summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorArun Isaac2017-08-06 22:55:19 +0530
committerArun Isaac2017-08-06 22:55:19 +0530
commit59b85d23f8881b1d0190c82c89ea7d91b168f725 (patch)
tree5a3b71aa0417bb6f00e4e310347c25484bcaa15d
parent689eb3352fd4630b350f7482597775e8c8a65d1b (diff)
downloadyoutube-noscript-shim-59b85d23f8881b1d0190c82c89ea7d91b168f725.tar.gz
youtube-noscript-shim-59b85d23f8881b1d0190c82c89ea7d91b168f725.tar.lz
youtube-noscript-shim-59b85d23f8881b1d0190c82c89ea7d91b168f725.zip
Remove support for decrypting signatures.
Decrypting signatures is done by extracting a part of the proprietary YouTube javascript and executing it. This is unsafe, and is problematic for software freedom. * viewtube.js (ytDecryptFunction): Remove function. (ytVideos): Remove invocation of `ytDecryptFunction'.
-rw-r--r--viewtube.js29
1 files changed, 4 insertions, 25 deletions
diff --git a/viewtube.js b/viewtube.js
index 8ed1076..a313549 100644
--- a/viewtube.js
+++ b/viewtube.js
@@ -146,26 +146,6 @@
if ((!ytAgeGateContent) || (ytAgeGateContent.indexOf('feature=private_video') != -1)) return;
}
- /* Decrypt Signature */
- var ytScriptSrc;
- function ytDecryptSignature(s) {return null;}
- function ytDecryptFunction() {
- var ytSignFuncName, ytSignFuncBody, ytSwapFuncName, ytSwapFuncBody, ytFuncMatch;
- ytScriptSrc = ytScriptSrc.replace(/(\r\n|\n|\r)/gm, '');
- if (ytSignFuncName = (ytScriptSrc.match(/"signature"\s*,\s*([^\)]*?)\(/) || [])[1]) {
- ytFuncMatch = ytSignFuncName.replace(/\$/, '\\$') + '\\s*=\\s*function\\s*' + '\\s*\\(\\w+\\)\\s*\\{(.*?)\\}';
- if (ytSignFuncBody = (ytScriptSrc.match(ytFuncMatch) || [])[1]) {
- if (ytSwapFuncName = (ytSignFuncBody.match(/((\$|_|\w)+)\.(\$|_|\w)+\(\w,[0-9]+\)/) || [])[1]) {
- ytFuncMatch = 'var\\s+' + ytSwapFuncName.replace(/\$/, '\\$') + '=\\s*\\{(.*?)\\};';
- ytSwapFuncBody = (ytScriptSrc.match(ytFuncMatch) || [])[1];
- }
- if (ytSwapFuncBody) ytSignFuncBody = 'var ' + ytSwapFuncName + '={' + ytSwapFuncBody + '};' + ytSignFuncBody;
- ytSignFuncBody = 'try {' + ytSignFuncBody + '} catch(e) {return null}';
- ytDecryptSignature = new Function('a', ytSignFuncBody);
- }
- }
- }
-
/* Get Player Window */
var ytPlayerWindow = document.querySelector("#player");
if (!ytPlayerWindow) console.log("Couldn't get the player element.");
@@ -285,11 +265,10 @@
ytVideo = ytVideo.replace(/type=(video|audio).*?/, "").replace(/xtags=[^%=]*?/, "");
ytVideo = ytVideo.replace(/&&/g, "&").replace(/^&/, "").replace(/&$/, "");
if (ytVideo.match(/&sig=/)) ytVideo = ytVideo.replace(/&sig=/, '&signature=');
- else if (ytVideo.match(/&s=/))
- if ((ytSig = ytVideo.match(/&s=(.*?)(&|$)/)) &&
- (s = ytDecryptSignature(ytSig[1])))
- ytVideo = ytVideo.replace(/&s=.*?(&|$)/, '&signature=' + s + '$1');
- else ytVideo = '';
+ else if (ytVideo.match(/&s=/)) {
+ console.log("Decrypting cipher signatures not supported.");
+ ytVideo = "";
+ }
ytVideo = cleanMyContent(ytVideo, true);
if (ytVideo.indexOf('ratebypass') == -1) ytVideo += '&ratebypass=yes';
if (ytVideo && ytVideo.indexOf('http') == 0)