added support of web security disabling and CSP bypassing

cli/back-ends/extensions/bypass-csp/index.js

@@ -0,0 +1,36 @@
+/*
+ * Copyright 2010-2019 Gildas Lormeau
+ * contact : gildas.lormeau <at> gmail.com
+ * 
+ * This file is part of SingleFile.
+ *
+ *   The code in this file is free software: you can redistribute it and/or 
+ *   modify it under the terms of the GNU Affero General Public License 
+ *   (GNU AGPL) as published by the Free Software Foundation, either version 3
+ *   of the License, or (at your option) any later version.
+ * 
+ *   The code in this file is distributed in the hope that it will be useful, 
+ *   but WITHOUT ANY WARRANTY; without even the implied warranty of 
+ *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero 
+ *   General Public License for more details.
+ *
+ *   As additional permission under GNU AGPL version 3 section 7, you may 
+ *   distribute UNMODIFIED VERSIONS OF THIS file without the copy of the GNU 
+ *   AGPL normally required by section 4, provided you include this license 
+ *   notice and a URL through which recipients can access the Corresponding 
+ *   Source.
+ */
+
+/* global browser */
+
+const removedHeaders = ["content-security-policy"];
+
+browser.webRequest.onHeadersReceived.addListener(
+	function (details) {
+		let responseHeaders = details.responseHeaders;
+		responseHeaders = responseHeaders.filter(responseHeader => !removedHeaders.includes(responseHeader.name.toLowerCase()));
+		return { responseHeaders };
+	},
+	{ urls: ["<all_urls>"] },
+	["blocking", "responseHeaders"]
+);

cli/back-ends/extensions/bypass-csp/manifest.json

@@ -0,0 +1,20 @@
+{
+	"name": "bypass-csp",
+	"version": "0.0.2",
+	"background": {
+		"scripts": [
+			"index.js"
+		]
+	},
+	"permissions": [
+		"webRequest",
+		"webRequestBlocking",
+		"<all_urls>"
+	],
+	"applications": {
+		"gecko": {
+			"id": "{55e2789c-817b-4d75-815b-df6921c84ed8}"
+		}
+	},
+	"manifest_version": 2
+}

cli/back-ends/extensions/disable-web-security/index.js

@@ -0,0 +1,54 @@
+/*
+ * Copyright 2010-2019 Gildas Lormeau
+ * contact : gildas.lormeau <at> gmail.com
+ * 
+ * This file is part of SingleFile.
+ *
+ *   The code in this file is free software: you can redistribute it and/or 
+ *   modify it under the terms of the GNU Affero General Public License 
+ *   (GNU AGPL) as published by the Free Software Foundation, either version 3
+ *   of the License, or (at your option) any later version.
+ * 
+ *   The code in this file is distributed in the hope that it will be useful, 
+ *   but WITHOUT ANY WARRANTY; without even the implied warranty of 
+ *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero 
+ *   General Public License for more details.
+ *
+ *   As additional permission under GNU AGPL version 3 section 7, you may 
+ *   distribute UNMODIFIED VERSIONS OF THIS file without the copy of the GNU 
+ *   AGPL normally required by section 4, provided you include this license 
+ *   notice and a URL through which recipients can access the Corresponding 
+ *   Source.
+ */
+
+/* global browser */
+
+const removedHeaders = ["access-control-allow-methods", "access-control-allow-headers"];
+const updatedHeaders = { "access-control-allow-origin": "*", "access-control-allow-credentials": "true" };
+
+browser.webRequest.onHeadersReceived.addListener(
+	function (details) {
+		let responseHeaders = details.responseHeaders;
+		let processedHeaders = [];
+		responseHeaders = responseHeaders.filter(responseHeader => !removedHeaders.includes(responseHeader.name.toLowerCase()));
+		responseHeaders.forEach(responseHeader => {
+			const name = responseHeader.name.toLowerCase();
+			const value = updatedHeaders[name];
+			if (value) {
+				responseHeader.value = value;
+				processedHeaders.push(name);
+			}
+		});
+		Object.keys(updatedHeaders).forEach(name => {
+			if (!processedHeaders.includes(name)) {
+				const value = updatedHeaders[name.toLowerCase()];
+				if (value) {
+					responseHeaders.push({ name, value });
+				}
+			}
+		});
+		return { responseHeaders };
+	},
+	{ urls: ["<all_urls>"] },
+	["blocking", "responseHeaders"]
+);

cli/back-ends/extensions/disable-web-security/manifest.json

@@ -0,0 +1,20 @@
+{
+	"name": "disable-web-security",
+	"version": "0.0.2",
+	"background": {
+		"scripts": [
+			"index.js"
+		]
+	},
+	"permissions": [
+		"webRequest",
+		"webRequestBlocking",
+		"<all_urls>"
+	],
+	"applications": {
+		"gecko": {
+			"id": "{588434c2-67c3-4f77-9828-c30c7d63e8f9}"
+		}
+	},
+	"manifest_version": 2
+}

cli/back-ends/webdriver-firefox.js

@@ -66,16 +66,22 @@ exports.getPageData = async options => {
 		if (options.browserExecutablePath) {
 			firefoxOptions.setBinary(options.browserExecutablePath);
 		}
-		if (options.browserDisableWebSecurity === undefined || options.browserDisableWebSecurity) {
-			// not supported
-		}
-		if (options.userAgent) {
+		if (options.browserDisableWebSecurity === undefined || options.browserDisableWebSecurity || options.browserBypassCSP === undefined || options.browserBypassCSP || options.userAgent) {
 			const profile = new firefox.Profile();
-			profile.setPreference("general.useragent.override", options.userAgent);
+			if (options.browserDisableWebSecurity === undefined || options.browserDisableWebSecurity) {
+				profile.addExtension(require.resolve("./extensions/signed/disable_web_security-0.0.2-fx.xpi"));
+			}
+			if (options.browserBypassCSP === undefined || options.browserBypassCSP) {
+				profile.addExtension(require.resolve("./extensions/signed/bypass_csp-0.0.2-fx.xpi"));
+			}
+			if (options.userAgent) {
+				profile.setPreference("general.useragent.override", options.userAgent);
+			}
 			firefoxOptions.setProfile(profile);
 		}
 		builder.setFirefoxOptions(firefoxOptions);
 		driver = await builder.forBrowser("firefox").build();
+		driver.manage().timeouts().implicitlyWait(Infinity);
 		if (options.browserWidth && options.browserHeight) {
 			const window = driver.manage().window();
 			if (window.setRect) {