2

我正在尝试自动为 Safari 添加有关 Java 的否则被阻止的应用程序和站点的白名单。我能够导出二进制 plist 并通过 bash 对其进行编辑,但我被困在如何搜索和替换或简单地添加到具有特定位置的文件中。

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>BookmarksSidebarWidth</key>
    <real>194</real>
        ...
    <key>WhitelistedBlockedPlugins</key>
    <array>
        <dict>
            <key>PluginHostname</key>
            <string>www.java.com</string>
            <key>PluginIdentifier</key>
            <string>com.oracle.java.JavaAppletPlugin</string>
            <key>PluginLastVisitedDate</key>
            <date>2013-06-05T17:03:26Z</date>
            <key>PluginName</key>
            <string>Java Applet Plug-in</string>
            <key>PluginPageURL</key>
            <string>http://www.java.com/en/download/testjava.jsp</string>
            <key>PluginPolicy</key>
            <string>PluginPolicyBlockWhenInsecure</string>
        </dict>
    </array>
    ...
    <key>com.apple.Safari.ContentPageGroupIdentifier.WebKit2UsesPageCache</key>
    <true/>
</dict>
</plist>


<key>WhitelistedBlockedPlugins</key>
<array>
    <dict>
        ....
        ....
    </dict>
</array>

是我想搜索和替换或添加的位(如果它不存在)。如果存在,则可以替换以 the 开头<key>WhitelistedBlockedPlugins</key>并以结尾结尾的所有内容</array>,因为无论如何我们都希望控制其中的内容。

如果它不存在,我想我可以</dict>在文件末尾的 final 之前添加它。

这是我想出的逻辑,但是我很难找到可以搜索的解决方案,如果找到则替换,如果找不到则添加。

在阅读 Stack Overflow 上的类似帖子后,我尝试了一些没有成功的事情。我愿意使用任何 OSX 原生的东西,包括 XCode/CLI 工具附带的东西。

我尝试过的事情:

echo进入文件工作,但我不知道如何做之前</dict>,我只想这样做,如果<key>WhitelistedBlockedPlugins</key>和相应的数组无处可寻。有人有任何指导或解决方案吗?谢谢

4

3 回答 3

1

我解决了同样的问题,但能够使用默认值来修改 com.apple.Safari.plist。

#!/bin/sh

# Get today's date
TODAY=$(/bin/date "+%FT%TZ")

# Determine OS version
osvers=$(sw_vers -productVersion | awk -F. '{print $2}')

# Server1's address
SERVER1=server1.name.here

# Server2's address
SERVER2=server2.name.here

# Get Java plug-in info
JAVA_PLUGIN=`/usr/bin/defaults read "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Info" CFBundleIdentifier`

# Check com.apple.Safari.plist for Server1 address
SERVER1_WHITELIST_CHECK=`/usr/bin/defaults read $HOME/Library/Preferences/com.apple.Safari WhitelistedBlockedPlugins | grep PluginHostname | awk '{print $3}' | grep $SERVER1 | tr -d '";'`

# Check com.apple.Safari.plist for Server2 address
SERVER2_WHITELIST_CHECK=`/usr/bin/defaults read $HOME/Library/Preferences/com.apple.Safari WhitelistedBlockedPlugins | grep PluginHostname | awk '{print $3}' | grep $SERVER2 | tr -d '";'`

if [[ ${osvers} -ge 6 ]]; then
  if [[ -n ${SERVER1_WHITELIST_CHECK} ]]; then

        # Server1 settings are present
    /usr/bin/logger "${SERVER1_WHITELIST_CHECK} is part of the Java whitelist in Safari. Nothing to do here."
    else        
    # Add Server1 to Java whitelist
        /usr/bin/defaults write $HOME/Library/Preferences/com.apple.Safari "WhitelistedBlockedPlugins" -array-add '{"PluginHostname" = "'$SERVER1'"; "PluginIdentifier" = "'$JAVA_PLUGIN'"; "PluginLastVisitedDate" = "'$TODAY'"; "PluginName" = "Java Applet Plug-in"; "PluginPageURL" = "https://'$SERVER1'"; "PluginPolicy" = "PluginPolicyNeverBlock";}'
        /usr/bin/logger "$SERVER1 has been added to the Java whitelist in Safari."
  fi

  if [[ -n ${SERVER2_WHITELIST_CHECK} ]]; then

    # Server2 settings are present
    /usr/bin/logger "${SERVER2_WHITELIST_CHECK} is part of the Java whitelist in Safari. Nothing to do here."
     else       
        # Add Server2 to Java whitelist
    /usr/bin/defaults write $HOME/Library/Preferences/com.apple.Safari "WhitelistedBlockedPlugins" -array-add '{"PluginHostname" = "'$SERVER2'"; "PluginIdentifier" = "'$JAVA_PLUGIN'"; "PluginLastVisitedDate" = "'$TODAY'"; "PluginName" = "Java Applet Plug-in"; "PluginPageURL" = "https://'$SERVER2'"; "PluginPolicy" = "PluginPolicyNeverBlock";}'
        /usr/bin/logger "$SERVER2 has been added to the Java whitelist in Safari."
  fi

fi

exit 0

该代码也可以在我的 GitHub 存储库中找到。

于 2013-08-24T23:27:58.103 回答
0

您可能只使用默认值:

defaults write ./file.plist WhitelistedBlockedPlugins -array '<dict><key>a</key><string>b</string></dict>'

于 2013-07-12T01:19:01.517 回答
0

因为这是修改plist文件并使用 OSX 的情况,所以我发现 usingPlistbuddy是我最简单的解决方案。如果我需要查找和替换、保留某些站点或在某些条件下添加,我肯定会最终使用 Perl 或 Python……但我有幸清除整个数组并写入我想要什么。

下面是我的解决方案,我可能最终会创建到 LaunchDaemon 或 Agent 中,因此每个用户和每次启动时都会发生这种情况(清除未经授权或批准的 Java 小程序并确保添加我们需要的站点)。

#!/bin/bash

# Convert the com.apple.Safari.plist from binary plist to readable text file
plutil -convert xml1 -o - ~/Library/Preferences/com.apple.Safari.plist > /tmp/com.apple.Safari.plist

# Deletes the WhitelistedBlockedPlugins Key and corresponding array, if it exists
/usr/libexec/PlistBuddy -c "Delete WhitelistedBlockedPlugins" /tmp/com.apple.Safari.plist

# Adds the WhitelistedBlockedPlugins Key and array including two whitelisted sites
/usr/libexec/PlistBuddy -c "Add :WhitelistedBlockedPlugins array" /tmp/com.apple.Safari.plist
/usr/libexec/PlistBuddy -c "Add :WhitelistedBlockedPlugins:0 dict" /tmp/com.apple.Safari.plist
/usr/libexec/PlistBuddy -c "Add :WhitelistedBlockedPlugins:0:PluginHostname string 'www.java.com'" /tmp/com.apple.Safari.plist
/usr/libexec/PlistBuddy -c "Add :WhitelistedBlockedPlugins:0:PluginIdentifier string 'com.oracle.java.JavaAppletPlugin'" /tmp/com.apple.Safari.plist
/usr/libexec/PlistBuddy -c "Add :WhitelistedBlockedPlugins:0:PluginLastVisitedDate date 'Wed Jul 10 12:00:00 PST 2013'" /tmp/com.apple.Safari.plist
/usr/libexec/PlistBuddy -c "Add :WhitelistedBlockedPlugins:0:PluginName string 'Java Applet Plug-in'" /tmp/com.apple.Safari.plist
/usr/libexec/PlistBuddy -c "Add :WhitelistedBlockedPlugins:0:PluginPageURL string 'http://www.java.com/en/download/testjava.jsp'" /tmp/com.apple.Safari.plist
/usr/libexec/PlistBuddy -c "Add :WhitelistedBlockedPlugins:0:PluginPolicy string 'PluginPolicyNeverBlock'" /tmp/com.apple.Safari.plist
/usr/libexec/PlistBuddy -c "Add :WhitelistedBlockedPlugins:1 dict" /tmp/com.apple.Safari.plist
/usr/libexec/PlistBuddy -c "Add :WhitelistedBlockedPlugins:1:PluginHostname string 'another.siteexample.com'" /tmp/com.apple.Safari.plist
/usr/libexec/PlistBuddy -c "Add :WhitelistedBlockedPlugins:1:PluginIdentifier string 'com.oracle.java.JavaAppletPlugin'" /tmp/com.apple.Safari.plist
/usr/libexec/PlistBuddy -c "Add :WhitelistedBlockedPlugins:1:PluginLastVisitedDate date 'Wed Jul 10 12:05:00 PST 2013'" /tmp/com.apple.Safari.plist
/usr/libexec/PlistBuddy -c "Add :WhitelistedBlockedPlugins:1:PluginName string 'Java Applet Plug-in'" /tmp/com.apple.Safari.plist
/usr/libexec/PlistBuddy -c "Add :WhitelistedBlockedPlugins:1:PluginPageURL string 'http://another.siteexample.com/some/path'" /tmp/com.apple.Safari.plist
/usr/libexec/PlistBuddy -c "Add :WhitelistedBlockedPlugins:1:PluginPolicy string 'PluginPolicyNeverBlock'" /tmp/com.apple.Safari.plist

# copy the modified plist back where Safari will then use it and convert it back to binary plist itself
cp /tmp/com.apple.Safari.plist ~/Library/Preferences/com.apple.Safari.plist

同样,作为参考,这是一种将已批准站点列表自动添加到 Safari 的方法。在看到需要更轻松地在客户端计算机上添加我们批准的站点并阅读http://nakedsecurity.sophos.com/2013/04/18/apple-updates-safari-gives-better-之后,我受到启发这样做控制-over-java-applet/

于 2013-07-12T20:05:48.543 回答