summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--background/policy_injector.js3
-rwxr-xr-xbuild.sh19
-rw-r--r--common/misc.js2
-rw-r--r--content/main.js5
4 files changed, 20 insertions, 9 deletions
diff --git a/background/policy_injector.js b/background/policy_injector.js
index 947812e..702f879 100644
--- a/background/policy_injector.js
+++ b/background/policy_injector.js
@@ -33,7 +33,6 @@ const report_only = "content-security-policy-report-only";
function headers_inject(details)
{
- console.log("ijnector details", details);
const url = details.url;
if (is_privileged_url(url))
return;
@@ -70,7 +69,7 @@ function headers_inject(details)
headers.push(hachette_header);
}
- orig_csp_headers ||=
+ orig_csp_headers = orig_csp_headers ||
headers.filter(h => csp_header_names.has(h.name.toLowerCase()));
headers = headers.filter(h => !csp_header_names.has(h.name.toLowerCase()));
diff --git a/build.sh b/build.sh
index 941ce1e..31f3dec 100755
--- a/build.sh
+++ b/build.sh
@@ -267,9 +267,24 @@ $(map_get EXPORTCODES $FILEKEY)
done
if [ "$BROWSER" = "chromium" ]; then
- echo "window.killtheweb={is_chrome: true, browser: window.chrome};" > $BUILDDIR/exports_init.js
+ cat > $BUILDDIR/exports_init.js <<EOF
+window.killtheweb={is_chrome: true, browser: window.chrome};
+EOF
else
- echo "window.killtheweb={is_mozilla: true, browser: this.browser};" > $BUILDDIR/exports_init.js
+ cat > $BUILDDIR/exports_init.js <<EOF
+/* Polyfill for IceCat 60. */
+String.prototype.matchAll = String.prototype.matchAll || function(regex) {
+ if (regex.flags.search("g") === -1)
+ throw new TypeError("String.prototype.matchAll called with a non-global RegExp argument");
+
+ for (const matches = [];;) {
+ if (matches[matches.push(regex.exec(this)) - 1] === null)
+ return matches.splice(0, matches.length - 1);
+ }
+}
+
+window.killtheweb={is_mozilla: true, browser: this.browser};
+EOF
fi
cp -r copyright licenses/ $BUILDDIR
diff --git a/common/misc.js b/common/misc.js
index 39c696f..6e825d6 100644
--- a/common/misc.js
+++ b/common/misc.js
@@ -56,7 +56,7 @@ function get_secure_salt()
function extract_signed(signature, data, times)
{
const now = new Date();
- times ||= [[now], [now, -1]];
+ times = times || [[now], [now, -1]];
const reductor =
(ok, time) => ok || signature === sign_data(data, ...time);
diff --git a/content/main.js b/content/main.js
index 8adcd48..164ebe3 100644
--- a/content/main.js
+++ b/content/main.js
@@ -84,8 +84,6 @@ function block_script(node)
function inject_csp(head)
{
- console.log('injecting CSP');
-
let meta = document.createElement("meta");
meta.setAttribute("http-equiv", "Content-Security-Policy");
meta.setAttribute("content", csp_rule(nonce));
@@ -102,9 +100,8 @@ if (!is_privileged_url(document.URL)) {
const matches = [...document.cookie.matchAll(/hachette-(\w*)=([^;]*)/g)];
let [policy, signature] = matches.reduce(reductor, []);
- console.log("extracted policy", [signature, policy]);
if (!policy || policy.url !== document.URL) {
- console.log("using default policy");
+ console.log("WARNING! Using default policy!!!");
policy = {allow: false, nonce: gen_nonce()};
}