aboutsummaryrefslogtreecommitdiff
path: root/background
diff options
context:
space:
mode:
Diffstat (limited to 'background')
-rw-r--r--background/policy_injector.js65
1 files changed, 32 insertions, 33 deletions
diff --git a/background/policy_injector.js b/background/policy_injector.js
index 2cd7b6e..ee97333 100644
--- a/background/policy_injector.js
+++ b/background/policy_injector.js
@@ -15,8 +15,9 @@
* IMPORT is_mozilla
* IMPORT gen_unique
* IMPORT gen_nonce
+ * IMPORT is_privileged_url
* IMPORT url_item
- * IMPORT url_extract_policy
+ * IMPORT url_extract_target
* IMPORT sign_policy
* IMPORT get_query_best
* IMPORT csp_rule
@@ -39,27 +40,24 @@ function is_csp_header(header)
return !!csp_header_names[header.name.toLowerCase()];
}
-function is_our_header(header, rule)
-{
- return header.value === rule
-}
-
function url_inject(details)
{
- const targets = url_extract_policy(details.url);
- if (targets.current) {
+ if (is_privileged_url(details.url))
return;
- } else if (targets.policy) {
- /* Redirect; update policy */
- targets.target = targets.target2;
- delete targets.target2
- }
+
+ const targets = url_extract_target(details.url);
+ if (targets.current)
+ return;
+
+ /* Redirect; update policy */
+ if (targets.policy)
+ targets.target = "";
let [pattern, settings] = query_best(targets.base_url);
+ /* Defaults */
if (!pattern)
- /* Defaults */
settings = {};
-
+
const policy = encodeURIComponent(
JSON.stringify({
allow: settings.allow,
@@ -67,39 +65,40 @@ function url_inject(details)
base_url: targets.base_url
})
);
-
- let redirect_url = targets.base_url;
- redirect_url += '#' + sign_policy(policy, new Date()) + policy;
- if (targets.target)
- redirect_url += targets.target;
- if (targets.target2)
- redirect_url += targets.target2;
-
- return {redirectUrl: redirect_url};
+
+ return {
+ redirectUrl: [
+ targets.base_url,
+ '#', sign_policy(policy, new Date()), policy,
+ targets.target,
+ targets.target2
+ ].join("")
+ };
}
-function inject(details)
+function headers_inject(details)
{
- const targets = url_extract_policy(details.url);
+ const targets = url_extract_target(details.url);
+ /* Block mis-/unsigned requests */
if (!targets.current)
- /* Block mis-/unsigned requests */
return {cancel: true};
const rule = csp_rule(targets.policy.nonce);
var headers = details.responseHeaders;
+ /*
+ * Chrome doesn't have the buggy behavior of caching headers
+ * we injected. Firefox does and we have to remove it there.
+ */
if (!targets.policy.allow || is_mozilla)
- /*
- * Chrome doesn't have the buggy behavior of caching headers
- * we injected. Firefox does and we have to remove it there.
- */
headers = headers.filter(h => !is_csp_header(h));
- if (!targets.policy.allow)
+ if (!targets.policy.allow) {
headers.push({
name : header_name,
value : rule
});
+ }
return {responseHeaders: headers};
}
@@ -123,7 +122,7 @@ async function start_policy_injector()
);
browser.webRequest.onHeadersReceived.addListener(
- inject,
+ headers_inject,
{
urls: ["<all_urls>"],
types: ["main_frame", "sub_frame"]