diff --git a/src/extensions/ua-parser-extensions.js b/src/extensions/ua-parser-extensions.js index 329129e..30de6d1 100644 --- a/src/extensions/ua-parser-extensions.js +++ b/src/extensions/ua-parser-extensions.js @@ -24,109 +24,214 @@ const Apps = Object.freeze({ const Bots = Object.freeze({ browser : [ // Googlebot / BingBot / MSNBot / FacebookBot - [/((?:google|bing|msn|facebook)bot(?:\-[imagevdo]{5})?|bingpreview)\/([\w\.]+)/i], [NAME, VERSION, [TYPE, 'bot']], + [/((?:google|bing|msn|facebook)bot(?:[\-imagevdo]{0,6})|bingpreview)\/([\w\.]+)/i], [NAME, VERSION, [TYPE, 'bot']], // Slackbot - https://api.slack.com/robots [/(slack(?:bot)?(?:-imgproxy|-linkexpanding)?) ([\w\.]+)/i], [NAME, VERSION, [TYPE, 'bot']] ] }); +const CLIs = Object.freeze({ + browser : [ + // wget / curl / lynx + [/(wget|curl|lynx)\/([\w\.]+)/i], [NAME, VERSION, [TYPE, 'cli']] + ] +}); + const ExtraDevices = Object.freeze({ - device : [ - [ - /(nook)[\w ]+build\/(\w+)/i, // Nook - /(dell) (strea[kpr\d ]*[\dko])/i, // Dell Streak - /(le[- ]+pan)[- ]+(\w{1,9}) bui/i, // Le Pan Tablets - /(trinity)[- ]*(t\d{3}) bui/i, // Trinity Tablets - /(gigaset)[- ]+(q\w{1,9}) bui/i, // Gigaset Tablets - /(vodafone) ([\w ]+)(?:\)| bui)/i // Vodafone - ], [VENDOR, MODEL, [TYPE, TABLET]], [ + device : [[ + /(nook)[\w ]+build\/(\w+)/i, // Nook + /(dell) (strea[kpr\d ]*[\dko])/i, // Dell Streak + /(le[- ]+pan)[- ]+(\w{1,9}) bui/i, // Le Pan Tablets + /(trinity)[- ]*(t\d{3}) bui/i, // Trinity Tablets + /(gigaset)[- ]+(q\w{1,9}) bui/i, // Gigaset Tablets + /(vodafone) ([\w ]+)(?:\)| bui)/i // Vodafone + ], [VENDOR, MODEL, [TYPE, TABLET]], [ - /(u304aa)/i // AT&T - ], [MODEL, [VENDOR, 'AT&T'], [TYPE, MOBILE]], [ + /(u304aa)/i // AT&T + ], [MODEL, [VENDOR, 'AT&T'], [TYPE, MOBILE]], [ - /\bsie-(\w*)/i // Siemens - ], [MODEL, [VENDOR, 'Siemens'], [TYPE, MOBILE]], [ + /\bsie-(\w*)/i // Siemens + ], [MODEL, [VENDOR, 'Siemens'], [TYPE, MOBILE]], [ - /\b(rct\w+) b/i // RCA Tablets - ], [MODEL, [VENDOR, 'RCA'], [TYPE, TABLET]], [ + /\b(rct\w+) b/i // RCA Tablets + ], [MODEL, [VENDOR, 'RCA'], [TYPE, TABLET]], [ - /\b(venue[\d ]{2,7}) b/i // Dell Venue Tablets - ], [MODEL, [VENDOR, 'Dell'], [TYPE, TABLET]], [ + /\b(venue[\d ]{2,7}) b/i // Dell Venue Tablets + ], [MODEL, [VENDOR, 'Dell'], [TYPE, TABLET]], [ - /\b(q(?:mv|ta)\w+) b/i // Verizon Tablet - ], [MODEL, [VENDOR, 'Verizon'], [TYPE, TABLET]], [ + /\b(q(?:mv|ta)\w+) b/i // Verizon Tablet + ], [MODEL, [VENDOR, 'Verizon'], [TYPE, TABLET]], [ - /\b(?:barnes[& ]+noble |bn[rt])([\w\+ ]*) b/i // Barnes & Noble Tablet - ], [MODEL, [VENDOR, 'Barnes & Noble'], [TYPE, TABLET]], [ + /\b(?:barnes[& ]+noble |bn[rt])([\w\+ ]*) b/i // Barnes & Noble Tablet + ], [MODEL, [VENDOR, 'Barnes & Noble'], [TYPE, TABLET]], [ - /\b(tm\d{3}\w+) b/i - ], [MODEL, [VENDOR, 'NuVision'], [TYPE, TABLET]], [ + /\b(tm\d{3}\w+) b/i + ], [MODEL, [VENDOR, 'NuVision'], [TYPE, TABLET]], [ - /\b(k88) b/i // ZTE K Series Tablet - ], [MODEL, [VENDOR, 'ZTE'], [TYPE, TABLET]], [ + /\b(k88) b/i // ZTE K Series Tablet + ], [MODEL, [VENDOR, 'ZTE'], [TYPE, TABLET]], [ - /\b(nx\d{3}j) b/i // ZTE Nubia - ], [MODEL, [VENDOR, 'ZTE'], [TYPE, MOBILE]], [ + /\b(nx\d{3}j) b/i // ZTE Nubia + ], [MODEL, [VENDOR, 'ZTE'], [TYPE, MOBILE]], [ - /\b(gen\d{3}) b.+49h/i // Swiss GEN Mobile - ], [MODEL, [VENDOR, 'Swiss'], [TYPE, MOBILE]], [ + /\b(gen\d{3}) b.+49h/i // Swiss GEN Mobile + ], [MODEL, [VENDOR, 'Swiss'], [TYPE, MOBILE]], [ - /\b(zur\d{3}) b/i // Swiss ZUR Tablet - ], [MODEL, [VENDOR, 'Swiss'], [TYPE, TABLET]], [ + /\b(zur\d{3}) b/i // Swiss ZUR Tablet + ], [MODEL, [VENDOR, 'Swiss'], [TYPE, TABLET]], [ - /\b((zeki)?tb.*\b) b/i // Zeki Tablets - ], [MODEL, [VENDOR, 'Zeki'], [TYPE, TABLET]], [ + /\b((zeki)?tb.*\b) b/i // Zeki Tablets + ], [MODEL, [VENDOR, 'Zeki'], [TYPE, TABLET]], [ - /\b([yr]\d{2}) b/i, - /\b(?:dragon[- ]+touch |dt)(\w{5}) b/i // Dragon Touch Tablet - ], [MODEL, [VENDOR, 'Dragon Touch'], [TYPE, TABLET]], [ + /\b([yr]\d{2}) b/i, + /\b(?:dragon[- ]+touch |dt)(\w{5}) b/i // Dragon Touch Tablet + ], [MODEL, [VENDOR, 'Dragon Touch'], [TYPE, TABLET]], [ - /\b(ns-?\w{0,9}) b/i // Insignia Tablets - ], [MODEL, [VENDOR, 'Insignia'], [TYPE, TABLET]], [ + /\b(ns-?\w{0,9}) b/i // Insignia Tablets + ], [MODEL, [VENDOR, 'Insignia'], [TYPE, TABLET]], [ - /\b((nxa|next)-?\w{0,9}) b/i // NextBook Tablets - ], [MODEL, [VENDOR, 'NextBook'], [TYPE, TABLET]], [ + /\b((nxa|next)-?\w{0,9}) b/i // NextBook Tablets + ], [MODEL, [VENDOR, 'NextBook'], [TYPE, TABLET]], [ - /\b(xtreme\_)?(v(1[045]|2[015]|[3469]0|7[05])) b/i // Voice Xtreme Phones - ], [[VENDOR, 'Voice'], MODEL, [TYPE, MOBILE]], [ + /\b(xtreme\_)?(v(1[045]|2[015]|[3469]0|7[05])) b/i // Voice Xtreme Phones + ], [[VENDOR, 'Voice'], MODEL, [TYPE, MOBILE]], [ - /\b(lvtel\-)?(v1[12]) b/i // LvTel Phones - ], [[VENDOR, 'LvTel'], MODEL, [TYPE, MOBILE]], [ + /\b(lvtel\-)?(v1[12]) b/i // LvTel Phones + ], [[VENDOR, 'LvTel'], MODEL, [TYPE, MOBILE]], [ - /\b(ph-1) /i // Essential PH-1 - ], [MODEL, [VENDOR, 'Essential'], [TYPE, MOBILE]], [ + /\b(ph-1) /i // Essential PH-1 + ], [MODEL, [VENDOR, 'Essential'], [TYPE, MOBILE]], [ - /\b(v(100md|700na|7011|917g).*\b) b/i // Envizen Tablets - ], [MODEL, [VENDOR, 'Envizen'], [TYPE, TABLET]], [ + /\b(v(100md|700na|7011|917g).*\b) b/i // Envizen Tablets + ], [MODEL, [VENDOR, 'Envizen'], [TYPE, TABLET]], [ - /\b(trio[-\w\. ]+) b/i // MachSpeed Tablets - ], [MODEL, [VENDOR, 'MachSpeed'], [TYPE, TABLET]], [ + /\b(trio[-\w\. ]+) b/i // MachSpeed Tablets + ], [MODEL, [VENDOR, 'MachSpeed'], [TYPE, TABLET]], [ - /\btu_(1491) b/i // Rotor Tablets - ], [MODEL, [VENDOR, 'Rotor'], [TYPE, TABLET] - ] + /\btu_(1491) b/i // Rotor Tablets + ], [MODEL, [VENDOR, 'Rotor'], [TYPE, TABLET]] ] }); const Emails = Object.freeze({ browser : [ - // Microsoft Outlook / Thunderbird + // Microsoft Outlook / Thunderbird [/(microsoft outlook|thunderbird)[\s\/]([\w\.]+)/i], [NAME, VERSION, [TYPE, 'email']] ] }); -const CLI = Object.freeze({ - browser : [ - // wget / curl / lynx - [/(wget|curl|lynx)\/([\w\.]+)/i], [NAME, VERSION, [TYPE, 'cli']] +const MediaPlayers = Object.freeze({ + browser : [[ + + /(apple(?:coremedia|))\/([\w\._]+)/i, // Generic Apple CoreMedia + /(coremedia) v([\w\._]+)/i + ], [NAME, VERSION], [ + + /(aqualung|lyssna|bsplayer)\/([\w\.-]+)/i // Aqualung/Lyssna/BSPlayer + ], [NAME, VERSION], [ + + /(ares|ossproxy)\s([\w\.-]+)/i // Ares/OSSProxy + ], [NAME, VERSION], [ + + /(audacious|audimusicstream|amarok|bass|core|dalvik|gnomemplayer|music on console|nsplayer|psp-internetradioplayer|videos)\/([\w\.-]+)/i, + // Audacious/AudiMusicStream/Amarok/BASS/OpenCORE/Dalvik/GnomeMplayer/MoC + // NSPlayer/PSP-InternetRadioPlayer/Videos + /(clementine|music player daemon)\s([\w\.-]+)/i, // Clementine/MPD + /(lg player|nexplayer)\s([\d\.]+)/i, + /player\/(nexplayer|lg player)\s([\w\.-]+)/i // NexPlayer/LG Player + ], [NAME, VERSION], [ + /(nexplayer)\s([\w\.-]+)/i // Nexplayer + ], [NAME, VERSION], [ + + /(flrp)\/([\w\.-]+)/i // Flip Player + ], [[NAME, 'Flip Player'], VERSION], [ + + /(fstream|nativehost|queryseekspider|ia-archiver|facebookexternalhit)/i + // FStream/NativeHost/QuerySeekSpider/IA Archiver/facebookexternalhit + ], [NAME], [ + + /(gstreamer) souphttpsrc.+libsoup\/([\w\.-]+)/i + // Gstreamer + ], [NAME, VERSION], [ + + /(htc streaming player)\s[\w_]+\s\/\s([\d\.]+)/i, // HTC Streaming Player + /(java|python-urllib|python-requests|wget|libcurl)\/([\w\.-_]+)/i, + // Java/urllib/requests/wget/cURL + /(lavf)([\d\.]+)/i // Lavf (FFMPEG) + ], [NAME, VERSION], [ + + /(htc_one_s)\/([\d\.]+)/i, // HTC One S + ], [[NAME, /_/g, ' '], VERSION], [ + + /(mplayer)(?:\s|\/)(?:(?:sherpya-){0,1}svn)(?:-|\s)(r\d+(?:-\d+[\w\.-]+))/i, + // MPlayer SVN + ], [NAME, VERSION], [ + + /(mplayer)(?:\s|\/)([\w\.-]+)/i, // MPlayer + /(mplayer) unknown-([\w\.\-]+)/i // MPlayer UNKNOWN + ], [NAME, VERSION], [ + + /(mplayer)/i, // MPlayer (no other info) + /(yourmuze)/i, // YourMuze + /(media player classic|nero showtime)/i // Media Player Classic/Nero ShowTime + ], [NAME], [ + + /(nero (?:home|scout))\/([\w\.-]+)/i // Nero Home/Nero Scout + ], [NAME, VERSION], [ + + /(nokia\d+)\/([\w\.-]+)/i // Nokia + ], [NAME, VERSION], [ + + /\s(songbird)\/([\w\.-]+)/i // Songbird/Philips-Songbird + ], [NAME, VERSION], [ + + /(winamp)3 version ([\w\.-]+)/i, // Winamp + /(winamp)\s([\w\.-]+)/i, + /(winamp)mpeg\/([\w\.-]+)/i + ], [NAME, VERSION], [ + + /(ocms-bot|tapinradio|tunein radio|unknown|winamp|inlight radio)/i // OCMS-bot/tap in radio/tunein/unknown/winamp (no other info) + // inlight radio + ], [NAME], [ + + /(quicktime|rma|radioapp|radioclientapplication|soundtap|totem|stagefright|streamium)\/([\w\.-]+)/i + // QuickTime/RealMedia/RadioApp/RadioClientApplication/ + // SoundTap/Totem/Stagefright/Streamium + ], [NAME, VERSION], [ + + /(smp)([\d\.]+)/i // SMP + ], [NAME, VERSION], [ + + /(vlc) media player - version ([\w\.]+)/i, // VLC Videolan + /(vlc)\/([\w\.-]+)/i, + /(xbmc|gvfs|xine|xmms|irapp)\/([\w\.-]+)/i, // XBMC/gvfs/Xine/XMMS/irapp + /(foobar2000)\/([\d\.]+)/i, // Foobar2000 + /(itunes)\/([\d\.]+)/i // iTunes + ], [NAME, VERSION], [ + + /(wmplayer)\/([\w\.-]+)/i, // Windows Media Player + /(windows-media-player)\/([\w\.-]+)/i + ], [[NAME, /-/g, ' '], VERSION], [ + + /windows\/([\w\.-]+) upnp\/[\d\.]+ dlnadoc\/[\d\.]+ (home media server)/i, + // Windows Media Server + ], [VERSION, [NAME, 'Windows']], [ + + /(com\.riseupradioalarm)\/([\d\.]*)/i // RiseUP Radio Alarm + ], [NAME, VERSION], [ + + /(rad.io)\s([\d\.]+)/i, // Rad.io + /(radio.(?:de|at|fr))\s([\d\.]+)/i + ], [[NAME, 'rad.io'], VERSION] ] }); module.exports = { Apps, Bots, + CLIs, ExtraDevices, Emails, - CLI + MediaPlayers }; \ No newline at end of file diff --git a/test/mocha-test-extension.js b/test/mocha-test-extension.js index c97c16d..451a99c 100644 --- a/test/mocha-test-extension.js +++ b/test/mocha-test-extension.js @@ -1,7 +1,10 @@ +const fs = require('fs'); const assert = require('assert'); -const safeRegex = require('safe-regex'); +const parseJS = require('@babel/parser').parse; +const traverse = require('@babel/traverse').default; +const safe = require('safe-regex'); const UAParser = require('ua-parser-js'); -const { Bots, Emails, CLI } = require('ua-parser-js/extensions'); +const Ext = require('ua-parser-js/extensions'); describe('Bots', () => { it('Can detect bots', () => { @@ -14,23 +17,53 @@ describe('Bots', () => { const outlook = 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; Microsoft Outlook 16.0.9126; Microsoft Outlook 16.0.9126; ms-office; MSOffice 16)'; const thunderbird = 'Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.13.0'; - const botParser = new UAParser(Bots); + const botParser = new UAParser(Ext.Bots); assert.deepEqual(botParser.setUA(googleBot).getBrowser(), {name: "Googlebot-Video", version: "1.0", major: "1", type: "bot"}); assert.deepEqual(botParser.setUA(msnBot).getBrowser(), {name: "msnbot-media", version: "1.1", major: "1", type: "bot"}); assert.deepEqual(botParser.setUA(bingPreview).getBrowser(), {name: "BingPreview", version: "1.0b", major: "1", type: "bot"}); assert.deepEqual(botParser.setUA(opera).getBrowser(), {name: "Opera", version: "8.5", major: "8"}); // try merging Bots & CLIs - const botsAndCLIs = { browser : [...Bots.browser, ...CLI.browser]}; + const botsAndCLIs = { browser : [...Ext.Bots.browser, ...Ext.CLIs.browser]}; const botsAndCLIsParser = new UAParser(botsAndCLIs); assert.deepEqual(botsAndCLIsParser.setUA(wget).getBrowser(), {name: "Wget", version: "1.21.1", major: "1", type:"cli"}); assert.deepEqual(botsAndCLIsParser.setUA(facebookBot).getBrowser(), {name: "FacebookBot", version: "1.0", major: "1", type:"bot"}); - const emailParser = new UAParser(Emails); + const emailParser = new UAParser(Ext.Emails); assert.deepEqual(emailParser.setUA(outlook).getBrowser(), {name: "Microsoft Outlook", version: "16.0.9126", major: "16", type: "email"}); assert.deepEqual(emailParser.setUA(thunderbird).getBrowser(), {name: "Thunderbird", version: "78.13.0", major: "78", type: "email"}); }); }); // TODO : move test spec to JSON file -// TODO : check for safe-regex \ No newline at end of file + +describe('Testing regexes', () => { + + let regexes; + + before('Read main js file', () => { + let code = fs.readFileSync('src/extensions/ua-parser-extensions.js', 'utf8').toString(); + let ast = parseJS(code, { sourceType: 'script' }); + regexes = []; + traverse(ast, { + RegExpLiteral: (path) => { + regexes.push(path.node.pattern); + } + }); + if (regexes.length === 0) { + throw new Error('Regexes cannot be empty!'); + } + }); + + describe('Begin testing', () => { + it('all regexes in extension file', () => { + regexes.forEach(regex => { + describe('Test against `safe-regex` : ' + regex, () => { + it('should be safe from potentially vulnerable regex', () => { + assert.strictEqual(safe(regex), true); + }); + }); + }); + }); + }); +}); \ No newline at end of file