Release build 4.42.0 [ci release]

Author: jonathanKingston

Sources/ContentScopeScripts/dist/contentScope.js

@@ -25,8 +25,8 @@
   };
   /*! © DuckDuckGo ContentScopeScripts protections https://github.com/duckduckgo/content-scope-scripts/ */
   (function() {
-    var _bundledConfig, _trackerLookup, _documentOriginIsTracker, _bundledfeatureSettings, _messagingContext, _debugMessaging, _isDebugFlagSet, _args, _tagName, _el, _listeners, _connected, _sinks, _debug;
     "use strict";
+    var _bundledConfig, _trackerLookup, _documentOriginIsTracker, _bundledfeatureSettings, _messagingContext, _debugMessaging, _isDebugFlagSet, _args, _tagName, _el, _listeners, _connected, _sinks, _debug;
     const Set$1 = globalThis.Set;
     const Reflect$1 = globalThis.Reflect;
     globalThis.customElements?.get.bind(globalThis.customElements);

Sources/ContentScopeScripts/dist/contentScopeIsolated.js

@@ -3281,8 +3281,9 @@
          */
         toPrivatePlayerUrl () {
             // no try/catch because we already validated the ID
-            const duckUrl = new URL(this.id, 'https://player');
-            duckUrl.protocol = 'duck:';
+            // in Microsoft WebView2 v118+ changing from special protocol (https) to non-special one (duck) is forbidden
+            // so we need to construct duck player this way
+            const duckUrl = new URL(`duck://player/${this.id}`);
 
             if (this.time) {
                 duckUrl.searchParams.set('t', this.time);

build/chrome-mv3/inject.js

@@ -3529,7 +3529,7 @@
              */
             function setCookiePolicy (argValue) {
                 let setCookieContext = null;
-                if (!argValue.toString || typeof argValue.toString() !== 'string') {
+                if (!argValue?.toString || typeof argValue.toString() !== 'string') {
                     // not a string, or string-like
                     return
                 }

build/chrome/inject.js

@@ -11271,7 +11271,7 @@
              */
             function setCookiePolicy (argValue) {
                 let setCookieContext = null;
-                if (!argValue.toString || typeof argValue.toString() !== 'string') {
+                if (!argValue?.toString || typeof argValue.toString() !== 'string') {
                     // not a string, or string-like
                     return
                 }
@@ -12448,8 +12448,9 @@
          */
         toPrivatePlayerUrl () {
             // no try/catch because we already validated the ID
-            const duckUrl = new URL(this.id, 'https://player');
-            duckUrl.protocol = 'duck:';
+            // in Microsoft WebView2 v118+ changing from special protocol (https) to non-special one (duck) is forbidden
+            // so we need to construct duck player this way
+            const duckUrl = new URL(`duck://player/${this.id}`);
 
             if (this.time) {
                 duckUrl.searchParams.set('t', this.time);

build/contentScope.js

@@ -3581,7 +3581,7 @@
              */
             function setCookiePolicy (argValue) {
                 let setCookieContext = null;
-                if (!argValue.toString || typeof argValue.toString() !== 'string') {
+                if (!argValue?.toString || typeof argValue.toString() !== 'string') {
                     // not a string, or string-like
                     return
                 }

build/firefox/inject.js

@@ -11271,7 +11271,7 @@
              */
             function setCookiePolicy (argValue) {
                 let setCookieContext = null;
-                if (!argValue.toString || typeof argValue.toString() !== 'string') {
+                if (!argValue?.toString || typeof argValue.toString() !== 'string') {
                     // not a string, or string-like
                     return
                 }
@@ -12448,8 +12448,9 @@
          */
         toPrivatePlayerUrl () {
             // no try/catch because we already validated the ID
-            const duckUrl = new URL(this.id, 'https://player');
-            duckUrl.protocol = 'duck:';
+            // in Microsoft WebView2 v118+ changing from special protocol (https) to non-special one (duck) is forbidden
+            // so we need to construct duck player this way
+            const duckUrl = new URL(`duck://player/${this.id}`);
 
             if (this.time) {
                 duckUrl.searchParams.set('t', this.time);

build/integration/contentScope.js

@@ -3588,7 +3588,7 @@
              */
             function setCookiePolicy (argValue) {
                 let setCookieContext = null;
-                if (!argValue.toString || typeof argValue.toString() !== 'string') {
+                if (!argValue?.toString || typeof argValue.toString() !== 'string') {
                     // not a string, or string-like
                     return
                 }
@@ -8504,8 +8504,9 @@
          */
         toPrivatePlayerUrl () {
             // no try/catch because we already validated the ID
-            const duckUrl = new URL(this.id, 'https://player');
-            duckUrl.protocol = 'duck:';
+            // in Microsoft WebView2 v118+ changing from special protocol (https) to non-special one (duck) is forbidden
+            // so we need to construct duck player this way
+            const duckUrl = new URL(`duck://player/${this.id}`);
 
             if (this.time) {
                 duckUrl.searchParams.set('t', this.time);

build/windows/contentScope.js

@@ -52,4 +52,26 @@ describe('Cookie protection tests', () => {
         expect(result.value).toEqual('b')
         expect(result.expires).toBeLessThan(Date.now() + 605_000_000)
     })
+
+    it('Erroneous values do not throw', async () => {
+        const page = await browser.newPage()
+        await page.goto('http://localhost:8080/index.html')
+
+        const result = await page.evaluate(async () => {
+            // @ts-expect-error - Invalid argument to document.cookie on purpose for test
+            document.cookie = null
+
+            // @ts-expect-error - Invalid argument to document.cookie on purpose for test
+            document.cookie = undefined
+
+            // wait for a tick, as cookie modification happens in a promise
+            await new Promise((resolve) => setTimeout(resolve, 1))
+            // @ts-expect-error - cookieStore API types are missing here
+            // eslint-disable-next-line no-undef
+            return cookieStore.get('a')
+        })
+        expect(result.name).toEqual('a')
+        expect(result.value).toEqual('b')
+        expect(result.expires).toBeLessThan(Date.now() + 605_000_000)
+    })
 })