From 55fb3e4bd833f042a82657cc75e7e4c657402f9e Mon Sep 17 00:00:00 2001
From: Wojtek Kosior <wk@koszkonutek-tmp.pl.eu.org>
Date: Wed, 12 May 2021 17:25:57 +0200
Subject: use unique hashes when smuggling whitelist setting

---
 background/policy_smuggler.js | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

(limited to 'background/policy_smuggler.js')

diff --git a/background/policy_smuggler.js b/background/policy_smuggler.js
index 6d0da38..180dcb7 100644
--- a/background/policy_smuggler.js
+++ b/background/policy_smuggler.js
@@ -15,6 +15,7 @@
     const get_storage = window.get_storage;
     const browser = window.browser;
     const url_item = window.url_item;
+    const gen_unique = window.gen_unique;
 
     var storage;
 
@@ -26,12 +27,14 @@
 	let first_target = match[3];
 	let second_target = match[4];
 
-	if (first_target === "#myext-allow") {
+	let url = url_item(request.url);
+	let unique = gen_unique(url);
+
+	if (first_target === unique) {
 	    console.log(["not redirecting"]);
 	    return {cancel : false};
 	}
 
-	let url = url_item(request.url);
 	let settings = storage.get(TYPE_PREFIX.PAGE, url);
 	console.log("got", storage.get(TYPE_PREFIX.PAGE, url), "for", url);
 	if (settings === undefined || !settings.allow)
@@ -40,10 +43,10 @@
 	second_target = (first_target || "") + (second_target || "")
 
 	console.log(["redirecting", request.url,
-		     (base_url + "#myext-allow" + second_target)]);
+		     (base_url + unique + second_target)]);
 
 	return {
-	    redirectUrl : (base_url + "#myext-allow" + second_target)
+	    redirectUrl : (base_url + unique + second_target)
 	};
     }
 
-- 
cgit v1.2.3