aboutsummaryrefslogtreecommitdiff
path: root/background/policy_injector.js
diff options
context:
space:
mode:
authorjahoti <jahoti@tilde.team>2021-07-12 00:00:00 +0000
committerjahoti <jahoti@tilde.team>2021-07-12 00:00:00 +0000
commitdcfc78b0d175bee7b3b7e273282078d50bd4ca09 (patch)
treec5cc3a032ec1cdcc548bfdc8f0209c43bd14114d /background/policy_injector.js
parent0e002513d443ef7cddcc17acf178478844f609e9 (diff)
downloadbrowser-extension-dcfc78b0d175bee7b3b7e273282078d50bd4ca09.tar.gz
browser-extension-dcfc78b0d175bee7b3b7e273282078d50bd4ca09.zip
Stop using the nonce consistently for a URL
Nonces are now randomly generated, either in the page (for non-HTTP(S) pages) or by a background module which stores them by tab and frame IDs. In order to support the increased variance in nonce-generating methods and allow them to be loaded from the background, handle_page_actions is now invoked separately according to (non-)blocking mechanism.
Diffstat (limited to 'background/policy_injector.js')
-rw-r--r--background/policy_injector.js4
1 files changed, 2 insertions, 2 deletions
diff --git a/background/policy_injector.js b/background/policy_injector.js
index eb67963..9f79425 100644
--- a/background/policy_injector.js
+++ b/background/policy_injector.js
@@ -11,7 +11,7 @@
* IMPORT get_storage
* IMPORT browser
* IMPORT is_chrome
- * IMPORT gen_unique
+ * IMPORT retrieve_nonce
* IMPORT url_item
* IMPORT get_query_best
* IMPORT csp_rule
@@ -45,7 +45,7 @@ function inject(details)
const [pattern, settings] = query_best(url);
- const nonce = gen_unique(url);
+ const nonce = retrieve_nonce(details.tabId, details.frameId, true);
const rule = csp_rule(nonce);
var headers;