1 files changed, 13 insertions, 13 deletions

diff --git a/common/misc.js b/common/misc.js
index 825a117..036eb45 100644
--- a/common/misc.js
+++ b/common/misc.js
@@ -35,9 +35,9 @@ function gen_unique(url)
 function get_secure_salt()
 {
     if (is_chrome)
-	return browser.runtime.getManifest().key.substring(0, 36);
+	return browser.runtime.getManifest().key.substring(0, 50);
     else
-	return browser.runtime.getURL("dummy").substr(16, 36);
+	return browser.runtime.getURL("dummy");
 }
 
 /*
@@ -107,19 +107,19 @@ function is_privileged_url(url)
 /* Extract any policy present in the URL */
 function url_extract_policy(url)
 {
+    var policy_string;
     const targets = url_extract_target(url);
-    const key = '#' + get_secure_salt();
-    targets.sig = key + gen_unique(targets.base_url);
     
-    if (targets.target && targets.target.startsWith(key)) {
-	targets.signed = true;
-	if (targets.target.startsWith(targets.sig))
-	    try {
-		const policy_string = targets.target.substring(101);
-		targets.policy = JSON.parse(decodeURIComponent(policy_string));
-	    } catch (e) {
-		/* TODO what should happen here? */
-	    }
+    try {
+	policy_string = targets.target.substring(65);
+	targets.policy = JSON.parse(decodeURIComponent(policy_string));
+    } catch (e) {
+	/* TODO what should happen here? */
+    }
+    
+    if (targets.policy) {
+	const sig = gen_unique(policy_string + targets.base_url);
+	targets.valid_sig = targets.target.substring(1, 65) === sig;
     }
 
     return targets;