├── .gitignore ├── src ├── skin │ ├── dot.png │ ├── close.png │ ├── menu-other-origins.png │ ├── requestpolicy-icon-32.png │ ├── preferences │ │ ├── prefpane-export.png │ │ ├── prefpane-import.png │ │ ├── prefpane-advanced.png │ │ ├── prefpane-general.png │ │ ├── prefpane-appearance.png │ │ ├── prefpane-whitelist.png │ │ └── prefWindow.css │ ├── requestpolicy-icon-allowed.png │ ├── requestpolicy-icon-blocked.png │ ├── requestpolicy-icon-disabled.png │ ├── requestpolicy-icon-24-allowed.png │ ├── requestpolicy-icon-24-blocked.png │ ├── requestpolicy-icon-24-disabled.png │ ├── requestpolicy-statusbar-allowed.png │ ├── requestpolicy-statusbar-blocked.png │ ├── requestpolicy-statusbar-disabled.png │ ├── initialSetup.css │ ├── requestLog.css │ └── requestpolicy.css ├── components │ ├── nsIRequestPolicy.xpt │ ├── Makefile │ └── nsIRequestPolicy.idl ├── README ├── locale │ ├── zh-CN │ │ ├── requestpolicy.properties │ │ └── requestpolicy.dtd │ ├── zh-TW │ │ ├── requestpolicy.properties │ │ └── requestpolicy.dtd │ ├── ja │ │ ├── requestpolicy.properties │ │ └── requestpolicy.dtd │ ├── tr │ │ ├── requestpolicy.properties │ │ └── requestpolicy.dtd │ ├── ko-KR │ │ ├── requestpolicy.properties │ │ └── requestpolicy.dtd │ ├── en-US │ │ ├── requestpolicy.properties │ │ └── requestpolicy.dtd │ ├── uk-UA │ │ ├── requestpolicy.properties │ │ └── requestpolicy.dtd │ ├── ru-RU │ │ ├── requestpolicy.properties │ │ └── requestpolicy.dtd │ ├── sk-SK │ │ ├── requestpolicy.properties │ │ └── requestpolicy.dtd │ ├── lv-LV │ │ ├── requestpolicy.properties │ │ └── requestpolicy.dtd │ ├── pt-BR │ │ ├── requestpolicy.properties │ │ └── requestpolicy.dtd │ ├── eo │ │ ├── requestpolicy.properties │ │ └── requestpolicy.dtd │ ├── nl │ │ ├── requestpolicy.properties │ │ └── requestpolicy.dtd │ ├── sv-SE │ │ ├── requestpolicy.properties │ │ └── requestpolicy.dtd │ ├── de │ │ ├── requestpolicy.properties │ │ └── requestpolicy.dtd │ ├── fr │ │ ├── requestpolicy.properties │ │ └── requestpolicy.dtd │ ├── it │ │ ├── requestpolicy.properties │ │ └── requestpolicy.dtd │ ├── eu │ │ ├── requestpolicy.properties │ │ └── requestpolicy.dtd │ └── es-MX │ │ ├── requestpolicy.properties │ │ └── requestpolicy.dtd ├── modules │ ├── Services.jsm │ ├── Prompter.jsm │ ├── Stats.jsm │ ├── Util.jsm │ ├── JSON.jsm │ ├── Logger.jsm │ └── FileUtil.jsm ├── defaults │ └── preferences │ │ └── defaults.js ├── LICENSE ├── chrome.manifest ├── chrome.manifest.devel ├── chrome.manifest.packaging ├── install.rdf ├── content │ ├── requestLog.xul │ ├── initialSetup.xul │ ├── requestLog.js │ └── requestLogTreeView.js └── build.xml ├── tests ├── frameset_1.html ├── iframe_1.html ├── metarefresh_11.html ├── other_origins_1.html ├── prefetch_1.html ├── metarefresh_10.html ├── metarefresh_7.html ├── metarefresh_6.html ├── metarefresh_9.html ├── form_3.html ├── js_1.html ├── subdirectory │ └── iframe_wrapped_tests.html ├── metarefresh_8.html ├── metarefresh_2.html ├── form_1.html ├── img_1.html ├── popup_1.html ├── metarefresh_4.html ├── metarefresh_1.html ├── js_link_1.html ├── js_document_location_auto.html ├── metarefresh_5.html ├── js_document_location_link.html ├── css_and_js.html ├── link_1.html ├── popup_2.html ├── iframe_2.html ├── xhr_1.html └── form_2.html └── scripts └── update_locales.sh /.gitignore: -------------------------------------------------------------------------------- 1 | .* 2 | !.gitignore 3 | *.jar 4 | *.xpi 5 | *.bak* 6 | *.orig 7 | -------------------------------------------------------------------------------- /src/skin/dot.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RequestPolicy/requestpolicy/HEAD/src/skin/dot.png -------------------------------------------------------------------------------- /src/skin/close.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RequestPolicy/requestpolicy/HEAD/src/skin/close.png -------------------------------------------------------------------------------- /tests/frameset_1.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | -------------------------------------------------------------------------------- /src/skin/menu-other-origins.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RequestPolicy/requestpolicy/HEAD/src/skin/menu-other-origins.png -------------------------------------------------------------------------------- /src/components/nsIRequestPolicy.xpt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RequestPolicy/requestpolicy/HEAD/src/components/nsIRequestPolicy.xpt -------------------------------------------------------------------------------- /src/skin/requestpolicy-icon-32.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RequestPolicy/requestpolicy/HEAD/src/skin/requestpolicy-icon-32.png -------------------------------------------------------------------------------- /src/skin/preferences/prefpane-export.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RequestPolicy/requestpolicy/HEAD/src/skin/preferences/prefpane-export.png -------------------------------------------------------------------------------- /src/skin/preferences/prefpane-import.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RequestPolicy/requestpolicy/HEAD/src/skin/preferences/prefpane-import.png -------------------------------------------------------------------------------- /src/skin/requestpolicy-icon-allowed.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RequestPolicy/requestpolicy/HEAD/src/skin/requestpolicy-icon-allowed.png -------------------------------------------------------------------------------- /src/skin/requestpolicy-icon-blocked.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RequestPolicy/requestpolicy/HEAD/src/skin/requestpolicy-icon-blocked.png -------------------------------------------------------------------------------- /src/skin/requestpolicy-icon-disabled.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RequestPolicy/requestpolicy/HEAD/src/skin/requestpolicy-icon-disabled.png -------------------------------------------------------------------------------- /src/skin/preferences/prefpane-advanced.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RequestPolicy/requestpolicy/HEAD/src/skin/preferences/prefpane-advanced.png -------------------------------------------------------------------------------- /src/skin/preferences/prefpane-general.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RequestPolicy/requestpolicy/HEAD/src/skin/preferences/prefpane-general.png -------------------------------------------------------------------------------- /src/skin/requestpolicy-icon-24-allowed.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RequestPolicy/requestpolicy/HEAD/src/skin/requestpolicy-icon-24-allowed.png -------------------------------------------------------------------------------- /src/skin/requestpolicy-icon-24-blocked.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RequestPolicy/requestpolicy/HEAD/src/skin/requestpolicy-icon-24-blocked.png -------------------------------------------------------------------------------- /src/skin/preferences/prefpane-appearance.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RequestPolicy/requestpolicy/HEAD/src/skin/preferences/prefpane-appearance.png -------------------------------------------------------------------------------- /src/skin/preferences/prefpane-whitelist.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RequestPolicy/requestpolicy/HEAD/src/skin/preferences/prefpane-whitelist.png -------------------------------------------------------------------------------- /src/skin/requestpolicy-icon-24-disabled.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RequestPolicy/requestpolicy/HEAD/src/skin/requestpolicy-icon-24-disabled.png -------------------------------------------------------------------------------- /src/skin/requestpolicy-statusbar-allowed.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RequestPolicy/requestpolicy/HEAD/src/skin/requestpolicy-statusbar-allowed.png -------------------------------------------------------------------------------- /src/skin/requestpolicy-statusbar-blocked.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RequestPolicy/requestpolicy/HEAD/src/skin/requestpolicy-statusbar-blocked.png -------------------------------------------------------------------------------- /src/skin/requestpolicy-statusbar-disabled.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RequestPolicy/requestpolicy/HEAD/src/skin/requestpolicy-statusbar-disabled.png -------------------------------------------------------------------------------- /tests/iframe_1.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | -------------------------------------------------------------------------------- /tests/metarefresh_11.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 |

Relative path. 8 | 9 | 10 | -------------------------------------------------------------------------------- /tests/other_origins_1.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | -------------------------------------------------------------------------------- /tests/prefetch_1.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | There is a prefetch on this page. 8 | 9 | 10 | 11 | -------------------------------------------------------------------------------- /tests/metarefresh_10.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 |

Enclosed in ' instead of quotes. 8 | 9 | 10 | -------------------------------------------------------------------------------- /tests/metarefresh_7.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 |

Instant refresh meta tag on this page to relative url with preceding slash. 8 | 9 | 10 | -------------------------------------------------------------------------------- /tests/metarefresh_6.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 |

Instant refresh meta tag on this page to relative url without preceding slash. 8 | 9 | 10 | -------------------------------------------------------------------------------- /tests/metarefresh_9.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 |

3 second delayed refresh meta tag on this page with allowed destination. 8 | 9 | 10 | -------------------------------------------------------------------------------- /tests/form_3.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 |

7 | 8 | 9 |
10 | 11 | 12 | 13 | 14 | -------------------------------------------------------------------------------- /tests/js_1.html: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/subdirectory/iframe_wrapped_tests.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | Put the tests directory test list in an iframe so we can try any test 7 | from within an iframe. 8 | 9 | 10 | 11 | 12 | -------------------------------------------------------------------------------- /tests/metarefresh_8.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 |

Instant refresh meta tag on this page with different formatting of the content attribute. 8 | 9 | 10 | -------------------------------------------------------------------------------- /tests/metarefresh_2.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 |

Instant refresh meta tag on this page. 8 | 9 |

try it again 10 | 11 | 12 | -------------------------------------------------------------------------------- /tests/form_1.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 |

7 | 8 | 9 |
10 | 11 | 12 | -------------------------------------------------------------------------------- /tests/img_1.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 |

7 | 8 |

9 | 10 |

cross-site link 11 | 12 |

same-site link 13 | 14 | 15 | -------------------------------------------------------------------------------- /tests/popup_1.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | This page has javascript which attempts to open a popup to a different 7 | site. 8 | 9 | 13 | 14 | 15 | -------------------------------------------------------------------------------- /tests/metarefresh_4.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | Slow meta refresh on this page along with other non-refresh meta tags. 10 | 11 | 12 | -------------------------------------------------------------------------------- /src/components/Makefile: -------------------------------------------------------------------------------- 1 | # Note: in addition to packages available from one's Linux distro, the required 2 | # files can be obtained by downloading the SDK from: 3 | # https://developer.mozilla.org/en/Gecko_SDK 4 | 5 | IDLC=/usr/local/xulrunner-sdk/bin/xpidl 6 | INC=/usr/local/xulrunner-sdk/idl 7 | XPTS=nsIRequestPolicy.xpt 8 | 9 | all: $(XPTS) 10 | 11 | %.xpt: %.idl 12 | $(IDLC) -m typelib -w -v -I $(INC) -e $(@) $(<) 13 | -------------------------------------------------------------------------------- /tests/metarefresh_1.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 |

Instant refresh meta tag on this page. 8 | 9 |

try it again 10 | 11 |

And an iframe with an instant meta refresh. 12 | 13 |

14 | 15 | 16 | -------------------------------------------------------------------------------- /src/skin/initialSetup.css: -------------------------------------------------------------------------------- 1 | dialog { 2 | width: 40em; 3 | height: 40em; 4 | } 5 | 6 | dialogheader { 7 | padding-left: 40px; 8 | background-image: 9 | url("chrome://requestpolicy/skin/requestpolicy-icon-24-blocked.png"); 10 | background-repeat: no-repeat; 11 | background-position: 6px center; 12 | } 13 | 14 | grid#checkboxgrid { 15 | margin-top: 0.6em; 16 | margin-bottom: 0; 17 | } 18 | 19 | listcol#originColumn { 20 | width: 18em; 21 | } -------------------------------------------------------------------------------- /tests/js_link_1.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 8 | 9 | 10 | 11 | This page has javascript which adds a link to a remote site after 1/2 12 | second. 13 | 14 |

15 | 16 |

17 | 18 | 19 | -------------------------------------------------------------------------------- /tests/js_document_location_auto.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 |

This only works when not loaded from a local file. That is, this 5 | page must be requested through a webserver. If used through a file:// 6 | location, then the request origin will appear to be the directory 7 | this file is in, not the full path with the filename, and thus it 8 | won't match any url in open tabs and the redirect notification won't 9 | be shown.

10 | 11 | 12 | -------------------------------------------------------------------------------- /tests/metarefresh_5.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | Slow meta refresh on this page along with other non-refresh meta tags. 12 | 13 | 14 | -------------------------------------------------------------------------------- /tests/js_document_location_link.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 |

This only works when not loaded from a local file. That is, this 5 | page must be requested through a webserver. If used through a file:// 6 | location, then the request origin will appear to be the directory 7 | this file is in, not the full path with the filename, and thus it 8 | won't match any url in open tabs and the redirect notification won't 9 | be shown.

10 | 11 | click me 12 | 13 | 14 | -------------------------------------------------------------------------------- /tests/css_and_js.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 |

On this page there are:

7 | 11 | 12 | 16 | 17 | 22 | 23 | 24 | -------------------------------------------------------------------------------- /tests/link_1.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 |
7 | Cross-site link 8 |
9 | 10 |

11 | 12 |
13 | Cross-site link with no path and no slash on the end 14 |
15 | 16 |

17 | 18 |
19 | http://127.0.0.1 20 |
21 | 22 |
23 | http://127.0.0.1/ 24 |
25 | 26 | 27 | -------------------------------------------------------------------------------- /src/README: -------------------------------------------------------------------------------- 1 | RequestPolicy 2 | ================================================= 3 | 4 | A Firefox extension for allowing user control over cross-site requests. 5 | 6 | Author: Justin Samuel 7 | License: GPL 3 or later 8 | Copyright 2008 9 | Website: http://www.requestpolicy.com/ 10 | 11 | Documentation 12 | ------------- 13 | 14 | On the website: http://www.requestpolicy.com/ 15 | 16 | Installation 17 | ------------ 18 | 19 | Any way you like to install your Firefox extensions. For example, you can open 20 | the .xpi file through Firefox's File > Open dialog. 21 | 22 | -------------------------------------------------------------------------------- /tests/popup_2.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 |
8 | This page has javascript which attempts to open a popup to a different 9 | site when you mouseover this text. 10 |
11 | 12 |

13 | 14 |
16 | This text initiates a popup to a different domain. 17 |
18 | 19 | 20 | -------------------------------------------------------------------------------- /src/skin/requestLog.css: -------------------------------------------------------------------------------- 1 | treechildren::-moz-tree-cell-text(selected) { 2 | color: #00b; 3 | } 4 | 5 | treechildren::-moz-tree-cell-text(hover) { 6 | color: #00b; 7 | } 8 | 9 | treechildren::-moz-tree-row(allowed) { 10 | background-color: #efe; 11 | } 12 | 13 | treechildren::-moz-tree-row(allowed, hover) { 14 | background-color: #cfc; 15 | } 16 | 17 | treechildren::-moz-tree-row(blocked) { 18 | background-color: #fdd; 19 | } 20 | 21 | treechildren::-moz-tree-row(blocked, hover) { 22 | background-color: #fcc; 23 | } 24 | 25 | #requestpolicy-requestLog-blocked { 26 | text-align: center; 27 | } 28 | 29 | treechildren::-moz-tree-cell(blocked) { 30 | margin: 0 30px 0 30px; 31 | } -------------------------------------------------------------------------------- /tests/iframe_2.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 13 | 14 | 15 | 16 |

Javascript creates two iframes, one with a same-site url and one 17 | with a cross-site url.

18 | 19 | 22 | 23 |
24 |
25 | 26 | 29 | 30 | 31 | -------------------------------------------------------------------------------- /tests/xhr_1.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 |

On this page there is a:

7 | 10 | 11 | 34 | 35 | 36 | 37 | 38 | -------------------------------------------------------------------------------- /src/locale/zh-CN/requestpolicy.properties: -------------------------------------------------------------------------------- 1 | extensions.requestpolicy@requestpolicy.com.description=控制允许哪些跨站点的请求。改进您浏览时的隐私保护。确保自己不被跨站点请求伪造(CSRF)攻击和其他攻击。 2 | extensionConflictWarning=冲突的扩展:%S 3 | allowOriginTemporarily=临时允许从 %S 的请求 4 | allowDestinationTemporarily=临时允许到 %S 的请求 5 | allowOriginToDestinationTemporarily=临时允许从 %1$S 到 %2$S 的请求 6 | allowOrigin=允许从 %S 的请求 7 | allowDestination=允许到 %S 的请求 8 | allowOriginToDestination=允许从 %1$S 到 %2$S 的请求 9 | forbidOrigin=阻止所有从 %S 的请求 10 | forbidDestination=阻止所有到 %S 的请求 11 | forbidOriginToDestination=阻止从 %1$S 到 %2$S 的请求 12 | unrestrictedOrigin=请求从 %S 不能阻止 13 | redirectNotification=此网页要求重定向到 %S 14 | allow=允许 15 | allow.accesskey=A 16 | deny=拒绝 17 | deny.accesskey=D 18 | more=更多... 19 | more.accesskey=M 20 | indentedText=%1$S %2$S 21 | exportCompleted=导出完成。 22 | importCompleted=导入完成。 23 | requestLogIsEmpty=请求日志是空的。 24 | requestLogDirections=当您访问网页时,将出现日志条目。 25 | actionForbidden=禁止动作 26 | urlCanOnlyBeCopiedToClipboard=此网址只能被复制到剪贴板。 27 | -------------------------------------------------------------------------------- /src/locale/zh-TW/requestpolicy.properties: -------------------------------------------------------------------------------- 1 | extensions.requestpolicy@requestpolicy.com.description=Control which cross-site requests are allowed. Improve the privacy of your browsing. Secure yourself from Cross-Site Request Forgery (CSRF) and other attacks. 2 | extensionConflictWarning=有衝突的擴充套件: %S 3 | allowOriginTemporarily=暫時允許來自於 %S 的請求 4 | allowDestinationTemporarily=暫時允許所有到 %S 的請求 5 | allowOriginToDestinationTemporarily=暫時允許從 %1$S 到 %2$S 的請求 6 | allowOrigin=允許來自於 %S 的請求 7 | allowDestination=允許到 %S 的請求 8 | allowOriginToDestination=允許由 %1$S 至 %2$S 的請求 9 | forbidOrigin=禁止所有來自於 %S 的請求 10 | forbidDestination=禁止所有到 %S 的請求 11 | forbidOriginToDestination=禁止由 %1$S 到 %2$S 的請求 12 | unrestrictedOrigin=無法阻擋來自於 %S 的請求 13 | redirectNotification=本網站請求重新導向至 %S 14 | allow=允許 15 | allow.accesskey=A 16 | deny=拒絕 17 | deny.accesskey=D 18 | more=More... 19 | more.accesskey=M 20 | indentedText=%1$S %2$S 21 | exportCompleted=匯出完成 22 | importCompleted=匯入完成 23 | requestLogIsEmpty=請求記錄一開始是空白的。 24 | requestLogDirections=在您瀏覽網頁時會產生記錄。 25 | actionForbidden=Action forbidden 26 | urlCanOnlyBeCopiedToClipboard=This URL can only be copied to the clipboard. 27 | -------------------------------------------------------------------------------- /src/locale/ja/requestpolicy.properties: -------------------------------------------------------------------------------- 1 | extensions.requestpolicy@requestpolicy.com.description=クロスサイトリクエストを制御し,ブラウジングのプライバシーを改善します.クロスサイトリクエストフォージェリ(CSRF)などの攻撃から保護します. 2 | extensionConflictWarning=競合するアドオンがあります: %S 3 | allowOriginTemporarily=%S からのリクエストを一時的に許可する 4 | allowDestinationTemporarily=%S へのリクエストを一時的に許可する 5 | allowOriginToDestinationTemporarily=%1$S から %2$S へのリクエストを一時的に許可する 6 | allowOrigin=%S からのリクエストを許可する 7 | allowDestination=%S へのリクエストを許可する 8 | allowOriginToDestination=%1$S から %2$S へのリクエストを許可する 9 | forbidOrigin=%S からのすべてのリクエストを禁止する 10 | forbidDestination=%S へのすべてのリクエストを禁止する 11 | forbidOriginToDestination=%1$S から %2$S へのリクエストを禁止する 12 | unrestrictedOrigin=%S からのリクエストはブロックされません 13 | redirectNotification=このWebページは %S へリダイレクトしようとしています 14 | allow=許可 15 | allow.accesskey=A 16 | deny=禁止 17 | deny.accesskey=D 18 | more=More... 19 | more.accesskey=M 20 | indentedText=%1$S %2$S 21 | exportCompleted=エクスポートが完了しました. 22 | importCompleted=インポートが完了しました. 23 | requestLogIsEmpty=The Request Log is initially empty. 24 | requestLogDirections=Log entries will appear when you visit web pages. 25 | actionForbidden=Action forbidden 26 | urlCanOnlyBeCopiedToClipboard=This URL can only be copied to the clipboard. 27 | -------------------------------------------------------------------------------- /src/skin/preferences/prefWindow.css: -------------------------------------------------------------------------------- 1 | prefwindow .chromeclass-toolbar { 2 | display: -moz-box !important; /* Ignore toolbar collapse button on OS X */ 3 | } 4 | 5 | prefwindow { 6 | /* Must be wide enough to accommodate locales with long translations of General pane labels. */ 7 | width: 40em; 8 | } 9 | 10 | prefwindow>prefpane>vbox.content-box { 11 | min-height: 30em; 12 | } 13 | 14 | radio[pane] { 15 | min-width: 5.5em; 16 | height: 48px; 17 | -moz-box-align: center; 18 | -moz-box-pack: end; 19 | } 20 | 21 | .statusLine { 22 | margin: .75em 0; 23 | font-size: .85em; 24 | } 25 | 26 | /* General pane */ 27 | #requestpolicyPrefpaneGeneral grid row hbox:first-child { 28 | -moz-box-pack: end; /* Right-justify left column */ 29 | -moz-box-align: end; 30 | /* Keep the labels at the bottom so they line up with the right column */ 31 | } 32 | 33 | .temporaryPermissionsCell { 34 | list-style-image: url(chrome://requestpolicy/skin/dot.png); 35 | -moz-box-pack: center; 36 | } 37 | 38 | .temporaryPermissionsCell label { 39 | display: none; 40 | } 41 | 42 | /* Whitelist pane */ 43 | listcol.temporary { 44 | width: 8em; 45 | } 46 | 47 | listcol#originToDestinationOriginColumn { 48 | min-width: 12em; 49 | } -------------------------------------------------------------------------------- /src/modules/Services.jsm: -------------------------------------------------------------------------------- 1 | /* 2 | * ***** BEGIN LICENSE BLOCK ***** 3 | * 4 | * RequestPolicy - A Firefox extension for control over cross-site requests. 5 | * Copyright (c) 2011 Justin Samuel 6 | * 7 | * This program is free software: you can redistribute it and/or modify it under 8 | * the terms of the GNU General Public License as published by the Free Software 9 | * Foundation, either version 3 of the License, or (at your option) any later 10 | * version. 11 | * 12 | * This program is distributed in the hope that it will be useful, but WITHOUT 13 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS 14 | * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more 15 | * details. 16 | * 17 | * You should have received a copy of the GNU General Public License along with 18 | * this program. If not, see . 19 | * 20 | * ***** END LICENSE BLOCK ***** 21 | */ 22 | 23 | var EXPORTED_SYMBOLS = ["Services"]; 24 | 25 | Components.utils.import("resource://gre/modules/XPCOMUtils.jsm"); 26 | 27 | var Services = {}; 28 | 29 | XPCOMUtils.defineLazyServiceGetter(Services, "directoryService", 30 | "@mozilla.org/file/directory_service;1", "nsIProperties"); 31 | -------------------------------------------------------------------------------- /src/locale/tr/requestpolicy.properties: -------------------------------------------------------------------------------- 1 | extensions.requestpolicy@requestpolicy.com.description=Çapraz-site bağlantılarını yönetin.Tarayıcı güvenliğinizi artırın.Çapraz Site Bağlantı Sahtekarlığı (CSRF) ve benzeri saldırılardan korunun. 2 | extensionConflictWarning=Uyumsuz eklentiler: %S 3 | allowOriginTemporarily=Geçici olarak izin ver %S 4 | allowDestinationTemporarily=Geçici olarak izin ver %S 5 | allowOriginToDestinationTemporarily=Geçici olarak izin %1$S dan %2$S a 6 | allowOrigin=İzin ver %S 7 | allowDestination=İzin ver %S 8 | allowOriginToDestination=İzin ver %1$S dan %2$S a 9 | forbidOrigin=İzinleri kaldır %S 10 | forbidDestination=İzinleri kaldır %S 11 | forbidOriginToDestination=İzini kaldır %1$S dan %2$S a 12 | unrestrictedOrigin=Bu istek %S engellenemez 13 | redirectNotification=Yönlendirme istiyor %S 14 | allow=İzin ver 15 | allow.accesskey=A 16 | deny=Yasakla 17 | deny.accesskey=D 18 | more=Daha fazla... 19 | more.accesskey=F 20 | indentedText=%1$S %2$S 21 | exportCompleted=Aktarma tamamlandı. 22 | importCompleted=Aktarma tamamlandı. 23 | requestLogIsEmpty=Kayıt dosyası boş. 24 | requestLogDirections=Sayfalar gezdiğinizde kayıtlar gözükür. 25 | actionForbidden=Yasaklı hareket 26 | urlCanOnlyBeCopiedToClipboard=Bu adres sadece hafızaya kopyalanabilir. 27 | -------------------------------------------------------------------------------- /src/locale/ko-KR/requestpolicy.properties: -------------------------------------------------------------------------------- 1 | extensions.requestpolicy@requestpolicy.com.description=어떤 크로스 사이트 요청을 허용할것인지 설정합니다. 웹 브라우징 안전성을 높이고, Cross-Site Request Forgery (CSRF) 를 비롯한 다른 공격으로부터 자신을 보호하십시오. 2 | extensionConflictWarning=Conflicting extensions: %S 3 | allowOriginTemporarily=%S(으)로부터의 요청을 임시적으로 허용합니다. 4 | allowDestinationTemporarily=%S(으)로의 요청을 임시적으로 허용합니다. 5 | allowOriginToDestinationTemporarily=%1$S에서 %2$S(으)로의 요청을 임시적으로 허용합니다. 6 | allowOrigin=%S 로부터의 요청을 허용합니다. 7 | allowDestination=%S 로의 요청을 허용합니다. 8 | allowOriginToDestination=%1$S에서 %2$S(으)로의 요청을 허용합니다. 9 | forbidOrigin=%S(으)로부터의 모든 요청을 거절합니다. 10 | forbidDestination=%S(으)로의 모든 요청을 거절합니다. 11 | forbidOriginToDestination=%1$S에서 %2$S(으)로의 요청을 거절합니다. 12 | unrestrictedOrigin=Requests from %S cannot be blocked 13 | redirectNotification=이 웹페이지가 %S(으)로 리다이렉트 됩니다. 14 | allow=허용 15 | allow.accesskey=A 16 | deny=거부 17 | deny.accesskey=D 18 | more=More... 19 | more.accesskey=M 20 | indentedText=%1$S %2$S 21 | exportCompleted=내보내기가 완료되었습니다. 22 | importCompleted=가져오기가 완료되었습니다. 23 | requestLogIsEmpty=The Request Log is initially empty. 24 | requestLogDirections=Log entries will appear when you visit web pages. 25 | actionForbidden=Action forbidden 26 | urlCanOnlyBeCopiedToClipboard=This URL can only be copied to the clipboard. 27 | -------------------------------------------------------------------------------- /src/modules/Prompter.jsm: -------------------------------------------------------------------------------- 1 | /* 2 | * ***** BEGIN LICENSE BLOCK ***** 3 | * 4 | * RequestPolicy - A Firefox extension for control over cross-site requests. 5 | * Copyright (c) 2008 Justin Samuel 6 | * 7 | * This program is free software: you can redistribute it and/or modify it under 8 | * the terms of the GNU General Public License as published by the Free Software 9 | * Foundation, either version 3 of the License, or (at your option) any later 10 | * version. 11 | * 12 | * This program is distributed in the hope that it will be useful, but WITHOUT 13 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS 14 | * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more 15 | * details. 16 | * 17 | * You should have received a copy of the GNU General Public License along with 18 | * this program. If not, see . 19 | * 20 | * ***** END LICENSE BLOCK ***** 21 | */ 22 | 23 | var EXPORTED_SYMBOLS = ["Prompter"] 24 | 25 | var Prompter = new function() { 26 | this._promptService = Components.classes["@mozilla.org/embedcomp/prompt-service;1"] 27 | .getService(Components.interfaces.nsIPromptService); 28 | }; 29 | 30 | Prompter.alert = function(title, text) { 31 | this._promptService.alert(null, title, text); 32 | } 33 | -------------------------------------------------------------------------------- /src/locale/en-US/requestpolicy.properties: -------------------------------------------------------------------------------- 1 | extensions.requestpolicy@requestpolicy.com.description=Control which cross-site requests are allowed. Improve the privacy of your browsing. Secure yourself from Cross-Site Request Forgery (CSRF) and other attacks. 2 | extensionConflictWarning=Conflicting extensions: %S 3 | allowOriginTemporarily=Temporarily allow requests from %S 4 | allowDestinationTemporarily=Temporarily allow requests to %S 5 | allowOriginToDestinationTemporarily=Temporarily allow requests from %1$S to %2$S 6 | allowOrigin=Allow requests from %S 7 | allowDestination=Allow requests to %S 8 | allowOriginToDestination=Allow requests from %1$S to %2$S 9 | forbidOrigin=Forbid all requests from %S 10 | forbidDestination=Forbid all requests to %S 11 | forbidOriginToDestination=Forbid requests from %1$S to %2$S 12 | unrestrictedOrigin=Requests from %S cannot be blocked 13 | redirectNotification=This webpage has asked to redirect to %S 14 | allow=Allow 15 | allow.accesskey=A 16 | deny=Deny 17 | deny.accesskey=D 18 | more=More… 19 | more.accesskey=M 20 | indentedText=%1$S %2$S 21 | exportCompleted=Export completed. 22 | importCompleted=Import completed. 23 | requestLogIsEmpty=The Request Log is initially empty. 24 | requestLogDirections=Log entries will appear when you visit web pages. 25 | actionForbidden=Action forbidden 26 | urlCanOnlyBeCopiedToClipboard=This URL can only be copied to the clipboard. 27 | -------------------------------------------------------------------------------- /src/locale/uk-UA/requestpolicy.properties: -------------------------------------------------------------------------------- 1 | extensions.requestpolicy@requestpolicy.com.description=Control which cross-site requests are allowed. Improve the privacy of your browsing. Secure yourself from Cross-Site Request Forgery (CSRF) and other attacks. 2 | extensionConflictWarning=Conflicting extensions: %S 3 | allowOriginTemporarily=Тимчасово дозволити запити від %S 4 | allowDestinationTemporarily=Тимчасово дозволити запити до %S 5 | allowOriginToDestinationTemporarily=Тимчасово дозволити запити від %1$S до %2$S 6 | allowOrigin=Дозволити запити від %S 7 | allowDestination=Дозволити запити до %S 8 | allowOriginToDestination=Дозволити запити від %1$S до %2$S 9 | forbidOrigin=Заборонити усі запити від %S 10 | forbidDestination=Заборонити усі запити до %S 11 | forbidOriginToDestination=Заборонити запити від %1$S до %2$S 12 | unrestrictedOrigin=Requests from %S cannot be blocked 13 | redirectNotification=Ця сторінка намагається переадресуватися на %S 14 | allow=Дозволити 15 | allow.accesskey=A 16 | deny=Заборонити 17 | deny.accesskey=D 18 | more=More... 19 | more.accesskey=M 20 | indentedText=%1$S %2$S 21 | exportCompleted=Експорт завершений. 22 | importCompleted=Імпорт завершений. 23 | requestLogIsEmpty=The Request Log is initially empty. 24 | requestLogDirections=Log entries will appear when you visit web pages. 25 | actionForbidden=Action forbidden 26 | urlCanOnlyBeCopiedToClipboard=This URL can only be copied to the clipboard. 27 | -------------------------------------------------------------------------------- /src/locale/ru-RU/requestpolicy.properties: -------------------------------------------------------------------------------- 1 | extensions.requestpolicy@requestpolicy.com.description=Осуществляет контроль разрешенных межсайтовых запросов. Повышает конфиденциальность веб-серфинга. Защищает вас от подделки межсайтовых запросов (CSRF) и других атак. 2 | extensionConflictWarning=Конфликтующие расширения: %S 3 | allowOriginTemporarily=Временно разрешить запросы с %S 4 | allowDestinationTemporarily=Временно разрешить запросы к %S 5 | allowOriginToDestinationTemporarily=Временно разрешить запросы от %1$S к %2$S 6 | allowOrigin=Разрешить запросы от %S 7 | allowDestination=Разрешить запросы к %S 8 | allowOriginToDestination=Разрешить запросы от %1$S к %2$S 9 | forbidOrigin=Запретить все запросы от %S 10 | forbidDestination=Запретить все запросы к %S 11 | forbidOriginToDestination=Запретить все запросы от %1$S к %2$S 12 | unrestrictedOrigin=Запросы от %S не могут быть заблокированы 13 | redirectNotification=Эта страница запросила перенаправление на %S 14 | allow=Разрешить 15 | allow.accesskey=A 16 | deny=Отклонить 17 | deny.accesskey=D 18 | more=Подробнее... 19 | more.accesskey=M 20 | indentedText=%1$S %2$S 21 | exportCompleted=Экспорт завершен 22 | importCompleted=Импорт завершен. 23 | requestLogIsEmpty=Журнал запросов пуст 24 | requestLogDirections=Записи журнала будут показаны при посещении веб страниц 25 | actionForbidden=Действие запрещено 26 | urlCanOnlyBeCopiedToClipboard=Данный URL можно скопировать только в буфер обмена 27 | -------------------------------------------------------------------------------- /src/locale/sk-SK/requestpolicy.properties: -------------------------------------------------------------------------------- 1 | extensions.requestpolicy@requestpolicy.com.description=Určiť, ktoré požiadavky externých stránok sú povolené. Zlepšiť súkromie vášho prehliadania. Zabezpečte sa od Cross-Site Request Forgery (CSRF) a ďalších útokov. 2 | extensionConflictWarning=Konfliktné rozšírenia: %S 3 | allowOriginTemporarily=Dočasne umožniť požiadavky z %S 4 | allowDestinationTemporarily=Dočasne umožniť požiadavky na %S 5 | allowOriginToDestinationTemporarily=Dočasne umožniť požiadavky z %1$S na %2$S 6 | allowOrigin=Povoliť požiadavky z %S 7 | allowDestination=Povoliť požiadavky na %S 8 | allowOriginToDestination=Povoliť požiadavky z %1$S na %2$S 9 | forbidOrigin=Zakázať všetky požiadavky z %S 10 | forbidDestination=Zakázať všetky požiadavky od %S 11 | forbidOriginToDestination=Zakázať všetky požiadavky z %1$S na %2$S 12 | unrestrictedOrigin=Požiadavky z %S nemôžu byť blokované 13 | redirectNotification=Táto stránka požaduje presmerovanie na %S 14 | allow=Povoliť 15 | allow.accesskey=P 16 | deny=Zakázať 17 | deny.accesskey=Z 18 | more=Viac… 19 | more.accesskey=V 20 | indentedText=%1$S %2$S 21 | exportCompleted=Exportovania dokončené. 22 | importCompleted=Importovanie dokončené. 23 | requestLogIsEmpty=Protokol požiadaviek je na začiatku prázdny. 24 | requestLogDirections=Položky protokolu sa zobrazia pri návšteve webovej stránky. 25 | actionForbidden=Úloha zakázaná 26 | urlCanOnlyBeCopiedToClipboard=Táto adresa URL môže byť skopírovaná len do schránky. 27 | -------------------------------------------------------------------------------- /src/locale/lv-LV/requestpolicy.properties: -------------------------------------------------------------------------------- 1 | extensions.requestpolicy@requestpolicy.com.description=Pārvalda atļautos starpvietņu pieprasījumus. Uzlabo pārlūkošanas privātumu. Pasargājiet sevi no starpvietņu pieprasījumu viltošanas (CSRF) un citiem tīmekļa uzbrukumiem. 2 | extensionConflictWarning=Konfliktējošie papildinājumi: %S 3 | allowOriginTemporarily=Īslaicīgi atļaut pieprasījumus no %S 4 | allowDestinationTemporarily=Īslaicīgi atļaut pieprasījumus uz %S 5 | allowOriginToDestinationTemporarily=Īslaicīgi atļaut pieprasījumus no %1$S uz %2$S 6 | allowOrigin=Atļaut pieprasījumus no %S 7 | allowDestination=Atļaut pieprasījumus uz %S 8 | allowOriginToDestination=Atļaut pieprasījumus no %1$S uz %2$S 9 | forbidOrigin=Aizliegt visus pieprasījumus no %S 10 | forbidDestination=Aizliegt visus pieprasījumus uz %S 11 | forbidOriginToDestination=Aizliegt pieprasījumus no %1$S uz %2$S 12 | unrestrictedOrigin=Pieprasījumi no %S nevar tikt aizliegti 13 | redirectNotification=Šī vietne vēlas pārvirzīt uz %S 14 | allow=Atļaut 15 | allow.accesskey=A 16 | deny=Aizliegt 17 | deny.accesskey=D 18 | more=Detalizētāk… 19 | more.accesskey=M 20 | indentedText=%1$S %2$S 21 | exportCompleted=Eksportēšana pabeigta. 22 | importCompleted=Importēšana pabeigta. 23 | requestLogIsEmpty=Sākotnēji pieprasījumu žurnāls ir tukšs. 24 | requestLogDirections=Žurnāla ieraksti parādīsies apmeklējot vietnes. 25 | actionForbidden=Darbība aizliegta 26 | urlCanOnlyBeCopiedToClipboard=Šī adrese var tikt kopēta vienīgi starpliktuvē. 27 | -------------------------------------------------------------------------------- /src/locale/pt-BR/requestpolicy.properties: -------------------------------------------------------------------------------- 1 | extensions.requestpolicy@requestpolicy.com.description=Controle pedidos entre domínios. Navegue com mais privacidade. Proteja-se contra ataques de referência cruzada e outros. 2 | extensionConflictWarning=Extensões incompatíveis: %S 3 | allowOriginTemporarily=Temporariamente permitir pedidos de %S 4 | allowDestinationTemporarily=Temporariamente permitir pedidos para %S 5 | allowOriginToDestinationTemporarily=Temporariamente permitir pedidos de %1$S para %2$S 6 | allowOrigin=Permitir pedidos de %S 7 | allowDestination=Permitir pedidos para %S 8 | allowOriginToDestination=Permitir pedidos de %1$S para %2$S 9 | forbidOrigin=Bloquear todos os pedidos de %S 10 | forbidDestination=Bloquear todos os pedidos para %S 11 | forbidOriginToDestination=Bloquear pedidos de %1$S para %2$S 12 | unrestrictedOrigin=Pedidos de %S não puderam ser bloqueados 13 | redirectNotification=A página atual quer redirecionar o navegador para %S 14 | allow=Permitir 15 | allow.accesskey=P 16 | deny=Bloquear 17 | deny.accesskey=B 18 | more=Mais… 19 | more.accesskey=M 20 | indentedText=%1$S %2$S 21 | exportCompleted=Exportação concluída. 22 | importCompleted=Importação concluída. 23 | requestLogIsEmpty=A lista de pedidos começa vazia. 24 | requestLogDirections=Novos pedidos detectados serão listados conforme você visitar outras páginas. 25 | actionForbidden=Ação não permitida 26 | urlCanOnlyBeCopiedToClipboard=Este endereço apenas pode ser copiado para a área de transferência. 27 | -------------------------------------------------------------------------------- /src/locale/eo/requestpolicy.properties: -------------------------------------------------------------------------------- 1 | extensions.requestpolicy@requestpolicy.com.description=Administru la rajtojn de retejoj fari inter-retejajn petojn. Plibonigu la privatecon de via retumado. Sekurigu vin kontraŭ Falsado de inter-retejaj petoj (Cross-Site Request Forgery, CSRF) kaj aliaj atakoj. 2 | extensionConflictWarning=Konfliktantaj etendoprogramoj: %S 3 | allowOriginTemporarily=Provizore permesi petojn fare de %S 4 | allowDestinationTemporarily=Provizore permesi petojn al %S 5 | allowOriginToDestinationTemporarily=Provizore permesi petojn de %1$S al %2$S 6 | allowOrigin=Permesi petojn fare de %S 7 | allowDestination=Permesi petojn al %S 8 | allowOriginToDestination=Permesi petojn de %1$S al %2$S 9 | forbidOrigin=Malpermesi ĉiujn petojn fare de %S 10 | forbidDestination=Malpermesi ĉiujn petojn al %S 11 | forbidOriginToDestination=Malpermesi petojn de %1$S al %2$S 12 | unrestrictedOrigin=Petojn de %S malpermesi ne eblas 13 | redirectNotification=Tiu ĉi retpaĝo petis pri alidirekto al %S 14 | allow=Permesi 15 | allow.accesskey=P 16 | deny=Ne permesi 17 | deny.accesskey=N 18 | more=Pli… 19 | more.accesskey=P 20 | indentedText=%1$S %2$S 21 | exportCompleted=La eksporto finiĝis. 22 | importCompleted=La importo finiĝis. 23 | requestLogIsEmpty=Komence la petprotokolo malplenas. 24 | requestLogDirections=La protokoleroj aperados dum retesplorado. 25 | actionForbidden=La ago estis malpermesita 26 | urlCanOnlyBeCopiedToClipboard=Adreson kun tiu protokol-skemo eblas nur kopii en la tondujon. 27 | -------------------------------------------------------------------------------- /src/locale/nl/requestpolicy.properties: -------------------------------------------------------------------------------- 1 | extensions.requestpolicy@requestpolicy.com.description=Beheers welke cross-site verzoeken worden toegelaten. Verbeter de privacy van uw surfen. Beveilig uzelf tegen Cross-Site Request Forgery (CSRF) en andere aanvallen. 2 | extensionConflictWarning=Conflicterende extensies: %S 3 | allowOriginTemporarily=Verzoeken van %S tijdelijk toestaan 4 | allowDestinationTemporarily=Verzoeken aan %S tijdelijk toestaan 5 | allowOriginToDestinationTemporarily=Verzoeken van %1$S aan %2$S tijdelijk toestaan 6 | allowOrigin=Verzoeken van %S toestaan 7 | allowDestination=Verzoeken aan %S toestaan 8 | allowOriginToDestination=Verzoeken van %1$S aan %2$S toestaan 9 | forbidOrigin=Alle verzoeken van %S verbieden 10 | forbidDestination=Alle verzoeken aan %S verbieden 11 | forbidOriginToDestination=Verzoeken van %1$S aan %2$S verbieden 12 | unrestrictedOrigin=Verzoeken van %S kunnen niet worden geblokkeerd 13 | redirectNotification=Deze webpagina wil doorverwijzen naar %S 14 | allow=Toestaan 15 | allow.accesskey=T 16 | deny=Weigeren 17 | deny.accesskey=W 18 | more=Meer… 19 | more.accesskey=M 20 | indentedText=%1$S %2$S 21 | exportCompleted=Exporteren afgerond. 22 | importCompleted=Importeren afgerond. 23 | requestLogIsEmpty=Het verzoekenlogbestand is in eerste instantie leeg. 24 | requestLogDirections=Logingaven verschijnen wanneer u webpagina’s bezoekt. 25 | actionForbidden=Actie verboden 26 | urlCanOnlyBeCopiedToClipboard=Deze URL kan alleen maar worden gekopieerd naar het Klembord. 27 | -------------------------------------------------------------------------------- /src/locale/sv-SE/requestpolicy.properties: -------------------------------------------------------------------------------- 1 | extensions.requestpolicy@requestpolicy.com.description=Kontrollera vilka förfrågningar mellan webbsidor som är tillåtna. Förbättra din integritet. Skydda dig mot falska förfrågningar mellan webbsidor (CSRF) och andra attacker. 2 | extensionConflictWarning=Tillägg med konflikter: %S 3 | allowOriginTemporarily=Tillåt tillfälligt förfrågningar från %S 4 | allowDestinationTemporarily=Tillåt tillfälligt förfrågningar till %S 5 | allowOriginToDestinationTemporarily=Tillåt tillfälligt förfrågningar från %1$S till %2$S 6 | allowOrigin=Tillåt förfrågningar från %S 7 | allowDestination=Tillåt förfrågningar till %S 8 | allowOriginToDestination=Tillåt förfrågningar från %1$S till %2$S 9 | forbidOrigin=Förbjud alla förfrågningar från %S 10 | forbidDestination=Förbjud alla förfrågningar till %S 11 | forbidOriginToDestination=Förbjud förfrågningar från %1$S till %2$S 12 | unrestrictedOrigin=Förfrågningar från %S kan inte blockeras 13 | redirectNotification=Den här webbsidan har bett om omdirigering till %S 14 | allow=Tillåt 15 | allow.accesskey=A 16 | deny=Neka 17 | deny.accesskey=D 18 | more=Mer… 19 | more.accesskey=M 20 | indentedText=%1$S %2$S 21 | exportCompleted=Export färdig. 22 | importCompleted=Import färdig. 23 | requestLogIsEmpty=Förfrågningsloggen är inledningsvis tom. 24 | requestLogDirections=Loggposter kommer att dyka upp när du besöker hemsidor. 25 | actionForbidden=Förbjuden handling 26 | urlCanOnlyBeCopiedToClipboard=Denna URL kan bara kopieras till urklipp. 27 | -------------------------------------------------------------------------------- /src/locale/de/requestpolicy.properties: -------------------------------------------------------------------------------- 1 | extensions.requestpolicy@requestpolicy.com.description=Domainübergreifende Anfragen kontrollieren. Verbesseren Sie Ihr Browsen. Schützen Sie sich vor Cross-Site-Forgery-Requests (CSFR) und anderen Angriffen. 2 | extensionConflictWarning=Konflikt mit folgenden Erweiterungen: %S 3 | allowOriginTemporarily=Temporär alle Anfragen durch %S erlauben 4 | allowDestinationTemporarily=Temporär alle Anfragen nach %S erlauben 5 | allowOriginToDestinationTemporarily=Temporär alle Anfragen durch %1$S nach %2$S erlauben 6 | allowOrigin=Anfragen durch %S erlauben 7 | allowDestination=Anfragen nach %S erlauben 8 | allowOriginToDestination=Anfragen durch %1$S nach %2$S erlauben 9 | forbidOrigin=Anfragen durch %S verbieten 10 | forbidDestination=Anfragen nach %S verbieten 11 | forbidOriginToDestination=Anfragen durch %1$S nach %2$S verbieten 12 | unrestrictedOrigin=Anfragen durch %S können nicht verboten werden 13 | redirectNotification=Diese Webseite möchte nach %S weiterleiten 14 | allow=Erlauben 15 | allow.accesskey=E 16 | deny=Ablehnen 17 | deny.accesskey=L 18 | more=Mehr... 19 | more.accesskey=M 20 | indentedText=%1$S %2$S 21 | exportCompleted=Export erfolgreich durchgeführt 22 | importCompleted=Import erfolgreich durchgeführt 23 | requestLogIsEmpty=Das Anfragenprotokoll ist anfangs leer. 24 | requestLogDirections=Beim Besuchen von Webseiten werden Protokolleinträge erstellt. 25 | actionForbidden=Unzulässige Aktion 26 | urlCanOnlyBeCopiedToClipboard=Diese Adresse kann nur in die Zwischenablage kopiert werden. 27 | -------------------------------------------------------------------------------- /src/locale/fr/requestpolicy.properties: -------------------------------------------------------------------------------- 1 | extensions.requestpolicy@requestpolicy.com.description=Contrôler quelles requêtes « cross-site » sont autorisées. Améliorer la vie privée durant la navigation. S'auto-sécuriser contre les CSRF (« sea-surfing ») et autres attaques. 2 | extensionConflictWarning=Conflicting extensions: %S 3 | allowOriginTemporarily=Accepter temporairement les requêtes depuis %S 4 | allowDestinationTemporarily=Accepter temporairement les requêtes vers %S 5 | allowOriginToDestinationTemporarily=Accepter temporairement les requêtes de %1$S vers %2$S 6 | allowOrigin=Accepter les requêtes depuis %S 7 | allowDestination=Accepter les requêtes vers %S 8 | allowOriginToDestination=Accepter les requêtes de %1$S vers %2$S 9 | forbidOrigin=Empêcher toutes les requêtes depuis %S 10 | forbidDestination=Empêcher toutes les requêtes vers %S 11 | forbidOriginToDestination=Empêcher toutes les requêtes depuis %S vers %S 12 | unrestrictedOrigin=Requests from %S cannot be blocked 13 | redirectNotification=Cette page Web a demandé une redirection vers %S 14 | allow=Accepter 15 | allow.accesskey=A 16 | deny=Refuser 17 | deny.accesskey=D 18 | more=More... 19 | more.accesskey=M 20 | indentedText=%1$S %2$S 21 | exportCompleted=Exportation terminée. 22 | importCompleted=Importation terminée. 23 | requestLogIsEmpty=The Request Log is initially empty. 24 | requestLogDirections=Log entries will appear when you visit web pages. 25 | actionForbidden=Action forbidden 26 | urlCanOnlyBeCopiedToClipboard=This URL can only be copied to the clipboard. 27 | -------------------------------------------------------------------------------- /src/locale/it/requestpolicy.properties: -------------------------------------------------------------------------------- 1 | extensions.requestpolicy@requestpolicy.com.description=Controlla quali richieste cross-site sono permesse. Migliora la tua privacy di navigazione. Difenditi dal Cross-Site Request Forgery (CSRF) e altri attacchi. 2 | extensionConflictWarning=Estensioni in conflitto: %S 3 | allowOriginTemporarily=Permetti temporaneamente le richieste da %S 4 | allowDestinationTemporarily=Permetti temporaneamente le richieste verso %S 5 | allowOriginToDestinationTemporarily=Permetti temporaneamente le richieste da %1$S verso %2$S 6 | allowOrigin=Permetti le richieste da %S 7 | allowDestination=Permetti le richieste verso %S 8 | allowOriginToDestination=Permetti le richieste da %1$S verso %2$S 9 | forbidOrigin=Blocca tutte le richieste da %S 10 | forbidDestination=Blocca tutte le richieste verso %S 11 | forbidOriginToDestination=Blocca le richieste da %1$S verso %2$S 12 | unrestrictedOrigin=Le richieste da %S non possono essere bloccate 13 | redirectNotification=Questa pagina ha chiesto un reindirizzamento verso %S 14 | allow=Permetti 15 | allow.accesskey=P 16 | deny=Nega 17 | deny.accesskey=N 18 | more=Altro... 19 | more.accesskey=A 20 | indentedText=%1$S %2$S 21 | exportCompleted=Esportazione completata. 22 | importCompleted=Importazione completata. 23 | requestLogIsEmpty=Il Log Richieste è inizialmente vuoto. 24 | requestLogDirections=Le annotazioni appaiono nel Log appena visiti una pagina. 25 | actionForbidden=Azione proibita 26 | urlCanOnlyBeCopiedToClipboard=Questo URL può solo essere copiato negli Appunti. 27 | -------------------------------------------------------------------------------- /src/locale/eu/requestpolicy.properties: -------------------------------------------------------------------------------- 1 | extensions.requestpolicy@requestpolicy.com.description=Kontrola itzazu zein gune-arteko eskaerak baimentzen diren. Hobetu zure nabigazioaren pribatutasuna. Babes zaitez Cross-Site Request Forgery (CSRF) eta beste erasoen aurrean. 2 | extensionConflictWarning=Hedapenen gatazka: %S 3 | allowOriginTemporarily=%S tik datozen eskaerak aldi baterako baimendu 4 | allowDestinationTemporarily=%S ra doazen eskaerak aldi baterako baimendu 5 | allowOriginToDestinationTemporarily=%1$S tik %2$S ra doazen eskaerak aldi baterako baimendu 6 | allowOrigin=%S tik datozen eskaerak baimendu 7 | allowDestination=%S ra doazen eskaerak baimendu 8 | allowOriginToDestination=%1$S tik %2$S ra doazen eskaerak baimendu 9 | forbidOrigin=%S tik datozen eskaera guztiak debekatu 10 | forbidDestination=%S ra doazen eskaera guztiak debekatu 11 | forbidOriginToDestination=%1$S tik %2$S ra doazen eskaerak debekatu 12 | unrestrictedOrigin=%S tik datozen eskaerak ezin dira blokeatu 13 | redirectNotification=Webgune honek %S ra berbideratzeko eskatu du 14 | allow=Baimendu 15 | allow.accesskey=A 16 | deny=Ukatu 17 | deny.accesskey=D 18 | more=Gehiago... 19 | more.accesskey=M 20 | indentedText=%1$S %2$S 21 | exportCompleted=Esportatzea beteta. 22 | importCompleted=Inportatzea beteta. 23 | requestLogIsEmpty=Eskaera Erregistroa hutsik dago hasieran. 24 | requestLogDirections=Erregistro sarrerak webguneak bisitatzerakoan agertuko dira. 25 | actionForbidden=Debekatutako ekintza 26 | urlCanOnlyBeCopiedToClipboard=URL hau soilik arbelera kopiatu daiteke. 27 | -------------------------------------------------------------------------------- /src/locale/es-MX/requestpolicy.properties: -------------------------------------------------------------------------------- 1 | extensions.requestpolicy@requestpolicy.com.description=Controla las peticiones de dominio cruzado que son permitidas. Mejora la privacidad de tu navegacion. Te protege de ataques de Falsificacion de peticion de sitios cruzados (Cross-Site Request Forgery) y otros ataques similares 2 | extensionConflictWarning=Extensiones incompatibles: %S 3 | allowOriginTemporarily=Permitir temporalmente peticiones desde %S 4 | allowDestinationTemporarily=Permitir temporalmente peticiones hacia %S 5 | allowOriginToDestinationTemporarily=Permitir temporalmente peticiones desde %1$S hacia %2$S 6 | allowOrigin=Permitir peticiones desde %S 7 | allowDestination=Permitir peticiones hacia %S 8 | allowOriginToDestination=Permitir peticiones desde %1$S hacia %2$S 9 | forbidOrigin=Prohibir todas las peticiones desde %S 10 | forbidDestination=Prohibir todas las peticiones hacia %S 11 | forbidOriginToDestination=Prohibir peticiones desde %1$S hacia %2$S 12 | unrestrictedOrigin=Las peticiones desde %S no pueden ser bloqueadas 13 | redirectNotification=Esta pagina ha pedido ser redirigida a %S 14 | allow=Permitir 15 | allow.accesskey=A 16 | deny=Negar 17 | deny.accesskey=D 18 | more=Mas… 19 | more.accesskey=M 20 | indentedText=%1$S %2$S 21 | exportCompleted=Se ha completado la exportación de datos 22 | importCompleted=Se ha completado la importación de datos 23 | requestLogIsEmpty=El registro de peticiones esta vacío. 24 | requestLogDirections=El registro de navegación aparecerá cuando visite paginas web. 25 | actionForbidden=Acción no permitida 26 | urlCanOnlyBeCopiedToClipboard=Esta URL solo puede ser copiada al portapapeles 27 | -------------------------------------------------------------------------------- /tests/form_2.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 |

Same hosts

7 | 8 |

On this page there are automatically submitted forms and forms 9 | for manual submission.

10 | 11 |
14 | 15 |
16 | 17 |
20 | 21 | 22 | 23 | 26 | 27 |

Different hosts

28 | 29 |
31 | 32 |
33 | 34 |
35 | 36 |
39 | 40 | 41 | 42 | 49 | 50 | 51 | -------------------------------------------------------------------------------- /src/defaults/preferences/defaults.js: -------------------------------------------------------------------------------- 1 | pref("extensions.requestpolicy@requestpolicy.com.description", 2 | "chrome://requestpolicy/locale/requestpolicy.properties"); 3 | 4 | pref("extensions.requestpolicy.log", false); 5 | pref("extensions.requestpolicy.log.level", 0); 6 | pref("extensions.requestpolicy.log.types", 1023); 7 | 8 | pref("extensions.requestpolicy.autoReload", true); 9 | pref("extensions.requestpolicy.uriIdentificationLevel", 1); 10 | 11 | pref("extensions.requestpolicy.allowedOrigins", ""); 12 | pref("extensions.requestpolicy.allowedDestinations", ""); 13 | pref("extensions.requestpolicy.allowedOriginsToDestinations", ""); 14 | 15 | pref("extensions.requestpolicy.initialSetupDialogShown", false); 16 | 17 | pref("extensions.requestpolicy.statusbarIcon", "standard"); 18 | pref("extensions.requestpolicy.indicateBlockedObjects", true); 19 | pref("extensions.requestpolicy.startWithAllowAllEnabled", false); 20 | pref("extensions.requestpolicy.privateBrowsingPermanentWhitelisting", false); 21 | 22 | pref("extensions.requestpolicy.prefetch.link.disableOnStartup", true); 23 | pref("extensions.requestpolicy.prefetch.link.restoreDefaultOnUninstall", true); 24 | pref("extensions.requestpolicy.prefetch.dns.disableOnStartup", true); 25 | pref("extensions.requestpolicy.prefetch.dns.restoreDefaultOnUninstall", true); 26 | pref("extensions.requestpolicy.contextMenu", true); 27 | 28 | pref("extensions.requestpolicy.lastVersion", "0.0"); 29 | pref("extensions.requestpolicy.lastAppVersion", "0.0"); 30 | 31 | pref("extensions.requestpolicy.study.participate", false); 32 | pref("extensions.requestpolicy.study.profileID", ""); 33 | pref("extensions.requestpolicy.study.consentID", 0); 34 | pref("extensions.requestpolicy.study.consentVersion", 0); 35 | pref("extensions.requestpolicy.study.sessionID", 0); 36 | pref("extensions.requestpolicy.study.globalEventID", 0); 37 | -------------------------------------------------------------------------------- /src/modules/Stats.jsm: -------------------------------------------------------------------------------- 1 | /* 2 | * ***** BEGIN LICENSE BLOCK ***** 3 | * 4 | * RequestPolicy - A Firefox extension for control over cross-site requests. 5 | * Copyright (c) 2011 Justin Samuel 6 | * 7 | * This program is free software: you can redistribute it and/or modify it under 8 | * the terms of the GNU General Public License as published by the Free Software 9 | * Foundation, either version 3 of the License, or (at your option) any later 10 | * version. 11 | * 12 | * This program is distributed in the hope that it will be useful, but WITHOUT 13 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS 14 | * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more 15 | * details. 16 | * 17 | * You should have received a copy of the GNU General Public License along with 18 | * this program. If not, see . 19 | * 20 | * ***** END LICENSE BLOCK ***** 21 | */ 22 | 23 | var EXPORTED_SYMBOLS = ['Stats']; 24 | 25 | // The data in the StoredStats object is written to a file so that the 26 | // information is available across sessions. This is the filename in the 27 | // {PROFILE}/requestpolicy/ directory that is used. 28 | const STORED_STATS_FILENAME = 'telemetry-study.json'; 29 | 30 | Components.utils.import("resource://requestpolicy/FileUtil.jsm"); 31 | Components.utils.import('resource://requestpolicy/Logger.jsm'); 32 | 33 | 34 | /** 35 | * Statistics gathering. 36 | */ 37 | var Stats = { 38 | deleteFile : function() { 39 | ruleData.deleteFile(); 40 | } 41 | }; 42 | 43 | var ruleData = { 44 | deleteFile : function() { 45 | try { 46 | var file = FileUtil.getRPUserDir(); 47 | file.appendRelativePath(STORED_STATS_FILENAME); 48 | file.remove(false); 49 | } catch (e) { 50 | Logger.dump('Unable to delete stored stats: ' + e); 51 | } 52 | } 53 | 54 | }; 55 | 56 | -------------------------------------------------------------------------------- /src/modules/Util.jsm: -------------------------------------------------------------------------------- 1 | /* 2 | * ***** BEGIN LICENSE BLOCK ***** 3 | * 4 | * RequestPolicy - A Firefox extension for control over cross-site requests. 5 | * Copyright (c) 2011 Justin Samuel 6 | * 7 | * This program is free software: you can redistribute it and/or modify it under 8 | * the terms of the GNU General Public License as published by the Free Software 9 | * Foundation, either version 3 of the License, or (at your option) any later 10 | * version. 11 | * 12 | * This program is distributed in the hope that it will be useful, but WITHOUT 13 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS 14 | * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more 15 | * details. 16 | * 17 | * You should have received a copy of the GNU General Public License along with 18 | * this program. If not, see . 19 | * 20 | * ***** END LICENSE BLOCK ***** 21 | */ 22 | 23 | var EXPORTED_SYMBOLS = ["Util"]; 24 | 25 | const CI = Components.interfaces; 26 | const CC = Components.classes; 27 | 28 | const FIREFOX_ID = "{ec8030f7-c20a-464f-9b0e-13a3a9e97384}"; 29 | 30 | var Util = { 31 | _versionComparator : CC["@mozilla.org/xpcom/version-comparator;1"] 32 | .getService(CI.nsIVersionComparator), 33 | 34 | appInfo : CC["@mozilla.org/xre/app-info;1"].getService(CI.nsIXULAppInfo), 35 | 36 | // These need to be set externally. Right now they're set from 37 | // RequestPolicyService._initVersionInfo(). 38 | curVersion : "0.0", 39 | lastVersion : "0.0", 40 | lastAppVersion : "0.0", 41 | 42 | // This is initialized by calling Util.initCurAppVersion(). 43 | curAppVersion : "0.0", 44 | 45 | initCurAppVersion : function() { 46 | this.curAppVersion = this.appInfo.version; 47 | }, 48 | 49 | compareVersions : function(v1, v2) { 50 | return this._versionComparator.compare(v1, v2); 51 | }, 52 | 53 | isFirefox : function() { 54 | return this.appInfo.ID == FIREFOX_ID; 55 | } 56 | } 57 | -------------------------------------------------------------------------------- /scripts/update_locales.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ############################################################################## 4 | # A script to replace the individual locale directories in our source tree 5 | # with the locale directories in an "X_all_locales_replaced.tar.gz" file 6 | # downloaded from babelzilla.org. That is, the archive that has the missing 7 | # translations replaced with the original English string. 8 | # 9 | # The script assumes that it is located in the the scripts/ directory, which 10 | # is at the same level as the src/ directory in version control. It uses this 11 | # assumption to determine where the locales are which need to be replaced. 12 | # 13 | # Usage: update_locales.sh RequestPolicy_all_locales_replaced.tar.gz 14 | # 15 | # The original tar.gz file passed as an argument is not deleted by this script. 16 | ############################################################################## 17 | 18 | # These are the locales to replace. Don't put en-US in the list. 19 | REPLACE_LOCALES="de eo es-MX eu fr it ja ko-KR lv-LV nl pt-BR ru-RU sk-SK sv-SE tr uk-UA zh-CN zh-TW" 20 | 21 | LOCALES_DIR="`dirname $0`/../src/locale" 22 | 23 | archive=$1 24 | 25 | if [ ! -f "$archive" ]; then 26 | echo "Usage: update_locales.sh RequestPolicy_all_locales_replaced.tar.gz" 27 | exit 1 28 | fi 29 | 30 | tmpdir=`mktemp -d` 31 | 32 | if [ ! -d "$tmpdir" ]; then 33 | echo "Failed creating temp directory. Exiting." 34 | exit 1 35 | fi 36 | 37 | cp $archive $tmpdir 38 | 39 | tar -C $tmpdir -xzf $archive 40 | 41 | for i in `echo $REPLACE_LOCALES`; do 42 | echo "Replacing $LOCALES_DIR/$i" 43 | if [ ! -d "$LOCALES_DIR/$i" ]; then 44 | "Locale directory $LOCALES_DIR/$i does not exist. Exiting." 45 | exit 1 46 | fi 47 | if [ ! -d "$tmpdir/$i" ]; then 48 | "Locale directory $tmpdir/$i does not exist (not in the extracted archive). Exiting." 49 | exit 1 50 | fi 51 | rm -rf $LOCALES_DIR/$i 52 | mv $tmpdir/$i $LOCALES_DIR 53 | done 54 | 55 | rm -rf $tmpdir 56 | 57 | -------------------------------------------------------------------------------- /src/LICENSE: -------------------------------------------------------------------------------- 1 | This file contains the license for RequestPolicy. 2 | 3 | It also lists license information for components and source 4 | code used by RequestPolicy. 5 | 6 | If you got this file as a part of a larger bundle, 7 | there may be other license terms that you should be aware of. 8 | 9 | =============================================================================== 10 | RequestPolicy is distributed under this license: 11 | 12 | Copyright (c) 2008, Justin Samuel. 13 | 14 | This program is free software: you can redistribute it and/or modify 15 | it under the terms of the GNU General Public License as published by 16 | the Free Software Foundation, either version 3 of the License, or 17 | (at your option) any later version. 18 | 19 | This program is distributed in the hope that it will be useful, 20 | but WITHOUT ANY WARRANTY; without even the implied warranty of 21 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 22 | GNU General Public License for more details. 23 | 24 | You should have received a copy of the GNU General Public License 25 | along with this program. If not, see . 26 | 27 | =============================================================================== 28 | The RequestPolicy flag logo and icon are based on the Crystal Project icons, 29 | which are available at . 30 | 31 | The Crystal Project icons are distributed under this license: 32 | 33 | Copyright (c) 2006-2007, Everaldo Coelho. 34 | 35 | This library is free software; you can redistribute it and/or 36 | modify it under the terms of the GNU Lesser General Public 37 | License as published by the Free Software Foundation; either 38 | version 2.1 of the License, or (at your option) any later version. 39 | 40 | This library is distributed in the hope that it will be useful, 41 | but WITHOUT ANY WARRANTY; without even the implied warranty of 42 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 43 | Lesser General Public License for more details. 44 | 45 | You should have received a copy of the GNU Lesser General Public 46 | License along with this library. If not, see . 47 | -------------------------------------------------------------------------------- /src/chrome.manifest: -------------------------------------------------------------------------------- 1 | content requestpolicy content/ 2 | resource requestpolicy modules/ 3 | skin requestpolicy classic/1.0 skin/ 4 | 5 | locale requestpolicy en-US locale/en-US/ 6 | locale requestpolicy de locale/de/ 7 | locale requestpolicy eo locale/eo/ 8 | locale requestpolicy es-MX locale/es-MX/ 9 | locale requestpolicy eu locale/eu/ 10 | locale requestpolicy fr locale/fr/ 11 | locale requestpolicy it locale/it/ 12 | locale requestpolicy ja locale/ja/ 13 | locale requestpolicy ko-KR locale/ko-KR/ 14 | locale requestpolicy lv-LV locale/lv-LV/ 15 | locale requestpolicy nl locale/nl/ 16 | locale requestpolicy pt-BR locale/pt-BR/ 17 | locale requestpolicy ru-RU locale/ru-RU/ 18 | locale requestpolicy sk-SK locale/sk-SK/ 19 | locale requestpolicy sv-SE locale/sv-SE/ 20 | locale requestpolicy tr locale/tr/ 21 | locale requestpolicy uk-UA locale/uk-UA/ 22 | locale requestpolicy zh-CN locale/zh-CN/ 23 | locale requestpolicy zh-TW locale/zh-TW/ 24 | 25 | style chrome://global/content/customizeToolbar.xul chrome://requestpolicy/skin/requestpolicy.css 26 | 27 | # Firefox 28 | overlay chrome://browser/content/browser.xul chrome://requestpolicy/content/overlay.xul 29 | # Seamonkey 30 | overlay chrome://navigator/content/navigatorOverlay.xul chrome://requestpolicy/content/overlay.xul 31 | # Songbird 32 | overlay chrome://songbird/content/xul/mainScriptsOverlay.xul chrome://requestpolicy/content/overlay.xul 33 | 34 | # Gecko 2 requires component and category registration via chrome.manifest. 35 | component {14027e96-1afb-4066-8846-e6c89b5faf3b} components/requestpolicyService.js 36 | contract @requestpolicy.com/requestpolicy-service;1 {14027e96-1afb-4066-8846-e6c89b5faf3b} 37 | category profile-after-change RequestPolicyService @requestpolicy.com/requestpolicy-service;1 38 | category content-policy RequestPolicyService @requestpolicy.com/requestpolicy-service;1 39 | interfaces components/nsIRequestPolicy.xpt 40 | -------------------------------------------------------------------------------- /src/chrome.manifest.devel: -------------------------------------------------------------------------------- 1 | content requestpolicy content/ 2 | resource requestpolicy modules/ 3 | skin requestpolicy classic/1.0 skin/ 4 | 5 | locale requestpolicy en-US locale/en-US/ 6 | locale requestpolicy de locale/de/ 7 | locale requestpolicy eo locale/eo/ 8 | locale requestpolicy es-MX locale/es-MX/ 9 | locale requestpolicy eu locale/eu/ 10 | locale requestpolicy fr locale/fr/ 11 | locale requestpolicy it locale/it/ 12 | locale requestpolicy ja locale/ja/ 13 | locale requestpolicy ko-KR locale/ko-KR/ 14 | locale requestpolicy lv-LV locale/lv-LV/ 15 | locale requestpolicy nl locale/nl/ 16 | locale requestpolicy pt-BR locale/pt-BR/ 17 | locale requestpolicy ru-RU locale/ru-RU/ 18 | locale requestpolicy sk-SK locale/sk-SK/ 19 | locale requestpolicy sv-SE locale/sv-SE/ 20 | locale requestpolicy tr locale/tr/ 21 | locale requestpolicy uk-UA locale/uk-UA/ 22 | locale requestpolicy zh-CN locale/zh-CN/ 23 | locale requestpolicy zh-TW locale/zh-TW/ 24 | 25 | style chrome://global/content/customizeToolbar.xul chrome://requestpolicy/skin/requestpolicy.css 26 | 27 | # Firefox 28 | overlay chrome://browser/content/browser.xul chrome://requestpolicy/content/overlay.xul 29 | # Seamonkey 30 | overlay chrome://navigator/content/navigatorOverlay.xul chrome://requestpolicy/content/overlay.xul 31 | # Songbird 32 | overlay chrome://songbird/content/xul/mainScriptsOverlay.xul chrome://requestpolicy/content/overlay.xul 33 | 34 | # Gecko 2 requires component and category registration via chrome.manifest. 35 | component {14027e96-1afb-4066-8846-e6c89b5faf3b} components/requestpolicyService.js 36 | contract @requestpolicy.com/requestpolicy-service;1 {14027e96-1afb-4066-8846-e6c89b5faf3b} 37 | category profile-after-change RequestPolicyService @requestpolicy.com/requestpolicy-service;1 38 | category content-policy RequestPolicyService @requestpolicy.com/requestpolicy-service;1 39 | interfaces components/nsIRequestPolicy.xpt 40 | -------------------------------------------------------------------------------- /src/chrome.manifest.packaging: -------------------------------------------------------------------------------- 1 | content requestpolicy jar:chrome/requestpolicy.jar!/content/ 2 | resource requestpolicy modules/ 3 | skin requestpolicy classic/1.0 jar:chrome/requestpolicy.jar!/skin/ 4 | 5 | locale requestpolicy en-US jar:chrome/requestpolicy.jar!/locale/en-US/ 6 | locale requestpolicy de jar:chrome/requestpolicy.jar!/locale/de/ 7 | locale requestpolicy eo jar:chrome/requestpolicy.jar!/locale/eo/ 8 | locale requestpolicy es-MX jar:chrome/requestpolicy.jar!/locale/es-MX/ 9 | locale requestpolicy eu jar:chrome/requestpolicy.jar!/locale/eu/ 10 | locale requestpolicy fr jar:chrome/requestpolicy.jar!/locale/fr/ 11 | locale requestpolicy it jar:chrome/requestpolicy.jar!/locale/it/ 12 | locale requestpolicy ja jar:chrome/requestpolicy.jar!/locale/ja/ 13 | locale requestpolicy ko-KR jar:chrome/requestpolicy.jar!/locale/ko-KR/ 14 | locale requestpolicy lv-LV jar:chrome/requestpolicy.jar!/locale/lv-LV/ 15 | locale requestpolicy nl jar:chrome/requestpolicy.jar!/locale/nl/ 16 | locale requestpolicy pt-BR jar:chrome/requestpolicy.jar!/locale/pt-BR/ 17 | locale requestpolicy ru-RU jar:chrome/requestpolicy.jar!/locale/ru-RU/ 18 | locale requestpolicy sk-SK jar:chrome/requestpolicy.jar!/locale/sk-SK/ 19 | locale requestpolicy sv-SE jar:chrome/requestpolicy.jar!/locale/sv-SE/ 20 | locale requestpolicy tr jar:chrome/requestpolicy.jar!/locale/tr/ 21 | locale requestpolicy uk-UA jar:chrome/requestpolicy.jar!/locale/uk-UA/ 22 | locale requestpolicy zh-CN jar:chrome/requestpolicy.jar!/locale/zh-CN/ 23 | locale requestpolicy zh-TW jar:chrome/requestpolicy.jar!/locale/zh-TW/ 24 | 25 | style chrome://global/content/customizeToolbar.xul chrome://requestpolicy/skin/requestpolicy.css 26 | 27 | # Firefox 28 | overlay chrome://browser/content/browser.xul chrome://requestpolicy/content/overlay.xul 29 | # Seamonkey 30 | overlay chrome://navigator/content/navigatorOverlay.xul chrome://requestpolicy/content/overlay.xul 31 | # Songbird 32 | overlay chrome://songbird/content/xul/mainScriptsOverlay.xul chrome://requestpolicy/content/overlay.xul 33 | 34 | # Gecko 2 requires component and category registration via chrome.manifest. 35 | component {14027e96-1afb-4066-8846-e6c89b5faf3b} components/requestpolicyService.js 36 | contract @requestpolicy.com/requestpolicy-service;1 {14027e96-1afb-4066-8846-e6c89b5faf3b} 37 | category profile-after-change RequestPolicyService @requestpolicy.com/requestpolicy-service;1 38 | category content-policy RequestPolicyService @requestpolicy.com/requestpolicy-service;1 39 | interfaces components/nsIRequestPolicy.xpt 40 | -------------------------------------------------------------------------------- /src/install.rdf: -------------------------------------------------------------------------------- 1 | 2 | 3 | 5 | 6 | 7 | RequestPolicy 8 | 0.5.28 9 | 2 10 | Control which cross-site requests are allowed. Improve the privacy of your browsing. Secure yourself from Cross-Site Request Forgery (CSRF) and other attacks. 11 | Justin Samuel 12 | requestpolicy@requestpolicy.com 13 | http://www.requestpolicy.com/ 14 | chrome://requestpolicy/content/prefWindow.xul 15 | chrome://requestpolicy/skin/requestpolicy-icon-32.png 16 | 17 | myahoo (French translation) 18 | Team erweiterungen.de (German translation) 19 | Archaeopteryx (German translation) 20 | petruc (Portuguese [Brazil] translation) 21 | Sumin Byeon (Korean translation) 22 | pedro arana matus (Spanish [Mexico] translation) 23 | Володимир Савчук / Volodymyr Savchuk (Ukrainian translation) 24 | markh van BabelZilla.org (Dutch translation) 25 | alpmild (Russian translation) 26 | yfdyh000 (Chinese [simplified] translation) 27 | nikneyim (Turkish translation) 28 | Anonymous (Japanese translation) 29 | Aleksej R. Serdjukov kaj babilejanoj (Esperanto translation) 30 | Natanael_L01 (Swedish translation) 31 | James (Silencer) (Chinese [traditional] translation) 32 | Antxon Baldarra (Basque translation) 33 | Random (Italian translation) 34 | Jacen (Slovak translation) 35 | Brad Horrocks 36 | Aleksandrs Ļedovskis (Latvian translation) 37 | 38 | 39 | 40 | 41 | {ec8030f7-c20a-464f-9b0e-13a3a9e97384} 42 | 4.0 43 | 26.0 44 | 45 | 46 | 47 | 48 | 49 | 50 | {92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a} 51 | 2.1 52 | 2.23 53 | 54 | 55 | 56 | 57 | 58 | -------------------------------------------------------------------------------- /src/components/nsIRequestPolicy.idl: -------------------------------------------------------------------------------- 1 | #include "nsISupports.idl" 2 | 3 | interface nsIDOMElement; 4 | interface nsIPrefBranch; 5 | 6 | [scriptable, uuid(14027e96-1afb-4066-8846-e6c89b5faf3b)] 7 | interface nsIRequestPolicy : nsISupports 8 | { 9 | AString getUriIdentifier(in AString uri); 10 | 11 | void registerHistoryRequest(in AString destinationUri); 12 | void registerFormSubmitted(in AString originUri, in AString destinationUri); 13 | void registerLinkClicked(in AString originUri, in AString destinationUri); 14 | void registerAllowedRedirect(in AString originUri, in AString destinationUri); 15 | 16 | void temporarilyAllowOrigin(in AString siteIdentifier); 17 | boolean isTemporarilyAllowedOrigin(in AString siteIdentifier); 18 | 19 | void allowOrigin(in AString siteIdentifier); 20 | void allowOriginDelayStore(in AString siteIdentifier); 21 | boolean isAllowedOrigin(in AString siteIdentifier); 22 | 23 | void temporarilyAllowDestination(in AString siteIdentifier); 24 | boolean isTemporarilyAllowedDestination(in AString siteIdentifier); 25 | 26 | void allowDestination(in AString siteIdentifier); 27 | void allowDestinationDelayStore(in AString siteIdentifier); 28 | boolean isAllowedDestination(in AString siteIdentifier); 29 | 30 | void temporarilyAllowOriginToDestination(in AString originIdentifier, in AString destinationIdentifier); 31 | boolean isTemporarilyAllowedOriginToDestination(in AString originIdentifier, in AString destinationIdentifier); 32 | 33 | void allowOriginToDestination(in AString originIdentifier, in AString destinationIdentifier); 34 | void allowOriginToDestinationDelayStore(in AString originIdentifier, in AString destinationIdentifier); 35 | boolean isAllowedOriginToDestination(in AString originIdentifier, in AString destinationIdentifier); 36 | 37 | void storeAllPreferenceLists(); 38 | 39 | void revokeTemporaryPermissions(); 40 | boolean areTemporaryPermissionsGranted(); 41 | 42 | void forbidOrigin(in AString siteIdentifier); 43 | void forbidOriginDelayStore(in AString siteIdentifier); 44 | 45 | void forbidDestination(in AString siteIdentifier); 46 | void forbidDestinationDelayStore(in AString siteIdentifier); 47 | 48 | void forbidOriginToDestination(in AString originIdentifier, in AString destinationIdentifier); 49 | void forbidOriginToDestinationDelayStore(in AString originIdentifier, in AString destinationIdentifier); 50 | 51 | /* 52 | * Tells RequestPolicy that blocked requests to newDestUri should be 53 | * additionally checked as if they were requests to origDestUri. This can be 54 | * used by extensions that rewrite destinations which RequestPolicy would 55 | * have originally recognized as allowed link clicks, form submissions, etc. 56 | * 57 | * @param origDestUri The original destination URI. 58 | * @param newDestUri The new destination URI. 59 | */ 60 | void mapDestinations(in AString origDestUri, in AString newDestUri); 61 | 62 | boolean isAllowedRedirect(in AString originUri, in AString destinationUri); 63 | 64 | boolean isPrefetchEnabled(); 65 | boolean isBlockingDisabled(); 66 | boolean isPrivateBrowsingEnabled(); 67 | 68 | boolean originHasRejectedRequests(in AString originUri); 69 | boolean originHasRejectedRequestsRecursive(in AString originUri); 70 | 71 | readonly attribute nsIPrefBranch prefs; 72 | }; 73 | -------------------------------------------------------------------------------- /src/content/requestLog.xul: -------------------------------------------------------------------------------- 1 | 2 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 |