[kiosk-chromium] Use jq to build URL white/blacklist

2 files changed, 34 insertions, 30 deletions

diff --git a/core/modules/kiosk-chromium/data/etc/X11/Xreset.d/clear-chromium-policies b/core/modules/kiosk-chromium/data/etc/X11/Xreset.d/clear-chromium-policies
index 8b823039..2272527f 100644
--- a/core/modules/kiosk-chromium/data/etc/X11/Xreset.d/clear-chromium-policies
+++ b/core/modules/kiosk-chromium/data/etc/X11/Xreset.d/clear-chromium-policies
@@ -1,7 +1,5 @@
 #!/bin/ash
 
 policy_dir="/etc/chromium-browser/policies/managed"
-for file in "$policy_dir/kiosk-mode.json" "$policy_dir/url-filter.json"; do
-	rm -f -- "$file"
-done
+rm -f -- "$policy_dir/kiosk-mode.json" "$policy_dir/url-filter.json"
 true
diff --git a/core/modules/kiosk-chromium/data/opt/openslx/pam/hooks/session-open.d/10-chromium-urlfilter b/core/modules/kiosk-chromium/data/opt/openslx/pam/hooks/session-open.d/10-chromium-urlfilter
index d4add9b1..e9797b52 100644
--- a/core/modules/kiosk-chromium/data/opt/openslx/pam/hooks/session-open.d/10-chromium-urlfilter
+++ b/core/modules/kiosk-chromium/data/opt/openslx/pam/hooks/session-open.d/10-chromium-urlfilter
@@ -2,43 +2,49 @@
 #^ SOURCED, actually running in ash
 
 format_urls() {
-	local url scheme host path count chost
-	for url in $@; do
-		# first remove '*://' scheme, none means the same
-		url="${url#*\*://}"
+	local url scheme host path chost
+	while [ $# -ne 0 ]; do
+		url="$1"
+		shift
 		# extract scheme and remove it from url if needed
 		scheme="${url%%://*}"
 		if [ "$scheme" != "$url" ]; then
 			url="${url#*://}"
+			if [ "$scheme" = 'http*' ]; then
+				# Special case: assume http* means http and https
+				scheme="http"
+				format_urls "https://$url"
+			elif [ "${scheme#*\*}" != "${scheme}" ]; then
+				# Contains a *, not supported, use any
+				scheme=
+			fi
 		else
 			scheme=
 		fi
-		# extract host, skip entry if empty
+		# extract host
 		host="${url%%/*}"
 		[ -z "$host" ] && continue
 		# transform into chromium syntax
-		if [ "$host" != "${host//\*/}" ]; then
-			# host contains wildcard '*'
-			# look for the longest subdomain until the wildcard
-			chost="$(echo "$host" | grep -oE '[^*]+$')"
-			# remove dot left over
-			if [ -n "$chost" ]; then
+		# We don't support arbitrary wildcards in the host part
+		chost="${host##*\*}"
+		if [ "$host" != "$chost" ]; then
+			# host contains wildcard '*', use everything
+			# after last * in host
+			if [ "${chost:0:1}" = "." ]; then
+				# Remove leading dot if any
 				chost="${chost#?}"
-			else
-				chost='*'
 			fi
+			# Empty host means any host
+			[ -z "$chost" ] && chost='*'
 		else
 			# chromium: exact host match must be prefixed with '.'
-			chost=".${host}"
+			chost=".${chost}"
 		fi
 		path="${url#*/}"
-		[ "$path" = "${host}" ] && path=
-		cpath=
-		if [ -n "$path" ]; then
-			cpath="$(echo "$path" | grep -oE '^[^*]*')"
-		fi
-		echo -e "\t\t\"${scheme:+${scheme}://}${chost}${cpath:+/${cpath}}\","
-	done | sed '$ s/.$//'
+		[ "${path}" = "${host}" ] && path=
+		path="${path%%\**}"
+		printf "%s\n" "${scheme:+${scheme}://}${chost}${path:+/${path}}"
+	done
 }
 
 main() {
@@ -46,7 +52,7 @@ main() {
 	. /opt/openslx/config
 
 	local url_policy_file="/etc/chromium-browser/policies/managed/url-filter.json"
-	echo -e "{\n" > "$url_policy_file"
+	echo "{" > "$url_policy_file"
 	local ttype
 	if [ "$SLX_BROWSER_IS_WHITELIST" -eq 1 ]; then
 		ttype="White"
@@ -55,14 +61,14 @@ main() {
 		ttype="Black"
 	fi
 	if [ -n "$SLX_BROWSER_URLLIST" ]; then
-		echo -e '\t"URL'"$ttype"'list": [' >> "$url_policy_file"
-		format_urls $SLX_BROWSER_URLLIST >> "$url_policy_file"
-		echo -e '\t]' >> "$url_policy_file"
+		echo -e '\t"'"URL${ttype}list"'": ' >> "$url_policy_file"
+		format_urls $SLX_BROWSER_URLLIST \
+			| jq -Rs 'rtrimstr("\n") | split("\n")' >> "$url_policy_file"
 	fi
-	echo -e '}' >> "$url_policy_file"
+	echo '}' >> "$url_policy_file"
 }
 
-if [ "${PAM_SERVICE//autologin/}" != "$PAM_SERVICE" -a "$PAM_TTY" = ":0" ]; then
+if [ "${PAM_SERVICE//autologin/}" != "$PAM_SERVICE" ] && [ "$PAM_TTY" = ":0" ]; then
 	# autologin of some sort
 	main
 fi