cull paths unlikely to escape & add strictRewrites flag

2025-05-13 22:40:01 -04:00 · 2024-10-20 12:05:04 -04:00 · 2024-10-20 12:05:04 -04:00 · bdf5fd4f95
commit bdf5fd4f95
parent ba0aa479f0
6 changed files with 25 additions and 7 deletions
--- a/rewriter/src/lib.rs
+++ b/rewriter/src/lib.rs
@ -75,6 +75,7 @@ fn get_config(scramjet: &Object, url: &str) -> Config {
 		do_sourcemaps: get_flag(scramjet, url, "sourcemaps"),
 		capture_errors: get_flag(scramjet, url, "captureErrors"),
 		scramitize: get_flag(scramjet, url, "scramitize"),
+		strict_rewrites: get_flag(scramjet, url, "strictRewrites"),
 	}
 }

--- a/rewriter/src/main.rs
+++ b/rewriter/src/main.rs
@ -124,6 +124,7 @@ fn dorewrite(source_text: &str) -> String {
 				capture_errors: true,
 				do_sourcemaps: true,
 				scramitize: false,
+				strict_rewrites: false,
 			},
 		)
 		.as_slice(),
--- a/rewriter/src/rewrite.rs
+++ b/rewriter/src/rewrite.rs
@ -35,7 +35,7 @@ pub type EncodeFn = Box<dyn Fn(String) -> String>;
 struct Rewriter {
 	jschanges: Vec<JsChange>,
 	base: Url,
-	config: Config,
+	config: Confistrig,
 }

 pub struct Config {
@ -52,6 +52,7 @@ pub struct Config {
 	pub capture_errors: bool,
 	pub scramitize: bool,
 	pub do_sourcemaps: bool,
+	pub strict_rewrites: bool,
 }

 impl Rewriter {
@ -128,6 +129,18 @@ impl<'a> Visit<'a> for Rewriter {
 					return; // unwise to walk the rest of the tree
 				}

+				if !self.config.strict_rewrites
+					&& !UNSAFE_GLOBALS.contains(&s.property.name.as_str())
+				{
+					if let Expression::Identifier(i) = &s.object {
+						// cull tree - this should be safe
+						return;
+					}
+					if let Expression::ThisExpression(_) = &s.object {
+						return;
+					}
+				}
+
 				if self.config.scramitize
 					&& !matches!(s.object, Expression::MetaProperty(_))
 					&& !matches!(s.object, Expression::Super(_))
--- a/src/client/shared/err.ts
+++ b/src/client/shared/err.ts
@ -45,12 +45,13 @@ export default function (client: ScramjetClient, self: typeof globalThis) {

 	client.Proxy("Promise.prototype.catch", {
 		apply(ctx) {
-			ctx.args[0] = new Proxy(ctx.args[0], {
-				apply(target, thisArg, argArray) {
-					// console.warn("CAUGHT PROMISE REJECTION", argArray);
-					Reflect.apply(target, thisArg, argArray);
-				},
-			});
+			if (ctx.args[0])
+				ctx.args[0] = new Proxy(ctx.args[0], {
+					apply(target, thisArg, argArray) {
+						// console.warn("CAUGHT PROMISE REJECTION", argArray);
+						Reflect.apply(target, thisArg, argArray);
+					},
+				});
 		},
 	});
 }
--- a/src/controller/index.ts
+++ b/src/controller/index.ts
@ -29,6 +29,7 @@ export class ScramjetController {
 				serviceworkers: false,
 				naiiveRewriter: false,
 				captureErrors: true,
+				strictRewrites: false,
 				syncxhr: false,
 				cleanerrors: false,
 				scramitize: false,
--- a/src/types.d.ts
+++ b/src/types.d.ts
@ -27,6 +27,7 @@ type ScramjetFlags = {
 	serviceworkers: boolean;
 	naiiveRewriter: boolean;
 	captureErrors: boolean;
+	strictRewrites: boolean;
 	cleanerrors: boolean;
 	scramitize: boolean;
 	sourcemaps: boolean;