aboutsummaryrefslogtreecommitdiff
path: root/background/policy_injector.js
diff options
context:
space:
mode:
Diffstat (limited to 'background/policy_injector.js')
-rw-r--r--background/policy_injector.js114
1 files changed, 60 insertions, 54 deletions
diff --git a/background/policy_injector.js b/background/policy_injector.js
index d4d22b6..f05a422 100644
--- a/background/policy_injector.js
+++ b/background/policy_injector.js
@@ -5,71 +5,77 @@
* Redistribution terms are gathered in the `copyright' file.
*/
-"use strict";
+/*
+ * IMPORTS_START
+ * IMPORT TYPE_PREFIX
+ * IMPORT get_storage
+ * IMPORT browser
+ * IMPORT is_chrome
+ * IMPORT gen_unique
+ * IMPORT url_item
+ * IMPORT get_query_best
+ * IMPORTS_END
+ */
-(() => {
- const TYPE_PREFIX = window.TYPE_PREFIX;
- const get_storage = window.get_storage;
- const browser = window.browser;
- const is_chrome = window.is_chrome;
- const gen_unique = window.gen_unique;
- const url_item = window.url_item;
- const get_query_best = window.get_query_best;
+var storage;
+var query_best;
- var storage;
- var query_best;
+let csp_header_names = {
+ "content-security-policy" : true,
+ "x-webkit-csp" : true,
+ "x-content-security-policy" : true
+};
- let csp_header_names = {
- "content-security-policy" : true,
- "x-webkit-csp" : true,
- "x-content-security-policy" : true
- };
+function is_noncsp_header(header)
+{
+ return !csp_header_names[header.name.toLowerCase()];
+}
- function is_noncsp_header(header)
- {
- return !csp_header_names[header.name.toLowerCase()];
- }
+function inject(details)
+{
+ let url = url_item(details.url);
- function inject(details)
- {
- let url = url_item(details.url);
+ let [pattern, settings] = query_best(url);
- let [pattern, settings] = query_best(url);
+ if (settings !== undefined && settings.allow)
+ return {cancel : false};
- if (settings !== undefined && settings.allow) {
- console.log("allowing", url);
- return {cancel : false};
- }
+ let nonce = gen_unique(url).substring(1);
+ let headers = details.responseHeaders.filter(is_noncsp_header);
- let nonce = gen_unique(url).substring(1);
- let headers = details.responseHeaders.filter(is_noncsp_header);
- headers.push({
- name : "content-security-policy",
- value : `script-src 'nonce-${nonce}'; script-src-elem 'nonce-${nonce}';`
- });
+ let rule = `script-src 'nonce-${nonce}';`;
+ if (is_chrome)
+ rule += `script-src-elem 'nonce-${nonce}';`;
- console.log("modified headers", url, headers);
+ headers.push({
+ name : "content-security-policy",
+ value : rule
+ });
- return {responseHeaders: headers};
- }
+ return {responseHeaders: headers};
+}
- async function start() {
- storage = await get_storage();
- query_best = await get_query_best();
+async function start_policy_injector()
+{
+ storage = await get_storage();
+ query_best = await get_query_best();
- let extra_opts = ["blocking", "responseHeaders"];
- if (is_chrome)
- extra_opts.push("extraHeaders");
+ let extra_opts = ["blocking", "responseHeaders"];
+ if (is_chrome)
+ extra_opts.push("extraHeaders");
- browser.webRequest.onHeadersReceived.addListener(
- inject,
- {
- urls: ["<all_urls>"],
- types: ["main_frame", "sub_frame"]
- },
- extra_opts
- );
- }
+ browser.webRequest.onHeadersReceived.addListener(
+ inject,
+ {
+ urls: ["<all_urls>"],
+ types: ["main_frame", "sub_frame"]
+ },
+ extra_opts
+ );
+}
- window.start_policy_injector = start;
-})();
+/*
+ * EXPORTS_START
+ * EXPORT start_policy_injector
+ * EXPORTS_END
+ */
generated by cgit