profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/sammacbeth/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.

duckduckgo/duckduckgo-privacy-extension 810

DuckDuckGo Privacy Essentials browser extension for Firefox, Chrome.

datproject/hyperdiscovery 134

DEPRECATED: see hyperswarm/replicator for similar functionality with hypercore

cliqz-oss/re-consent 105

Consent-management browser extension

cliqz-oss/browser-core 92

Cliqz features, shared across products including Cliqz browsers for Windows, Mac, Android and iOS

duckduckgo/tracker-radar-collector 73

🕸 Modular, multithreaded, puppeteer-based crawler

ghostery/user-agent-desktop 18

Ghostery Desktop Browser

duckduckgo/privacy-test-pages 16

🛡 Collection of pages for testing various privacy and security features of browsers and browser extensions.

create barnchsammacbeth/browser-core

branch : next-overlay

created branch time in 12 days

fork sammacbeth/browser-core

Cliqz features, shared across products including Cliqz browsers for Windows, Mac, Android and iOS

https://cliqz.com

fork in 13 days

create barnchsammacbeth/duckduckgo-privacy-extension

branch : sam/playwright

created branch time in a month

push eventsammacbeth/duckduckgo-privacy-extension

Sam Macbeth

commit sha ace29c9945d7a4db6bdd00bf22572b4ab79c8d24

Check expected size of exception lists after edit

view details

push time in a month

push eventsammacbeth/duckduckgo-privacy-extension

Sam Macbeth

commit sha 79a6d2091726853eddc78cedd7c955012043fd17

Fix dev build

view details

push time in a month

PR opened duckduckgo/duckduckgo-privacy-extension

Reviewers
Remove legacy test extension

<!-- Please add the WIP label if the PR isn't complete. -->

Reviewer:

<!-- Optional fields CC: Depends on: -->

Description:

We're not using this anymore so let's clean it up.

Steps to test this PR:

<!-- List steps to test it manually

  1. <STEP 1> -->

Automated tests:

  • [ ] Unit tests
  • [ ] Integration tests
Reviewer Checklist:
  • [ ] Ensure the PR solves the problem
  • [ ] Review every line of code
  • [ ] Ensure the PR does no harm by testing the changes thoroughly
  • [ ] Get help if you're uncomfortable with any of the above!
  • [ ] Determine if there are any quick wins that improve the implementation
PR Author Checklist:
  • [ ] Get advice or leverage existing code
  • [ ] Agree on technical approach with reviewer (if the changes are nuanced)
  • [ ] Ensure that there is a testing strategy (and documented non-automated tests)
  • [ ] Ensure there is a documented monitoring strategy (if necessary)
  • [ ] Consider systems implications
+0 -18715

0 comment

32 changed files

pr created time in a month

push eventsammacbeth/duckduckgo-privacy-extension

Sam Macbeth

commit sha ce2f47eed10ec1996afe57ef54a9fbe13e6ab2ac

Check expected size of exception lists after edit

view details

push time in a month

push eventsammacbeth/duckduckgo-privacy-extension

dependabot[bot]

commit sha ba33b799eca1f9b7555add2a01b5dc6695e4743f

Bump @rollup/plugin-commonjs from 19.0.1 to 20.0.0 (#813) Bumps [@rollup/plugin-commonjs](https://github.com/rollup/plugins/tree/HEAD/packages/commonjs) from 19.0.1 to 20.0.0. - [Release notes](https://github.com/rollup/plugins/releases) - [Changelog](https://github.com/rollup/plugins/blob/master/packages/commonjs/CHANGELOG.md) - [Commits](https://github.com/rollup/plugins/commits/commonjs-v20.0.0/packages/commonjs) --- updated-dependencies: - dependency-name: "@rollup/plugin-commonjs" dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha 5feb16a277a3980a777b3881b7946dba249c3fa9

Bump yargs from 17.1.0 to 17.1.1 (#812) Bumps [yargs](https://github.com/yargs/yargs) from 17.1.0 to 17.1.1. - [Release notes](https://github.com/yargs/yargs/releases) - [Changelog](https://github.com/yargs/yargs/blob/master/CHANGELOG.md) - [Commits](https://github.com/yargs/yargs/compare/v17.1.0...v17.1.1) --- updated-dependencies: - dependency-name: yargs dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha b4b4dd2a09a262bc909c0c2d2a6ee03d502b63c5

Bump rollup from 2.48.0 to 2.56.2 (#811) Bumps [rollup](https://github.com/rollup/rollup) from 2.48.0 to 2.56.2. - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](https://github.com/rollup/rollup/compare/v2.48.0...v2.56.2) --- updated-dependencies: - dependency-name: rollup dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha e23af82c933b083346a305c8150518e7b46c510a

Bump sass from 1.37.0 to 1.38.0 (#814) Bumps [sass](https://github.com/sass/dart-sass) from 1.37.0 to 1.38.0. - [Release notes](https://github.com/sass/dart-sass/releases) - [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md) - [Commits](https://github.com/sass/dart-sass/compare/1.37.0...1.38.0) --- updated-dependencies: - dependency-name: sass dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha d8d20e30ce5952aceb9b9de52a42e29c6936a594

Bump @babel/node from 7.14.7 to 7.14.9 (#809) Bumps [@babel/node](https://github.com/babel/babel/tree/HEAD/packages/babel-node) from 7.14.7 to 7.14.9. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.14.9/packages/babel-node) --- updated-dependencies: - dependency-name: "@babel/node" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

Sam Macbeth

commit sha d4b1d7e583f729235c7ea4f921d7b12ede9793d9

Tests for 3rd party JS cookie blocking (#799) * Add tests for 3rd party JS cookie blocking * Support JS cookie blocking in debugger panel * Remove log * Use bring to front to focus test page * Use separate browser instances for tests * lint * Drop waiting * Add a little bit of waiting * Typo * Add a description for the test

view details

Sam Macbeth

commit sha fa94512b0ed889fa7b9c58c91aa4a406a615b1b1

Extract common testing functions

view details

Sam Macbeth

commit sha 8d08ba61e6645c4165ef8dc09ea1eb42145bd4ba

Add test for when feature is disabled for site.

view details

Sam Macbeth

commit sha 8d393a5c8567b06cde97edeac0cdcc03595c9c04

Test trackerCookies1p disabled for site.

view details

Sam Macbeth

commit sha f532738d7490fe6fc303fede9e851e74d67e491f

Ensure config doesn't need update during tests

view details

Sam Macbeth

commit sha d8079ad65759e9a26443a41f50ee57ad5e157b22

Check expected size of exception lists after edit

view details

push time in a month

push eventsammacbeth/duckduckgo-privacy-extension

Sam Macbeth

commit sha 54a46a597975e0aa948175c09d5e3d41b845e2d4

Check for race condition - do some arbitrary waiting

view details

push time in a month

push eventsammacbeth/duckduckgo-privacy-extension

Sam Macbeth

commit sha 35e176911ed55334cf97f7e3137370df4621a1aa

Ensure config doesn't need update during tests

view details

push time in a month

push eventduckduckgo/duckduckgo-privacy-extension

Sam Macbeth

commit sha d4b1d7e583f729235c7ea4f921d7b12ede9793d9

Tests for 3rd party JS cookie blocking (#799) * Add tests for 3rd party JS cookie blocking * Support JS cookie blocking in debugger panel * Remove log * Use bring to front to focus test page * Use separate browser instances for tests * lint * Drop waiting * Add a little bit of waiting * Typo * Add a description for the test

view details

push time in a month

PR merged duckduckgo/duckduckgo-privacy-extension

Tests for 3rd party JS cookie blocking

<!-- Please add the WIP label if the PR isn't complete. -->

Reviewer:

<!-- Optional fields CC: Depends on: -->

Description:

Tests for the fix in #797 . The issue however was only happening in Firefox, so the test doesn't actually surface the issue when the patch is removed. However the tests do show the steps to reproduce the issue in Firefox. There does seem to be a different periodic failure related to 3rd party JS cookie blocking on chrome though: https://github.com/duckduckgo/duckduckgo-privacy-extension/runs/3302776725?check_suite_focus=true

Steps to test this PR:

<!-- List steps to test it manually

  1. <STEP 1> -->

Automated tests:

  • [ ] Unit tests
  • [ ] Integration tests
Reviewer Checklist:
  • [ ] Ensure the PR solves the problem
  • [ ] Review every line of code
  • [ ] Ensure the PR does no harm by testing the changes thoroughly
  • [ ] Get help if you're uncomfortable with any of the above!
  • [ ] Determine if there are any quick wins that improve the implementation
PR Author Checklist:
  • [ ] Get advice or leverage existing code
  • [ ] Agree on technical approach with reviewer (if the changes are nuanced)
  • [ ] Ensure that there is a testing strategy (and documented non-automated tests)
  • [ ] Ensure there is a documented monitoring strategy (if necessary)
  • [ ] Consider systems implications
+125 -78

0 comment

2 changed files

sammacbeth

pr closed time in a month

push eventsammacbeth/duckduckgo-privacy-extension

Sam Macbeth

commit sha 23f598643d7ca904a0f4f4d7847fed41ce54eec7

Test trackerCookies1p disabled for site.

view details

push time in a month

push eventsammacbeth/duckduckgo-privacy-extension

Sam Macbeth

commit sha d6c10be99ecd319ac9d2865b4d1dbb7b39948f8f

Drop waiting

view details

Sam Macbeth

commit sha f809e7d6e2bdd4ba15591e63156b6d07fd6b8863

Add a little bit of waiting

view details

Sam Macbeth

commit sha 94240ac7b74417a76f920caeeec609ac4d562e76

Typo

view details

Sam Macbeth

commit sha 1db29b2ef4c884f128d756356e6d93c29d09df64

Add a description for the test

view details

Sam Macbeth

commit sha edf4cab2427fe4582507cf18bd9eb1cff783ac11

Extract common testing functions

view details

Sam Macbeth

commit sha 36e7255c6c7854f8f6473a39757ccadfa686f8ab

Add test for when feature is disabled for site.

view details

push time in a month

push eventsammacbeth/duckduckgo-privacy-extension

Sam Macbeth

commit sha 1db29b2ef4c884f128d756356e6d93c29d09df64

Add a description for the test

view details

push time in a month

delete branch sammacbeth/privacy-test-pages

delete branch : sam/js-leaks

delete time in a month

PR merged duckduckgo/privacy-test-pages

Add test page for global JS leaks

https://app.asana.com/0/1186013049913869/1200703914275433/f

Adds a new test page that compares window to vanilla browsers to see if changes to JS globals are detectable.

+13231 -0

1 comment

9 changed files

sammacbeth

pr closed time in a month

push eventduckduckgo/privacy-test-pages

Sam Macbeth

commit sha 7dad2185fd10569d2e242b1b1f73574c25fbdd36

Add test page for global JS leaks (#52) * Page to show leaks in changes to global JS scope * Add link from home * Addressing review comments * Update Safari profile * Update security/leaks.js Co-authored-by: Konrad Dzwinel <kdzwinel@gmail.com> * Add download buttons * Fix linting Co-authored-by: Konrad Dzwinel <kdzwinel@gmail.com>

view details

push time in a month

push eventsammacbeth/duckduckgo-privacy-extension

Sam Macbeth

commit sha 94240ac7b74417a76f920caeeec609ac4d562e76

Typo

view details

push time in a month

Pull request review commentduckduckgo/duckduckgo-privacy-extension

Tests for 3rd party JS cookie blocking

 describe(`On https://${testPageDomain}/privacy-protections/storage-blocking/`, (             },             { polling: 100, timeout: 10000 }         )+        return { browser, page }+    }++    describe(`On https://${testPageDomain}/privacy-protections/storage-blocking/`, () => {+        let cookies = [] -        let iframeFullyLoaded = false-        try {-            page.on('requestfinished', (req) => {-                // once we see this url, we can consider the test completed-                if (req.url().startsWith(`https://${thirdPartyTracker}/set-cookie`)) {-                    iframeFullyLoaded = true+        beforeAll(async () => {+            let iframeFullyLoaded = false+            const { browser, page } = await setup()+            try {+                page.on('requestfinished', (req) => {+                    // once we see this url, we can consider the test completed+                    if (req.url().startsWith(`https://${thirdPartyTracker}/set-cookie`)) {+                        iframeFullyLoaded = true+                    }+                })+                // Load the test pages home first to give some time for the extension background to start+                // and register the content-script-message handler+                await page.goto(`https://${testPageDomain}/`, { waitUntil: 'networkidle0' })+                await page.bringToFront()+                await page.goto(`https://${testPageDomain}/privacy-protections/storage-blocking/?store`, { waitUntil: 'networkidle0' })+                await page.bringToFront()+                // eslint-disable-next-line no-unmodified-loop-condition+                while (!iframeFullyLoaded) {

It seems to now work using only waitUntil: 'networkidle2'.

sammacbeth

comment created time in a month

PullRequestReviewEvent

push eventsammacbeth/duckduckgo-privacy-extension

Sam Macbeth

commit sha f809e7d6e2bdd4ba15591e63156b6d07fd6b8863

Add a little bit of waiting

view details

push time in a month

push eventsammacbeth/duckduckgo-privacy-extension

Sam Macbeth

commit sha d6c10be99ecd319ac9d2865b4d1dbb7b39948f8f

Drop waiting

view details

push time in a month

push eventsammacbeth/duckduckgo-privacy-extension

Sam Macbeth

commit sha 0ce85045f68b1b7dd1b70b13bcc2b5eb4fef9be4

Use waitForRequest for storage tests.

view details

push time in a month

push eventsammacbeth/duckduckgo-privacy-extension

Sam Macbeth

commit sha 687480815c4a864fe286e43cd6695c9628e3d562

Use waitForRequest for storage tests.

view details

push time in a month

Pull request review commentduckduckgo/duckduckgo-privacy-extension

Tests for 3rd party JS cookie blocking

-import { defineProperty } from './utils'+import { defineProperty, postDebugMessage } from './utils' -function blockCookies () {+function blockCookies (debug) {     // disable setting cookies     defineProperty(document, 'cookie', {         configurable: false,-        set: function (value) { },-        get: () => ''+        set: function (value) {+            if (debug) {+                postDebugMessage('jscookie', {+                    action: 'block',+                    reason: 'tracker frame',+                    documentUrl: document.location.href,+                    scriptOrigins: [],+                    value: value+                })

These are for the debugger panel, yes.

sammacbeth

comment created time in a month

PullRequestReviewEvent

Pull request review commentduckduckgo/duckduckgo-privacy-extension

Tests for 3rd party JS cookie blocking

 describe(`On https://${testPageDomain}/privacy-protections/storage-blocking/`, (             },             { polling: 100, timeout: 10000 }         )+        return { browser, page }+    }++    describe(`On https://${testPageDomain}/privacy-protections/storage-blocking/`, () => {+        let cookies = [] -        let iframeFullyLoaded = false-        try {-            page.on('requestfinished', (req) => {-                // once we see this url, we can consider the test completed-                if (req.url().startsWith(`https://${thirdPartyTracker}/set-cookie`)) {-                    iframeFullyLoaded = true+        beforeAll(async () => {+            let iframeFullyLoaded = false+            const { browser, page } = await setup()+            try {+                page.on('requestfinished', (req) => {+                    // once we see this url, we can consider the test completed+                    if (req.url().startsWith(`https://${thirdPartyTracker}/set-cookie`)) {+                        iframeFullyLoaded = true+                    }+                })+                // Load the test pages home first to give some time for the extension background to start+                // and register the content-script-message handler+                await page.goto(`https://${testPageDomain}/`, { waitUntil: 'networkidle0' })+                await page.bringToFront()+                await page.goto(`https://${testPageDomain}/privacy-protections/storage-blocking/?store`, { waitUntil: 'networkidle0' })+                await page.bringToFront()+                // eslint-disable-next-line no-unmodified-loop-condition+                while (!iframeFullyLoaded) {+                    await wait.ms(100)                 }-            })-            // Load the test pages home first to give some time for the extension background to start-            // and register the content-script-message handler-            await page.goto(`https://${testPageDomain}/`, { waitUntil: 'networkidle0' })-            await page.goto(`https://${testPageDomain}/privacy-protections/storage-blocking/?store`, { waitUntil: 'networkidle0' })-            // eslint-disable-next-line no-unmodified-loop-condition-            while (!iframeFullyLoaded) {-                await wait.ms(100)+                // collect all browser cookies+                do {+                    await wait.ms(1000) // allow cookies to be set+                    cookies = (await page._client.send('Network.getAllCookies')).cookies+                } while (cookies.length === 0)+            } finally {+                await page.close()+                await harness.teardown(browser)             }-            // collect all browser cookies-            do {-                await wait.ms(1000) // allow cookies to be set-                cookies = (await page._client.send('Network.getAllCookies')).cookies-            } while (cookies.length === 0)-        } finally {-            await page.close()-        }-        await harness.teardown(browser)-    })+        }) -    it('does not block 1st party HTTP cookies', () => {-        const headerCookie = cookies.find(({ name, domain }) => name === 'headerdata' && domain === testPageDomain)-        expect(headerCookie).toBeTruthy()-        expect(headerCookie.expires).toBeGreaterThan(Date.now() / 1000)-    })+        it('does not block 1st party HTTP cookies', () => {+            const headerCookie = cookies.find(({ name, domain }) => name === 'headerdata' && domain === testPageDomain)+            expect(headerCookie).toBeTruthy()+            expect(headerCookie.expires).toBeGreaterThan(Date.now() / 1000)+        }) -    it('does not block 3rd party HTTP cookies not on block list', async () => {-        const headerCookie = cookies.find(({ name, domain }) => name === 'headerdata' && domain === thirdPartyDomain)-        expect(headerCookie).toBeTruthy()-        expect(headerCookie.expires).toBeGreaterThan(Date.now() / 1000)-    })+        it('does not block 3rd party HTTP cookies not on block list', () => {+            const headerCookie = cookies.find(({ name, domain }) => name === 'headerdata' && domain === thirdPartyDomain)+            expect(headerCookie).toBeTruthy()+            expect(headerCookie.expires).toBeGreaterThan(Date.now() / 1000)+        }) -    it('blocks 3rd party HTTP cookies for trackers', async () => {-        const headerCookie = cookies.find(({ name, domain }) => name === 'headerdata' && domain === thirdPartyTracker)-        expect(headerCookie).toBeUndefined()-    })+        it('blocks 3rd party HTTP cookies for trackers', () => {+            const headerCookie = cookies.find(({ name, domain }) => name === 'headerdata' && domain === thirdPartyTracker)+            expect(headerCookie).toBeUndefined()+        }) -    it('does not block 1st party JS cookies', () => {-        const jsCookie = cookies.find(({ name, domain }) => name === 'jsdata' && domain === testPageDomain)-        expect(jsCookie).toBeTruthy()-        expect(jsCookie.expires).toBeGreaterThan(Date.now() / 1000)-    })+        it('does not block 1st party JS cookies', () => {+            const jsCookie = cookies.find(({ name, domain }) => name === 'jsdata' && domain === testPageDomain)+            expect(jsCookie).toBeTruthy()+            expect(jsCookie.expires).toBeGreaterThan(Date.now() / 1000)+        }) -    it('does not block 3rd party JS cookies not on block list', async () => {-        const jsCookie = cookies.find(({ name, domain }) => name === 'jsdata' && domain === thirdPartyDomain)-        expect(jsCookie).toBeTruthy()-        expect(jsCookie.expires).toBeGreaterThan(Date.now() / 1000)-    })+        it('does not block 3rd party JS cookies not on block list', () => {+            const jsCookie = cookies.find(({ name, domain }) => name === 'jsdata' && domain === thirdPartyDomain)+            expect(jsCookie).toBeTruthy()+            expect(jsCookie.expires).toBeGreaterThan(Date.now() / 1000)+        })++        it('blocks 3rd party JS cookies from trackers', () => {+            const headerCookie = cookies.find(({ name, domain }) => name === 'jsdata' && domain === thirdPartyTracker)+            expect(headerCookie).toBeUndefined()+        }) -    it('does not block 1st party JS cookies set by non-trackers', () => {-        const jsCookie = cookies.find(({ name, domain }) => name === 'tpsdata' && domain === testPageDomain)-        expect(jsCookie).toBeTruthy()-        expect(jsCookie.expires).toBeGreaterThan(Date.now() / 1000 + 950400) // 11 days in the future+        it('does not block 1st party JS cookies set by non-trackers', () => {+            const jsCookie = cookies.find(({ name, domain }) => name === 'tpsdata' && domain === testPageDomain)+            expect(jsCookie).toBeTruthy()+            expect(jsCookie.expires).toBeGreaterThan(Date.now() / 1000 + 950400) // 11 days in the future+        })++        it('reduces the expiry of 1st party JS cookies set by trackers to 8 days', () => {+            const jsCookie = cookies.find(({ name, domain }) => name === 'tptdata' && domain === testPageDomain)+            expect(jsCookie).toBeTruthy()+            expect(jsCookie.expires).toBeGreaterThan(Date.now() / 1000)+            expect(jsCookie.expires).toBeLessThan(Date.now() / 1000 + 864000) // 10 days in the future+        })     }) -    it('reduces the expiry of 1st party JS cookies set by trackers to 8 days', () => {-        const jsCookie = cookies.find(({ name, domain }) => name === 'tptdata' && domain === testPageDomain)-        expect(jsCookie).toBeTruthy()-        expect(jsCookie.expires).toBeGreaterThan(Date.now() / 1000)-        expect(jsCookie.expires).toBeLessThan(Date.now() / 1000 + 864000) // 10 days in the future+    describe(`On https://${thirdPartyTracker}/privacy-protections/storage-blocking/`, () => {+        it('does not block iFrame tracker cookies from same entity', async () => {+            const { browser, page } = await setup()+            async function waitForAllResults () {+                while ((await page.$$('#tests-details > li > span > ul')).length < 2) {+                    await new Promise(resolve => setTimeout(resolve, 100))+                }+            }+            await page.goto(`https://${thirdPartyTracker}/privacy-protections/storage-blocking/?store`, { waitUntil: 'networkidle0' })

That's the purpose of this test - we're loading a tracker page and checking that the cookies for an iframe on the same origin (i.e. entity) are not blocked. We're testing that blocking works differently to the other block of tests where the iframe is 3rd party.

sammacbeth

comment created time in a month

PullRequestReviewEvent