Stop using the nonce consistently for a URL

Nonces are now randomly generated, either in the page (for non-HTTP(S) pages) or by a background module which stores them by tab and frame IDs. In order to support the increased variance in nonce-generating methods and allow them to be loaded from the background, handle_page_actions is now invoked separately according to (non-)blocking mechanism.
author: jahoti <jahoti@tilde.team> 2021-07-12 00:00:00 +0000
committer: jahoti <jahoti@tilde.team> 2021-07-12 00:00:00 +0000
commit: dcfc78b0d175bee7b3b7e273282078d50bd4ca09 (patch)
tree: c5cc3a032ec1cdcc548bfdc8f0209c43bd14114d /background/policy_injector.js
parent: 0e002513d443ef7cddcc17acf178478844f609e9 (diff)
download: browser-extension-dcfc78b0d175bee7b3b7e273282078d50bd4ca09.tar.gz
browser-extension-dcfc78b0d175bee7b3b7e273282078d50bd4ca09.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/background/policy_injector.js b/background/policy_injector.js
index eb67963..9f79425 100644
--- a/background/policy_injector.js
+++ b/background/policy_injector.js
@@ -11,7 +11,7 @@
  * IMPORT get_storage
  * IMPORT browser
  * IMPORT is_chrome
- * IMPORT gen_unique
+ * IMPORT retrieve_nonce
  * IMPORT url_item
  * IMPORT get_query_best
  * IMPORT csp_rule
@@ -45,7 +45,7 @@ function inject(details)
 
     const [pattern, settings] = query_best(url);
 
-    const nonce = gen_unique(url);
+    const nonce = retrieve_nonce(details.tabId, details.frameId, true);
     const rule = csp_rule(nonce);
 
     var headers;
author	jahoti <jahoti@tilde.team>	2021-07-12 00:00:00 +0000
committer	jahoti <jahoti@tilde.team>	2021-07-12 00:00:00 +0000
commit	dcfc78b0d175bee7b3b7e273282078d50bd4ca09 (patch)
tree	c5cc3a032ec1cdcc548bfdc8f0209c43bd14114d /background/policy_injector.js
parent	0e002513d443ef7cddcc17acf178478844f609e9 (diff)
download	browser-extension-dcfc78b0d175bee7b3b7e273282078d50bd4ca09.tar.gz browser-extension-dcfc78b0d175bee7b3b7e273282078d50bd4ca09.zip