From 29d3c2a763c151318bbd97afef887c73c795d2d2 Mon Sep 17 00:00:00 2001 From: Nano Date: Thu, 15 Feb 2024 22:02:10 -1000 Subject: [PATCH] Fix google hijacking (#69) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * For google searches, double-check that we’re on the `/search` path. Google tracks outgoing external links through urls like https://www.google.com/url?q=https://nytimes.com By checking that the url path starts with `/search` if we detect a google url, we can prevent other paths from being hijacked by the extension. Tested the following urls: https://www.google.com/url?q=https://nytimes.com/ => does not redirect https://www.google.com/search?q=https://nytimes.com/ => does redirect Verified that using Bing and DuckDuckGo continues to work as before. Fixes: https://kagifeedback.org/d/3120-safari-extension-is-starting-to-hijack-all-google-links-again * Bump version --- safari/Universal/MainConfig.xcconfig | 4 ++-- safari/Universal/Shared (Extension)/Resources/background.js | 4 +++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/safari/Universal/MainConfig.xcconfig b/safari/Universal/MainConfig.xcconfig index 0952e1d..3f70e1c 100644 --- a/safari/Universal/MainConfig.xcconfig +++ b/safari/Universal/MainConfig.xcconfig @@ -1,3 +1,3 @@ -MARKETING_VERSION = 2.2.0 -CURRENT_PROJECT_VERSION = 21 // this needs to be increased with each version change as well (not set to 1 when version is updated) +MARKETING_VERSION = 2.2.1 +CURRENT_PROJECT_VERSION = 22 // this needs to be increased with each version change as well (not set to 1 when version is updated) PRODUCT_NAME = Kagi for Safari diff --git a/safari/Universal/Shared (Extension)/Resources/background.js b/safari/Universal/Shared (Extension)/Resources/background.js index f184d2b..7e6a3b1 100644 --- a/safari/Universal/Shared (Extension)/Resources/background.js +++ b/safari/Universal/Shared (Extension)/Resources/background.js @@ -315,7 +315,9 @@ function captureQuery(a) { var b = a.host; b.startsWith(www) && (b = b.slice(www.length)); b.endsWith(yahoo) && (b = yahoo); - if (b in builtInEngines && (a = (new URLSearchParams(a.search)).get(builtInEngines[b]))) return a; + const path = a.pathname; + var shouldBlockGoogleNonSearch = (b in googleUrls && !(path.startsWith("/search"))); + if (b in builtInEngines && !(shouldBlockGoogleNonSearch) && (a = (new URLSearchParams(a.search)).get(builtInEngines[b]))) return a; } function rewriteQueryURL(a, b) {