From aacacbb831c5658fc10b142c3b71efff7a7bdbc1 Mon Sep 17 00:00:00 2001
From: Wojtek Kosior <koszko@koszko.org>
Date: Wed, 9 Mar 2022 12:55:57 +0100
Subject: improvement to also properly sanitize intrinsics in XML documents
 under older browsers (IceCat 60)

---
 content/policy_enforcing.js | 19 ++++++++-----------
 1 file changed, 8 insertions(+), 11 deletions(-)

(limited to 'content')

diff --git a/content/policy_enforcing.js b/content/policy_enforcing.js
index 53f418f..e230537 100644
--- a/content/policy_enforcing.js
+++ b/content/policy_enforcing.js
@@ -271,6 +271,8 @@ function MOSanitizer(root) {
 }
 
 MOSanitizer.prototype.observe = function() {
+    this.mo.disconnect();
+
     let elem = this.root;
     while (elem && !elem.haketilo_trusted_node) {
 	this.mo.observe(elem, {childList: true});
@@ -284,7 +286,6 @@ MOSanitizer.prototype.handle_mutations = function(mutations) {
 	    this.recursively_sanitize(new_node);
     }
 
-    this.mo.disconnect();
     this.observe();
 }
 
@@ -355,17 +356,8 @@ async function sanitize_document(doc, policy) {
     substitute_doc.addEventListener(...listener_args);
 
     wait_loaded(doc).then(() => doc.removeEventListener(...listener_args));
-
-    sanitize_tree_urls(doc.documentElement);
-    sanitize_tree_onevent(doc.documentElement);
 #ENDIF
 
-    if (!doc.content_loaded) {
-	const sanitizer = new MOSanitizer(doc.documentElement);
-	sanitizer.start();
-	wait_loaded(doc).then(() => sanitizer.stop());
-    }
-
     /*
      * Ensure our CSP rules are employed from the beginning. This CSP injection
      * method is, when possible, going to be applied together with CSP rules
@@ -399,12 +391,17 @@ async function sanitize_document(doc, policy) {
     substitute_doc.documentElement.replaceWith(root);
 #ENDIF
 
+    const sanitizer = new MOSanitizer(root);
+    sanitizer.start();
+    wait_loaded(doc).then(() => sanitizer.stop());
+
     /*
      * When we don't inject payload, we neither block document's CSP `<meta>'
      * tags nor wait for `<head>' to be parsed.
      */
     if (policy.payload) {
-	await wait_for_head(doc, root);
+	if (doc instanceof HTMLDocument)
+	    await wait_for_head(doc, root);
 
 	root.querySelectorAll("head meta")
 	    .forEach(m => sanitize_meta(m, policy));
-- 
cgit v1.2.3