From 96068ada37bfa1d7e6485551138ba36600664caf Mon Sep 17 00:00:00 2001
From: Wojtek Kosior <koszko@koszko.org>
Date: Sat, 20 Nov 2021 18:29:59 +0100
Subject: replace cookies with synchronous XmlHttpRequest as policy smuggling
 method.

Note: this breaks Mozilla port of Haketilo. Synchronous XmlHttpRequest doesn't work as well there. This will be fixed with dynamically-registered content scripts later.
---
 background/stream_filter.js | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

(limited to 'background/stream_filter.js')

diff --git a/background/stream_filter.js b/background/stream_filter.js
index e5e0827..e5d124c 100644
--- a/background/stream_filter.js
+++ b/background/stream_filter.js
@@ -174,8 +174,7 @@ function filter_data(properties, event)
 	 * as harmless anyway).
 	 */
 
-	const dummy_script =
-	      `<script data-haketilo-deleteme="${properties.policy.nonce}" nonce="${properties.policy.nonce}">null</script>`;
+	const dummy_script = `<script>null</script>`;
 	const doctype_decl = /^(\s*<!doctype[^<>"']*>)?/i.exec(decoded)[0];
 	decoded = doctype_decl + dummy_script +
 	    decoded.substring(doctype_decl.length);
@@ -189,11 +188,10 @@ function filter_data(properties, event)
 
 function apply_stream_filter(details, headers, policy)
 {
-    if (!policy.has_payload)
+    if (!policy.payload)
 	return headers;
 
     const properties = properties_from_headers(headers);
-    properties.policy = policy;
 
     properties.filter =
 	browser.webRequest.filterResponseData(details.requestId);
-- 
cgit v1.2.3