diff options
Diffstat (limited to 'common')
| -rw-r--r-- | common/misc.js | 26 |
1 files changed, 13 insertions, 13 deletions
diff --git a/common/misc.js b/common/misc.js index 825a117..036eb45 100644 --- a/common/misc.js +++ b/common/misc.js @@ -35,9 +35,9 @@ function gen_unique(url) function get_secure_salt() { if (is_chrome) - return browser.runtime.getManifest().key.substring(0, 36); + return browser.runtime.getManifest().key.substring(0, 50); else - return browser.runtime.getURL("dummy").substr(16, 36); + return browser.runtime.getURL("dummy"); } /* @@ -107,19 +107,19 @@ function is_privileged_url(url) /* Extract any policy present in the URL */ function url_extract_policy(url) { + var policy_string; const targets = url_extract_target(url); - const key = '#' + get_secure_salt(); - targets.sig = key + gen_unique(targets.base_url); - if (targets.target && targets.target.startsWith(key)) { - targets.signed = true; - if (targets.target.startsWith(targets.sig)) - try { - const policy_string = targets.target.substring(101); - targets.policy = JSON.parse(decodeURIComponent(policy_string)); - } catch (e) { - /* TODO what should happen here? */ - } + try { + policy_string = targets.target.substring(65); + targets.policy = JSON.parse(decodeURIComponent(policy_string)); + } catch (e) { + /* TODO what should happen here? */ + } + + if (targets.policy) { + const sig = gen_unique(policy_string + targets.base_url); + targets.valid_sig = targets.target.substring(1, 65) === sig; } return targets; |