summaryrefslogtreecommitdiff
path: root/content
diff options
context:
space:
mode:
authorWojtek Kosior <koszko@koszko.org>2022-03-24 20:42:10 +0100
committerWojtek Kosior <koszko@koszko.org>2022-03-26 22:17:59 +0100
commitfba67f09ddedda6182d35b2fa1478115dc766905 (patch)
treeee5296db17bcdc89d130bbeca02d514be76f60b5 /content
parent60c0b4fe97192617a753a9f39b89ecb166405de9 (diff)
downloadbrowser-extension-fba67f09ddedda6182d35b2fa1478115dc766905.tar.gz
browser-extension-fba67f09ddedda6182d35b2fa1478115dc766905.zip
allow injected scripts to bypass CORS using provided API
Diffstat (limited to 'content')
-rw-r--r--content/haketilo_apis.js28
1 files changed, 28 insertions, 0 deletions
diff --git a/content/haketilo_apis.js b/content/haketilo_apis.js
index 36e987d..772e843 100644
--- a/content/haketilo_apis.js
+++ b/content/haketilo_apis.js
@@ -43,7 +43,35 @@
*/
#FROM common/browser.js IMPORT browser
+#FROM common/misc.js IMPORT error_data_jsonifiable
+
+async function on_CORS_bypass(event) {
+ const name = "haketilo_CORS_bypass";
+
+ console.warn("delme event", event.detail);
+
+ if (typeof event.detail.id !== "string" ||
+ typeof event.detail.data !== "string") {
+ console.error(`Haketilo: Invalid detail for ${name}:`,
+ event.detail);
+ return;
+ }
+
+ try {
+ const data = JSON.parse(event.detail.data);
+ var result = await browser.runtime.sendMessage(["CORS_bypass", data]);
+ if (result === undefined)
+ throw new Error("Couldn't communicate with Haketilo background script.");
+ } catch(e) {
+ var result = {error: error_data_jsonifiable(e)};
+ }
+
+ const response_name = `${name}-${event.detail.id}`;
+ const detail = JSON.stringify(result);
+ window.dispatchEvent(new CustomEvent(response_name, {detail}));
+}
function start() {
+ window.addEventListener("haketilo_CORS_bypass", on_CORS_bypass);
}
#EXPORT start