summaryrefslogtreecommitdiff
path: root/content
diff options
context:
space:
mode:
authorWojtek Kosior <wk@koszkonutek-tmp.pl.eu.org>2021-05-12 17:25:57 +0200
committerWojtek Kosior <wk@koszkonutek-tmp.pl.eu.org>2021-05-12 17:25:57 +0200
commit55fb3e4bd833f042a82657cc75e7e4c657402f9e (patch)
treec5198bfc075d680629850c7e47f45027581d8707 /content
parent9c246cfa2e30c2f7887472084b4ace4ab99b9819 (diff)
downloadbrowser-extension-55fb3e4bd833f042a82657cc75e7e4c657402f9e.tar.gz
browser-extension-55fb3e4bd833f042a82657cc75e7e4c657402f9e.zip
use unique hashes when smuggling whitelist setting
Diffstat (limited to 'content')
-rw-r--r--content/main.js8
1 files changed, 7 insertions, 1 deletions
diff --git a/content/main.js b/content/main.js
index 282c7b5..c7f57bb 100644
--- a/content/main.js
+++ b/content/main.js
@@ -12,6 +12,8 @@
(() => {
const handle_page_actions = window.handle_page_actions;
+ const url_item = window.url_item;
+ const gen_unique = window.gen_unique;
var url_re = /^([^#]*)((#[^#]*)(#.*)?)?$/;
var match = url_re.exec(document.URL);
@@ -19,9 +21,13 @@
var first_target = match[3];
var second_target = match[4];
+ // TODO: can be refactored *a little bit* with policy_smuggler.js
+ let url = url_item(document.URL);
+ let unique = gen_unique(url);
+
var block = true;
if (first_target !== undefined &&
- first_target === "#myext-allow") {
+ first_target === unique) {
block = false;
console.log(["allowing", document.URL]);
if (second_target !== undefined)