You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+13-1Lines changed: 13 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -12,6 +12,8 @@ The exposed API is a global called contentScopeFeatures and has three methods:
12
12
- init
13
13
- Calls the init method on all of the features
14
14
- This should be passed the arguments object which has the following keys:
15
+
- 'platform' which is an object with:
16
+
- 'name' which is a string of 'android', 'ios', 'macos' or 'extension'
15
17
- 'debug' true if debuging should be enabled
16
18
- 'globalPrivacyControlValue' false if the user has disabled GPC.
17
19
- 'sessionKey' a unique session based key.
@@ -47,12 +49,22 @@ There are three stages that the content scope code is hooked into the platform:
47
49
The [inject/](https://github.com/duckduckgo/content-scope-scripts/tree/main/inject) directory handles platform specific differences and is glue code into calling the contentScopeFeatures API.
48
50
49
51
- In Firefox the code is loaded as a standard extension content script.
50
-
- For Apple the code is a UserScript that has some string replacements for properties and loads in as the page scope.
52
+
- For Apple, Windows and Android the code is a UserScript that has some string replacements for properties and loads in as the page scope.
51
53
- Note: currently we don't implement the update calls as it's only required by cookie protections which we don't implement.
52
54
- All other browsers the code is stringified, base64 encoded and injected in as a self deleting <script> tag.
53
55
54
56
In the built output you will see these dramatic differences in the bundled code which is created into: /build
55
57
58
+
#### App specific integration replacements
59
+
60
+
$CONTENT_SCOPE$ - raw remote config object
61
+
$USER_UNPROTECTED_DOMAINS$ - an array of user allowlisted domains
sessionKey: <randomUUIDstring> (used for fingerprinting)
67
+
56
68
### Features scope injection utilities
57
69
58
70
To handle the difference in scope injection we expose multiple utilities which behave differently per browser in src/utils.js. for Firefox the code exposed handles [xrays correctly](https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Sharing_objects_with_page_scripts) without needing the features to be authored differently.
0 commit comments