diff options
author | Wojtek Kosior <wk@koszkonutek-tmp.pl.eu.org> | 2021-05-12 17:25:57 +0200 |
---|---|---|
committer | Wojtek Kosior <wk@koszkonutek-tmp.pl.eu.org> | 2021-05-12 17:25:57 +0200 |
commit | 55fb3e4bd833f042a82657cc75e7e4c657402f9e (patch) | |
tree | c5198bfc075d680629850c7e47f45027581d8707 /background/policy_smuggler.js | |
parent | 9c246cfa2e30c2f7887472084b4ace4ab99b9819 (diff) | |
download | browser-extension-55fb3e4bd833f042a82657cc75e7e4c657402f9e.tar.gz browser-extension-55fb3e4bd833f042a82657cc75e7e4c657402f9e.zip |
use unique hashes when smuggling whitelist setting
Diffstat (limited to 'background/policy_smuggler.js')
-rw-r--r-- | background/policy_smuggler.js | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/background/policy_smuggler.js b/background/policy_smuggler.js index 6d0da38..180dcb7 100644 --- a/background/policy_smuggler.js +++ b/background/policy_smuggler.js @@ -15,6 +15,7 @@ const get_storage = window.get_storage; const browser = window.browser; const url_item = window.url_item; + const gen_unique = window.gen_unique; var storage; @@ -26,12 +27,14 @@ let first_target = match[3]; let second_target = match[4]; - if (first_target === "#myext-allow") { + let url = url_item(request.url); + let unique = gen_unique(url); + + if (first_target === unique) { console.log(["not redirecting"]); return {cancel : false}; } - let url = url_item(request.url); let settings = storage.get(TYPE_PREFIX.PAGE, url); console.log("got", storage.get(TYPE_PREFIX.PAGE, url), "for", url); if (settings === undefined || !settings.allow) @@ -40,10 +43,10 @@ second_target = (first_target || "") + (second_target || "") console.log(["redirecting", request.url, - (base_url + "#myext-allow" + second_target)]); + (base_url + unique + second_target)]); return { - redirectUrl : (base_url + "#myext-allow" + second_target) + redirectUrl : (base_url + unique + second_target) }; } |