selectedSegmentIndex = 0
}
let customViewConfiguration = UICellAccessory.CustomViewConfiguration(
customView: segmentedControl,
placement: .trailing(displayed: .always, at: { _ in return 0 }),
isHidden: false,
reservedLayoutWidth: .actual,
tintColor: nil,
maintainsFixedSize: true
)
listCell.accessories = [
.customView(configuration: customViewConfiguration)
]
}
let dataSource = UICollectionViewDiffableDataSource<Section, String>(collectionView: collectionView) { (collectionView, indexPath, item) -> UICollectionViewCell? in
if item == Self.enableScriptsForTabItem {
return collectionView.dequeueConfiguredReusableCell(using: switchCellRegistry, for: indexPath, item: item)
let dataSource = UICollectionViewDiffableDataSource<Section, Item>(collectionView: collectionView) { (collectionView, indexPath, item) -> UICollectionViewCell? in
if indexPath.section == Section.tabOptions.rawValue {
return collectionView.dequeueConfiguredReusableCell(using: enableButtonRegistry, for: indexPath, item: item)
}
return collectionView.dequeueConfiguredReusableCell(using: scriptPolicyRegistry, for: indexPath, item: item)
@@ -131,11 +85,11 @@ class ScriptPolicyViewController: UIViewController, UICollectionViewDelegate
var snapshot = dataSource.snapshot()
snapshot.appendSections([ .tabOptions ])
snapshot.appendItems([ Self.enableScriptsForTabItem ], toSection: .tabOptions)
snapshot.appendItems([ .allowScriptsForTab ], toSection: .tabOptions)
if !allowScriptsForTab {
snapshot.appendSections([ .origins ])
snapshot.appendItems(originItems, toSection: .origins)
snapshot.appendSections([ .policies ])
snapshot.appendItems(ScriptPolicy.PolicyType.allCases.map { .policy($0) }, toSection: .policies)
}
dataSource.apply(snapshot)
@@ -143,7 +97,7 @@ class ScriptPolicyViewController: UIViewController, UICollectionViewDelegate
self.dataSource = dataSource
self.collectionView = collectionView
title = "Script Origin Policy"
title = "Script Security Policy"
navigationItem.rightBarButtonItem = UIBarButtonItem(systemItem: .done, primaryAction: UIAction(handler: { [unowned self] action in
if self.didChangeScriptPolicy {
self.delegate?.didChangeScriptPolicy()
@@ -161,20 +115,12 @@ class ScriptPolicyViewController: UIViewController, UICollectionViewDelegate
// MARK: UICollectionViewDelegate
func collectionView(_ collectionView: UICollectionView, shouldHighlightItemAt indexPath: IndexPath) -> Bool {
indexPath.section != Section.origins.rawValue
}
func collectionView(_ collectionView: UICollectionView, shouldSelectItemAt indexPath: IndexPath) -> Bool {
indexPath.section != Section.origins.rawValue
}
func collectionView(_ collectionView: UICollectionView, didSelectItemAt indexPath: IndexPath) {
guard let dataSource = dataSource else { return }
if indexPath.section == Section.tabOptions.rawValue {
let identifier = dataSource.itemIdentifier(for: indexPath)
if identifier == Self.enableScriptsForTabItem {
if identifier == .allowScriptsForTab {
self.allowScriptsForTab = !self.allowScriptsForTab
// Immediately notify and dismiss
@@ -182,6 +128,21 @@ class ScriptPolicyViewController: UIViewController, UICollectionViewDelegate
self.delegate?.setScriptsEnabledForTab(self.allowScriptsForTab)
self.dismiss(animated: true, completion: nil)
}
} else if indexPath.section == Section.policies.rawValue {
guard let identifier = dataSource.itemIdentifier(for: indexPath) else { return }
guard case let Item.policy(policyType) = identifier else { return }
var snapshot = dataSource.snapshot()
snapshot.reloadItems([ identifier ])
let selectedItem = Item.policy(policyManager.scriptPolicy(forOrigin: hostOrigin).policyType)
snapshot.reloadItems([ selectedItem ])
policyManager.setScriptPolicyType(policyType, forOrigin: hostOrigin)
dataSource.apply(snapshot)
delegate?.didChangeScriptPolicy()
collectionView.deselectItem(at: indexPath, animated: true)
dismiss(animated: true, completion: nil)
}
}
}

13
App/Script Policy UI/ScriptPolicyViewControllerDelegate.swift Normal file
View File

@@ -0,0 +1,13 @@
//
// ScriptPolicyViewControllerDelegate.swift
// App
//
// Created by James Magahern on 9/29/21.
//
import Foundation
protocol ScriptPolicyViewControllerDelegate: AnyObject {
func didChangeScriptPolicy()
func setScriptsEnabledForTab(_ enabled: Bool)
}