disable payload injection on non-html pages

5 files changed, 26 insertions, 1 deletions

diff --git a/content/activity_info_server.js b/content/activity_info_server.js
index 81a25fb..beecb1a 100644
--- a/content/activity_info_server.js
+++ b/content/activity_info_server.js
@@ -44,6 +44,11 @@ function report_settings(settings)
     report_activity("settings", settings);
 }
 
+function report_content_type(content_type)
+{
+    report_activity("content_type", content_type);
+}
+
 function report_repo_query_action(update, port)
 {
     report_activity_oneshot("repo_query_action", update, port);
@@ -91,5 +96,6 @@ function start_activity_info_server()
  * EXPORT start_activity_info_server
  * EXPORT report_script
  * EXPORT report_settings
+ * EXPORT report_content_type
  * EXPORTS_END
  */
diff --git a/content/main.js b/content/main.js
index 17b6b98..da215b9 100644
--- a/content/main.js
+++ b/content/main.js
@@ -147,3 +147,5 @@ if (!is_privileged_url(document.URL)) {
 
     start_activity_info_server();
 }
+
+console.log("content script");
diff --git a/content/page_actions.js b/content/page_actions.js
index bf76790..3799afd 100644
--- a/content/page_actions.js
+++ b/content/page_actions.js
@@ -11,12 +11,14 @@
  * IMPORT browser
  * IMPORT report_script
  * IMPORT report_settings
+ * IMPORT report_content_type
  * IMPORTS_END
  */
 
 let policy_received_callback;
-/* Snapshot url early because document.URL can be changed by other code. */
+/* Snapshot url and content type early; these can be changed by other code. */
 let url;
+let is_html;
 let port;
 let loaded = false;
 let scripts_awaiting = [];
@@ -52,6 +54,9 @@ function document_loaded(event)
 
 function add_script(script_text)
 {
+    if (!is_html)
+	return;
+
     let script = document.createElement("script");
     script.textContent = script_text;
     script.setAttribute("nonce", nonce);
@@ -64,6 +69,8 @@ function add_script(script_text)
 function handle_page_actions(script_nonce, policy_received_cb) {
     policy_received_callback = policy_received_cb;
     url = document.URL;
+    is_html = /html/.test(document.contentType);
+    report_content_type(document.contentType);
 
     document.addEventListener("DOMContentLoaded", document_loaded);
     port = browser.runtime.connect({name : CONNECTION_TYPE.PAGE_ACTIONS});
diff --git a/html/display-panel.html b/html/display-panel.html
index a8c52b6..1f6beb7 100644
--- a/html/display-panel.html
+++ b/html/display-panel.html
@@ -306,6 +306,11 @@
 		    </label>
 		  </td>
 		</tr>
+		<tr>
+		  <td id="content_type" colspan="3" class="hide">
+		    This is a non-HTML page. Chosen payload will not be injected.
+		  </td>
+		</tr>
 	      </tbody>
 	    </table>
 	    <label id="query_pattern" for="show_queried_view_radio" class="button">
diff --git a/html/display-panel.js b/html/display-panel.js
index ed96c07..66e51a6 100644
--- a/html/display-panel.js
+++ b/html/display-panel.js
@@ -230,6 +230,7 @@ const payload_buttons_div = by_id("payload_buttons");
 const view_payload_but = by_id("view_payload");
 const view_injected_but = by_id("view_injected");
 const container_for_injected = by_id("container_for_injected");
+const content_type_cell = by_id("content_type");
 
 const queried_items = new Map();
 
@@ -275,6 +276,10 @@ function handle_activity_report(message)
 	template.script_contents.textContent = data;
 	container_for_injected.appendChild(template.div);
     }
+    if (type === "content_type") {
+	if (!/html/.test(data))
+	    content_type_cell.classList.remove("hide");
+    }
     if (type === "repo_query_action") {
 	const key = data.prefix + data.item;
 	const results = queried_items.get(key) || {};