merge master into the branch, resolve conflicts

CHANGELOG.md

@@ -14,7 +14,8 @@ The format is based on [Keep a Changelog], and this project adheres to [Semantic
 - `json-prune-fetch-response` scriptlet [#361]
 - `href-sanitizer` scriptlet [#327]
 - `no-protected-audience` scriptlet [#395]
-- multiple redirects can be used as scriptlets [#300]:
+- Domain value for setting cookie scriptlets [#389]
+- Multiple redirects can be used as scriptlets [#300]:
  - `amazon-apstag`
  - `didomi-loader`
  - `fingerprintjs2`
@@ -49,6 +50,7 @@ The format is based on [Keep a Changelog], and this project adheres to [Semantic
 [#404]: https://github.com/AdguardTeam/Scriptlets/issues/404
 [#403]: https://github.com/AdguardTeam/Scriptlets/issues/403
 [#395]: https://github.com/AdguardTeam/Scriptlets/issues/395
+[#389]: https://github.com/AdguardTeam/Scriptlets/issues/389
 [#388]: https://github.com/AdguardTeam/Scriptlets/issues/388
 [#377]: https://github.com/AdguardTeam/Scriptlets/issues/377
 [#361]: https://github.com/AdguardTeam/Scriptlets/issues/361

src/helpers/cookie-utils.ts

@@ -30,14 +30,16 @@ export const getCookiePath = (rawPath: string): string => {
  * @param name name argument of *set-cookie-* scriptlets
  * @param rawValue value argument of *set-cookie-* scriptlets
  * @param rawPath path argument of *set-cookie-* scriptlets
+ * @param domainValue domain argument of *set-cookie-* scriptlets
  * @param shouldEncodeValue if cookie value should be encoded. Default is `true`
  *
  * @returns string OR `null` if name or value is invalid
  */
-export const concatCookieNameValuePath = (
+export const serializeCookie = (
  name: string,
  rawValue: string,
  rawPath: string,
+ domainValue = '',
  shouldEncodeValue = true,
 ) => {
  const COOKIE_BREAKER = ';';
@@ -57,6 +59,10 @@ export const concatCookieNameValuePath = (
  resultCookie += `; ${path}`;
  }
 
+ if (domainValue) {
+ resultCookie += `; domain=${domainValue}`;
+ }
+
  return resultCookie;
 };
 

src/scriptlets/set-cookie-reload.js

@@ -4,7 +4,7 @@ import {
  nativeIsNaN,
  isCookieSetWithValue,
  getLimitedCookieValue,
- concatCookieNameValuePath,
+ serializeCookie,
  isValidCookiePath,
  // following helpers should be imported and injected
  // because they are used by helpers above
@@ -15,14 +15,14 @@ import {
  * @scriptlet set-cookie-reload
  *
  * @description
- * Sets a cookie with the specified name and value, and path,
+ * Sets a cookie with the specified name and value, path, and domain,
  * and reloads the current page after the cookie setting.
  * If reloading option is not needed, use [set-cookie](#set-cookie) scriptlet.
  *
  * ### Syntax
  *
  * ```text
- * example.org#%#//scriptlet('set-cookie-reload', name, value[, path])
+ * example.org#%#//scriptlet('set-cookie-reload', name, value[, path[, domain]])
  * ```
  *
  * - `name` — required, cookie name to be set
@@ -45,6 +45,8 @@ import {
  * - `path` — optional, cookie path, defaults to `/`; possible values:
  * - `/` — root path
  * - `none` — to set no path at all
+ * - `domain` — optional, cookie domain, if not set origin will be set as domain,
+ * if the domain does not match the origin, the cookie will not be set
  *
  * > Note that the scriptlet does not encode a cookie name,
  * > e.g. name 'a:b' will be set as 'a:b' and not as 'a%3Ab'.
@@ -59,11 +61,13 @@ import {
  * example.org#%#//scriptlet('set-cookie-reload', 'gdpr-settings-cookie', '1')
  *
  * example.org#%#//scriptlet('set-cookie-reload', 'cookie-set', 'true', 'none')
+ *
+ * example.org#%#//scriptlet('set-cookie-reload', 'test', '1', 'none', 'example.org')
  * ```
  *
  * @added v1.3.14.
  */
-export function setCookieReload(source, name, value, path = '/') {
+export function setCookieReload(source, name, value, path = '/', domain = '') {
  if (isCookieSetWithValue(document.cookie, name, value)) {
  return;
  }
@@ -79,7 +83,12 @@ export function setCookieReload(source, name, value, path = '/') {
  return;
  }
 
- const cookieToSet = concatCookieNameValuePath(name, validValue, path);
+ if (!document.location.origin.includes(domain)) {
+ logMessage(source, `Cookie domain not matched by origin: '${domain}'`);
+ return;
+ }
+
+ const cookieToSet = serializeCookie(name, validValue, path, domain);
  if (!cookieToSet) {
  logMessage(source, 'Invalid cookie name or value');
  return;
@@ -109,7 +118,7 @@ setCookieReload.injections = [
  nativeIsNaN,
  isCookieSetWithValue,
  getLimitedCookieValue,
- concatCookieNameValuePath,
+ serializeCookie,
  isValidCookiePath,
  getCookiePath,
 ];

src/scriptlets/set-cookie.js

@@ -4,7 +4,7 @@ import {
  nativeIsNaN,
  isCookieSetWithValue,
  getLimitedCookieValue,
- concatCookieNameValuePath,
+ serializeCookie,
  isValidCookiePath,
  // following helpers should be imported and injected
  // because they are used by helpers above
@@ -16,15 +16,15 @@ import {
  * @scriptlet set-cookie
  *
  * @description
- * Sets a cookie with the specified name, value, and path.
+ * Sets a cookie with the specified name, value, path, and domain.
  *
  * Related UBO scriptlet:
  * https://github.com/gorhill/uBlock/wiki/Resources-Library#set-cookiejs-
  *
  * ### Syntax
  *
  * ```text
- * example.org#%#//scriptlet('set-cookie', name, value[, path])
+ * example.org#%#//scriptlet('set-cookie', name, value[, path[, domain]])
  * ```
  *
  * - `name` — required, cookie name to be set
@@ -47,6 +47,8 @@ import {
  * - `path` — optional, cookie path, defaults to `/`; possible values:
  * - `/` — root path
  * - `none` — to set no path at all
+ * - `domain` — optional, cookie domain, if not set origin will be set as domain,
+ * if the domain does not match the origin, the cookie will not be set
  *
  * > Note that the scriptlet does not encode a cookie name,
  * > e.g. name 'a:b' will be set as 'a:b' and not as 'a%3Ab'.
@@ -61,12 +63,14 @@ import {
  * example.org#%#//scriptlet('set-cookie', 'gdpr-settings-cookie', 'true')
  *
  * example.org#%#//scriptlet('set-cookie', 'cookie_consent', 'ok', 'none')
+ *
+ * example.org#%#//scriptlet('set-cookie-reload', 'test', '1', 'none', 'example.org')
  * ```
  *
  * @added v1.2.3.
  */
 /* eslint-enable max-len */
-export function setCookie(source, name, value, path = '/') {
+export function setCookie(source, name, value, path = '/', domain = '') {
  const validValue = getLimitedCookieValue(value);
  if (validValue === null) {
  logMessage(source, `Invalid cookie value: '${validValue}'`);
@@ -78,7 +82,12 @@ export function setCookie(source, name, value, path = '/') {
  return;
  }
 
- const cookieToSet = concatCookieNameValuePath(name, validValue, path);
+ if (!document.location.origin.includes(domain)) {
+ logMessage(source, `Cookie domain not matched by origin: '${domain}'`);
+ return;
+ }
+
+ const cookieToSet = serializeCookie(name, validValue, path, domain);
  if (!cookieToSet) {
  logMessage(source, 'Invalid cookie name or value');
  return;
@@ -102,7 +111,7 @@ setCookie.injections = [
  nativeIsNaN,
  isCookieSetWithValue,
  getLimitedCookieValue,
- concatCookieNameValuePath,
+ serializeCookie,
  isValidCookiePath,
  getCookiePath,
 ];

src/scriptlets/trusted-set-cookie-reload.js

@@ -3,7 +3,7 @@ import {
  logMessage,
  nativeIsNaN,
  isCookieSetWithValue,
- concatCookieNameValuePath,
+ serializeCookie,
  isValidCookiePath,
  parseKeywordValue,
  getTrustedCookieOffsetMs,
@@ -19,14 +19,15 @@ import {
  *
  * @description
  * Sets a cookie with arbitrary name and value,
- * and with optional ability to offset cookie attribute 'expires' and set path.
+ * and with optional ability to offset cookie attribute 'expires', set path
+ * and set domain.
  * Also reloads the current page after the cookie setting.
  * If reloading option is not needed, use the [`trusted-set-cookie` scriptlet](#trusted-set-cookie).
  *
  * ### Syntax
  *
  * ```text
- * example.org#%#//scriptlet('trusted-set-cookie-reload', name, value[, offsetExpiresSec[, path]])
+ * example.org#%#//scriptlet('trusted-set-cookie-reload', name, value[, offsetExpiresSec[, path[, domain]]])
  * ```
  *
  * - `name` — required, cookie name to be set
@@ -43,6 +44,8 @@ import {
  * - `path` — optional, argument for setting cookie path, defaults to `/`; possible values:
  * - `/` — root path
  * - `none` — to set no path at all
+ * - `domain` — optional, cookie domain, if not set origin will be set as domain,
+ * if the domain does not match the origin, the cookie will not be set
  *
  * > Note that the scriptlet does not encode cookie names and values.
  * > As a result, if a cookie's name or value includes `;`,
@@ -80,11 +83,17 @@ import {
  * example.org#%#//scriptlet('trusted-set-cookie-reload', 'cmpconsent', 'decline', '', 'none')
  * ```
  *
+ * 1. Set cookie with domain
+ *
+ * ```adblock
+ * example.org#%#//scriptlet('trusted-set-cookie-reload', 'cmpconsent', 'decline', '', 'none', 'example.org')
+ * ```
+ *
  * @added v1.7.10.
  */
 /* eslint-enable max-len */
 
-export function trustedSetCookieReload(source, name, value, offsetExpiresSec = '', path = '/') {
+export function trustedSetCookieReload(source, name, value, offsetExpiresSec = '', path = '/', domain = '') {
  if (typeof name === 'undefined') {
  logMessage(source, 'Cookie name should be specified');
  return;
@@ -107,12 +116,18 @@ export function trustedSetCookieReload(source, name, value, offsetExpiresSec = '
  return;
  }
 
- let cookieToSet = concatCookieNameValuePath(name, parsedValue, path, false);
+ if (!document.location.origin.includes(domain)) {
+ logMessage(source, `Cookie domain not matched by origin: '${domain}'`);
+ return;
+ }
+
+ let cookieToSet = serializeCookie(name, parsedValue, path, domain, false);
  if (!cookieToSet) {
  logMessage(source, 'Invalid cookie name or value');
  return;
  }
 
+ // TODO: Move this concat to serializeCookie
  if (offsetExpiresSec) {
  const parsedOffsetMs = getTrustedCookieOffsetMs(offsetExpiresSec);
 
@@ -150,7 +165,7 @@ trustedSetCookieReload.injections = [
  logMessage,
  nativeIsNaN,
  isCookieSetWithValue,
- concatCookieNameValuePath,
+ serializeCookie,
  isValidCookiePath,
  getTrustedCookieOffsetMs,
  parseKeywordValue,

src/scriptlets/trusted-set-cookie.js

@@ -3,7 +3,7 @@ import {
  logMessage,
  nativeIsNaN,
  isCookieSetWithValue,
- concatCookieNameValuePath,
+ serializeCookie,
  isValidCookiePath,
  parseKeywordValue,
  getTrustedCookieOffsetMs,
@@ -18,12 +18,13 @@ import {
  *
  * @description
  * Sets a cookie with arbitrary name and value,
- * and with optional ability to offset cookie attribute 'expires' and set path.
+ * and with optional ability to offset cookie attribute 'expires', set path
+ * and set domain.
  *
  * ### Syntax
  *
  * ```text
- * example.org#%#//scriptlet('trusted-set-cookie', name, value[, offsetExpiresSec[, path]])
+ * example.org#%#//scriptlet('trusted-set-cookie', name, value[, offsetExpiresSec[, path[, domain]]])
  * ```
  *
  * - `name` — required, cookie name to be set
@@ -40,6 +41,8 @@ import {
  * - `path` — optional, argument for setting cookie path, defaults to `/`; possible values:
  * - `/` — root path
  * - `none` — to set no path at all
+ * - `domain` — optional, cookie domain, if not set origin will be set as domain,
+ * if the domain does not match the origin, the cookie will not be set
  *
  * > Note that the scriptlet does not encode cookie names and values.
  * > As a result, if a cookie's name or value includes `;`,
@@ -76,13 +79,18 @@ import {
  *
  * ```adblock
  * example.org#%#//scriptlet('trusted-set-cookie', 'cmpconsent', 'decline', '', 'none')
+ *
+ * 1. Set cookie with domain
+ *
+ * ```adblock
+ * example.org#%#//scriptlet('trusted-set-cookie', 'cmpconsent', 'decline', '', 'none', 'example.org')
  * ```
  *
  * @added v1.7.3.
  */
 /* eslint-enable max-len */
 
-export function trustedSetCookie(source, name, value, offsetExpiresSec = '', path = '/') {
+export function trustedSetCookie(source, name, value, offsetExpiresSec = '', path = '/', domain = '') {
  if (typeof name === 'undefined') {
  logMessage(source, 'Cookie name should be specified');
  return;
@@ -99,12 +107,18 @@ export function trustedSetCookie(source, name, value, offsetExpiresSec = '', pat
  return;
  }
 
- let cookieToSet = concatCookieNameValuePath(name, parsedValue, path, false);
+ if (!document.location.origin.includes(domain)) {
+ logMessage(source, `Cookie domain not matched by origin: '${domain}'`);
+ return;
+ }
+
+ let cookieToSet = serializeCookie(name, parsedValue, path, domain, false);
  if (!cookieToSet) {
  logMessage(source, 'Invalid cookie name or value');
  return;
  }
 
+ // TODO: Move this concat to serializeCookie
  if (offsetExpiresSec) {
  const parsedOffsetMs = getTrustedCookieOffsetMs(offsetExpiresSec);
 
@@ -131,7 +145,7 @@ trustedSetCookie.injections = [
  logMessage,
  nativeIsNaN,
  isCookieSetWithValue,
- concatCookieNameValuePath,
+ serializeCookie,
  isValidCookiePath,
  getTrustedCookieOffsetMs,
  parseKeywordValue,