Skip to content

Commit ae78683

Browse files
MartiiMartii
committed
GDPR13C
* SEO only allowed sites for user content areas. TOS enforcement. NOTE(s): * `google.com` is explicitly not included as domain is too broad for all services worldwide * May alter this list Post OpenUserJS#1508
1 parent 49a72e0 commit ae78683

File tree

6 files changed

+50
-6
lines changed

6 files changed

+50
-6
lines changed

app.js

+1-1
Original file line numberDiff line numberDiff line change
@@ -203,7 +203,7 @@ app.use(function (aReq, aRes, aNext) {
203203
aRes.oujsOptions.DNT = aReq.get('DNT') === '1' || aReq.get('DNT') === 'yes' ? true : false;
204204

205205
// Middleware for GDPR Notice
206-
aRes.oujsOptions.hideReminderGDPR = isSameOrigin(referer);
206+
aRes.oujsOptions.hideReminderGDPR = isSameOrigin(referer).result;
207207

208208
//
209209
if (

controllers/script.js

+1-1
Original file line numberDiff line numberDiff line change
@@ -126,7 +126,7 @@ var getScriptPageTasks = function (aOptions) {
126126
aOptions.script.homepages.unshift({
127127
url: aElement.value,
128128
text: decode(aElement.value),
129-
isSameOrigin: isSameOrigin(aElement.value)
129+
isSameOrigin: isSameOrigin(aElement.value).result
130130
});
131131

132132
}

libs/helpers.js

+4-1
Original file line numberDiff line numberDiff line change
@@ -240,5 +240,8 @@ exports.isSameOrigin = function (aUrl) {
240240
}
241241
}
242242

243-
return sameOrigin;
243+
return {
244+
result: sameOrigin,
245+
URL: url
246+
};
244247
}

libs/htmlWhitelistFollow.json

+22
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
[
2+
"copyright.gov",
3+
"chromium.org",
4+
"fsf.org",
5+
"ghacks.net",
6+
"github.com",
7+
"gitlab.com",
8+
"gnu.org",
9+
"greasespot.net",
10+
"greasyfork.org",
11+
"opensource.org",
12+
"mozilla.org",
13+
"mozillazine.org",
14+
"microsoft.com",
15+
"oujs.org",
16+
"sf.net",
17+
"sourceforge.net",
18+
"spdx.org",
19+
"tampermonkey.net",
20+
"userscripts-mirror.org",
21+
"wikipedia.org"
22+
]

libs/markdown.js

+21-2
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@ var jsdom = require("jsdom");
1717
var { JSDOM } = jsdom;
1818

1919
var htmlWhitelistPost = require('./htmlWhitelistPost.json');
20+
var htmlWhitelistFollow = require('./htmlWhitelistFollow.json');
2021
var renderer = new marked.Renderer();
2122
var blockRenderers = [
2223
'blockquote',
@@ -63,14 +64,32 @@ function externalPolicy(aTagName, aAttribs) {
6364
'preconnect',
6465
'prefetch'
6566
];
67+
var obj = null;
68+
var dn = null;
69+
var matches = null;
6670

6771
switch (aTagName) {
6872
case 'a':
69-
if (!isSameOrigin(aAttribs.href)) {
73+
obj = isSameOrigin(aAttribs.href);
74+
if (!obj.result) {
7075
attribRelAdd.push('external');
7176
attribRelAdd.push('noreferrer');
7277
attribRelAdd.push('noopener');
73-
// attribRelAdd.push('nofollow'); // NOTE: Disabled for now
78+
79+
if (obj.URL) {
80+
matches = obj.URL.hostname.match(/\.?(.*?\..*)$/);
81+
if (matches) {
82+
dn = matches[1];
83+
84+
if (htmlWhitelistFollow.indexOf(dn) === -1) {
85+
attribRelAdd.push('nofollow');
86+
}
87+
} else {
88+
attribRelAdd.push('nofollow');
89+
}
90+
} else {
91+
attribRelAdd.push('nofollow');
92+
}
7493

7594
return {
7695
tagName: aTagName,

libs/modelParser.js

+1-1
Original file line numberDiff line numberDiff line change
@@ -290,7 +290,7 @@ var parseScript = function (aScript) {
290290
script.support = [{
291291
url: supportURL,
292292
text: decode(supportURL),
293-
isSameOrigin: isSameOrigin(supportURL)
293+
isSameOrigin: isSameOrigin(supportURL).result
294294
}];
295295

296296
}

0 commit comments

Comments
 (0)