From 96068ada37bfa1d7e6485551138ba36600664caf Mon Sep 17 00:00:00 2001
From: Wojtek Kosior <koszko@koszko.org>
Date: Sat, 20 Nov 2021 18:29:59 +0100
Subject: replace cookies with synchronous XmlHttpRequest as policy smuggling
 method.

Note: this breaks Mozilla port of Haketilo. Synchronous XmlHttpRequest doesn't work as well there. This will be fixed with dynamically-registered content scripts later.
---
 background/page_actions_server.js | 32 +++++---------------------------
 1 file changed, 5 insertions(+), 27 deletions(-)

(limited to 'background/page_actions_server.js')

diff --git a/background/page_actions_server.js b/background/page_actions_server.js
index 156a79f..74783c9 100644
--- a/background/page_actions_server.js
+++ b/background/page_actions_server.js
@@ -16,34 +16,12 @@
  * IMPORT browser
  * IMPORT listen_for_connection
  * IMPORT sha256
- * IMPORT query_best
  * IMPORT make_ajax_request
  * IMPORTS_END
  */
 
 var storage;
 var handler;
-let policy_observable;
-
-function send_actions(url, port)
-{
-    const [pattern, queried_settings] = query_best(storage, url);
-
-    const settings = {allow: policy_observable && policy_observable.value};
-    Object.assign(settings, queried_settings);
-    if (settings.components)
-	settings.allow = false;
-
-    const repos = storage.get_all(TYPE_PREFIX.REPO);
-
-    port.postMessage(["settings", [pattern, settings, repos]]);
-
-    const components = settings.components;
-    const processed_bags = new Set();
-
-    if (components !== undefined)
-	send_scripts([components], port, processed_bags);
-}
 
 // TODO: parallelize script fetching
 async function send_scripts(components, port, processed_bags)
@@ -116,9 +94,11 @@ async function fetch_remote_script(script_data)
 function handle_message(port, message, handler)
 {
     port.onMessage.removeListener(handler[0]);
-    let url = message.url;
-    console.log({url});
-    send_actions(url, port);
+    console.debug(`Loading payload '${message.payload}'.`);
+
+    const processed_bags = new Set();
+
+    send_scripts([message.payload], port, processed_bags);
 }
 
 function new_connection(port)
@@ -134,8 +114,6 @@ async function start_page_actions_server()
     storage = await get_storage();
 
     listen_for_connection(CONNECTION_TYPE.PAGE_ACTIONS, new_connection);
-
-    policy_observable = await light_storage.observe_var("default_allow");
 }
 
 /*
-- 
cgit v1.2.3